urlscan.io logo urlscan.io
SecurityTrails logo

liverhealthsupport.com Open in urlscan Pro
198.211.101.149  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.doityourselfhealthcare.com/?ids=Mzg2ODI1NjAz__MTMwODk=__MTA2MDMwMzM=__NTc2__185&t=c&url=aHR0cHMlM0ElMkYlMkZobHRoc29sLmNvbSU...
Effective URL: https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affi...
Submission: On December 28 via api from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 65 IPs in 9 countries across 54 domains to perform 117 HTTP transactions. The main IP is 198.211.101.149, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is liverhealthsupport.com. The Cisco Umbrella rank of the primary domain is 489009.
TLS certificate: Issued by R3 on December 27th 2022. Valid for: 3 months.
This is the only time liverhealthsupport.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 170.187.185.18 63949 (AKAMAI-AP...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
5 198.211.101.149 14061 (DIGITALOC...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.5.162.24 14618 (AMAZON-AES)
3 52.54.104.83 14618 (AMAZON-AES)
16 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2 142.250.186.38 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
3 2a02:2638:1::d 44788 (ASN-CRITE...)
1 2a02:2638:1::3 44788 (ASN-CRITE...)
5 104.126.37.42 20940 (AKAMAI-ASN1)
2 35.244.130.28 15169 (GOOGLE)
1 13.32.118.208 16509 (AMAZON-02)
1 37.157.2.249 198622 (ADFORM)
1 146.75.120.157 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 5 2a02:2638:1::13 44788 (ASN-CRITE...)
1 104.244.42.133 13414 (TWITTER)
1 104.244.42.131 13414 (TWITTER)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 18.66.92.153 16509 (AMAZON-02)
1 178.250.2.146 44788 (ASN-CRITE...)
3 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2 37.157.3.28 198622 (ADFORM)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 178.250.2.151 44788 (ASN-CRITE...)
1 74.119.119.150 19750 (AS-CRITEO)
1 2 18.197.41.16 16509 (AMAZON-02)
1 1 216.58.212.162 15169 (GOOGLE)
2 178.250.0.163 44788 (ASN-CRITE...)
2 2 37.252.171.149 29990 (ASN-APPNEX)
1 2 104.18.33.19 13335 (CLOUDFLAR...)
1 2 35.158.55.96 16509 (AMAZON-02)
1 184.30.20.22 16625 (AKAMAI-AS)
1 70.42.32.31 22075 (AS-OUTBRAIN)
1 69.173.144.138 26667 (RUBICONPR...)
1 3.64.18.221 16509 (AMAZON-02)
1 185.86.137.133 201081 (SMARTADSE...)
1 141.226.228.48 200478 (TABOOLA-AS)
1 23.218.209.56 16625 (AKAMAI-AS)
1 13.248.245.213 16509 (AMAZON-02)
1 2 3.126.56.137 16509 (AMAZON-02)
1 18.156.32.70 16509 (AMAZON-02)
1 37.157.4.24 198622 (ADFORM)
1 185.255.84.153 200271 (IGUANE-)
1 2 52.209.194.100 16509 (AMAZON-02)
1 141.95.98.64 16276 (OVH)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 18.196.167.117 16509 (AMAZON-02)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 85.215.5.31 6786 (CRONON-BE...)
1 96.16.132.239 16625 (AKAMAI-AS)
1 54.155.179.95 16509 (AMAZON-02)
1 54.155.45.178 16509 (AMAZON-02)
1 18.188.123.24 16509 (AMAZON-02)
117 65
1    170.187.185.18 (Frankfurt am Main, Germany)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: vsrv379.armadaservers.com
click.doityourselfhealthcare.com
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
hlthsol.com
5    198.211.101.149 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
liverhealthsupport.com
2    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube-nocookie.com
1    52.5.162.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-162-24.compute-1.amazonaws.com
secure.liverhealthformula.com
3    52.54.104.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-104-83.compute-1.amazonaws.com
secure2.liverhealthformula.com
16    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
www.youtube-nocookie.com
3    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
10720395.fls.doubleclick.net
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
3    2a02:2638:1::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dynamic.criteo.com
1    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
5    104.126.37.42 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-42.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    35.244.130.28 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 28.130.244.35.bc.googleusercontent.com
www.ibph4trk.com
1    13.32.118.208 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-118-208.fra60.r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
1    37.157.2.249 (Denmark)

ASN198622 (ADFORM, DK)
s2.adform.net
1    146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:400d:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
1    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
8    18.66.92.153 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-92-153.fra56.r.cloudfront.net
d1pqvb2h9xgm7r.cloudfront.net
1    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:4c::8 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
rr3---sn-4g5e6nzs.googlevideo.com
2    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
a1.adform.net
1    2a00:1450:400d:806::2016 (Ireland)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
1    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
widget.us.criteo.com
2    18.197.41.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-41-16.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
cm.g.doubleclick.net
2    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)
r.casalemedia.com
2    35.158.55.96 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-55-96.eu-central-1.compute.amazonaws.com
ad.360yield.com
1    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
1    70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    3.64.18.221 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-18-221.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
1    23.218.209.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-56.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
1    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    18.156.32.70 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-32-70.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
1    37.157.4.24 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    185.255.84.153 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    52.209.194.100 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-194-100.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
1    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
1    18.196.167.117 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-167-117.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    2600:1f18:612b:4264:67a8:6f4b:2275:f8f4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
1    85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)
a.twiago.com
1    96.16.132.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-132-239.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    54.155.179.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-179-95.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
1    54.155.45.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-45-178.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    18.188.123.24 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-188-123-24.us-east-2.compute.amazonaws.com
s.thebrighttag.com
Apex Domain
Subdomains		 Transfer
15 youtube-nocookie.com
www.youtube-nocookie.com — Cisco Umbrella Rank: 4491
867 KB
13 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 3402
gum.criteo.com — Cisco Umbrella Rank: 446
mug.criteo.com — Cisco Umbrella Rank: 1856
sslwidget.criteo.com — Cisco Umbrella Rank: 1805
widget.us.criteo.com — Cisco Umbrella Rank: 15680
dis.criteo.com — Cisco Umbrella Rank: 903
58 KB
9 cloudfront.net
d9i5ve8f04qxt.cloudfront.net
d1pqvb2h9xgm7r.cloudfront.net
21 KB
5 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 883
102 KB
5 liverhealthsupport.com
liverhealthsupport.com — Cisco Umbrella Rank: 489009
296 KB
4 googlevideo.com
rr3---sn-4g5e6nzs.googlevideo.com — Cisco Umbrella Rank: 49247
229 KB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 323
30 KB
4 adform.net
s2.adform.net — Cisco Umbrella Rank: 5408
a1.adform.net — Cisco Umbrella Rank: 12368
cm.adform.net — Cisco Umbrella Rank: 1979
32 KB
4 doubleclick.net
10720395.fls.doubleclick.net — Cisco Umbrella Rank: 364252
stats.g.doubleclick.net — Cisco Umbrella Rank: 179
cm.g.doubleclick.net — Cisco Umbrella Rank: 321
3 KB
4 liverhealthformula.com
secure.liverhealthformula.com — Cisco Umbrella Rank: 849313
secure2.liverhealthformula.com — Cisco Umbrella Rank: 895235
4 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
218 B
3 google.com
www.google.com — Cisco Umbrella Rank: 16
adservice.google.com — Cisco Umbrella Rank: 142
15 KB
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 619
12 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 103
67 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 301
2 KB
2 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 405
507 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 796
853 B
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1696
2 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 318
2 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 411
876 B
2 google.de
www.google.de — Cisco Umbrella Rank: 3658
adservice.google.de — Cisco Umbrella Rank: 5450
1 KB
2 gstatic.com
fonts.gstatic.com
31 KB
2 ibph4trk.com
www.ibph4trk.com — Cisco Umbrella Rank: 353914
18 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 173
114 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 98
63 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 123
136 KB
2 hlthsol.com
hlthsol.com — Cisco Umbrella Rank: 472687
2 KB
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 2499
268 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 803
338 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2264
220 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 3757
525 B
1 twiago.com
a.twiago.com — Cisco Umbrella Rank: 24678
153 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2637
183 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 882
579 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1465
879 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 2735
274 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 522
1 KB
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 1031
235 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 1005
55 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 497
140 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 2081
172 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1303
99 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 721
163 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 717
35 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 452
239 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 923
145 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 788
785 B
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 105
58 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 204
2 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 981
724 B
1 t.co
t.co — Cisco Umbrella Rank: 633
376 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1013
15 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 743
14 KB
1 doityourselfhealthcare.com
click.doityourselfhealthcare.com
379 B
117 54
Domain Requested by
15 www.youtube-nocookie.com liverhealthsupport.com
www.youtube-nocookie.com
8 d1pqvb2h9xgm7r.cloudfront.net d9i5ve8f04qxt.cloudfront.net
5 gum.criteo.com 4 redirects dynamic.criteo.com
5 analytics.tiktok.com click.doityourselfhealthcare.com
analytics.tiktok.com
5 liverhealthsupport.com hlthsol.com
liverhealthsupport.com
4 rr3---sn-4g5e6nzs.googlevideo.com www.youtube-nocookie.com
4 jnn-pa.googleapis.com www.youtube-nocookie.com
3 www.facebook.com liverhealthsupport.com
3 dynamic.criteo.com www.googletagmanager.com
3 bat.bing.com www.googletagmanager.com
bat.bing.com
liverhealthsupport.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 secure2.liverhealthformula.com liverhealthsupport.com
secure2.liverhealthformula.com
2 dpm.demdex.net 1 redirects
2 ups.analytics.yahoo.com 1 redirects
2 ad.360yield.com 1 redirects
2 r.casalemedia.com 1 redirects
2 ib.adnxs.com 2 redirects
2 dis.criteo.com
2 x.bidswitch.net 1 redirects
2 a1.adform.net 1 redirects liverhealthsupport.com
2 www.google.com liverhealthsupport.com
www.youtube-nocookie.com
2 fonts.gstatic.com www.youtube-nocookie.com
2 www.ibph4trk.com www.googletagmanager.com
www.ibph4trk.com
2 10720395.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 connect.facebook.net click.doityourselfhealthcare.com
connect.facebook.net
2 www.youtube.com liverhealthsupport.com
www.youtube.com
2 www.googletagmanager.com liverhealthsupport.com
www.googletagmanager.com
2 hlthsol.com hlthsol.com
1 s.thebrighttag.com
1 beacon.krxd.net
1 sync-criteo.ads.yieldmo.com
1 ad.yieldlab.net
1 a.twiago.com
1 criteo-partners.tremorhub.com
1 simage2.pubmatic.com
1 exchange.mediavine.com
1 matching.ivitrack.com
1 id5-sync.com
1 visitor.omnitagjs.com
1 cm.adform.net
1 e1.emxdgt.com
1 eb2.3lift.com
1 criteo-sync.teads.tv
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 match.sharethrough.com
1 pixel.rubiconproject.com
1 sync.outbrain.com
1 contextual.media.net
1 cm.g.doubleclick.net 1 redirects
1 widget.us.criteo.com liverhealthsupport.com
1 sslwidget.criteo.com 1 redirects
1 i.ytimg.com www.youtube-nocookie.com
1 adservice.google.de adservice.google.com
1 mug.criteo.com liverhealthsupport.com
1 yt3.ggpht.com www.youtube-nocookie.com
1 adservice.google.com 10720395.fls.doubleclick.net
1 www.google.de liverhealthsupport.com
1 analytics.twitter.com liverhealthsupport.com
1 t.co liverhealthsupport.com
1 stats.g.doubleclick.net www.google-analytics.com
1 static.ads-twitter.com click.doityourselfhealthcare.com
1 s2.adform.net click.doityourselfhealthcare.com
1 d9i5ve8f04qxt.cloudfront.net www.googletagmanager.com
1 static.criteo.net www.googletagmanager.com
1 secure.liverhealthformula.com liverhealthsupport.com
1 click.doityourselfhealthcare.com
117 67

This site contains no links.

Subject Issuer Validity Valid
click.doityourselfhealthcare.com
R3		 2022-12-07 -
2023-03-07		 3 months crt.sh
*.hlthsol.com
E1		 2022-12-21 -
2023-03-21		 3 months crt.sh
liverhealthsupport.com
R3		 2022-12-27 -
2023-03-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
secure.liverhealthformula.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-04 -
2023-08-04		 a year crt.sh
secure2.liverhealthformula.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-21 -
2023-10-21		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-06 -
2023-01-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-11-25 -
2023-05-25		 6 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2022-12-15 -
2024-01-15		 a year crt.sh
ibph4trk.com
Starfield Secure Certificate Authority - G2		 2022-02-11 -
2023-03-15		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-12-13 -
2023-02-21		 2 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2022-11-06 -
2023-11-28		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2022-05-18 -
2023-06-19		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
itm.ivitrack.com
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
exchange.mediavine.com
Amazon		 2022-07-06 -
2023-08-04		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.tremorhub.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-28 -
2023-12-29		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-15		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2022-06-02 -
2023-07-01		 a year crt.sh

This page contains 7 frames:

Primary Page: https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4
Frame ID: 713F3617443FD9B5C046ABED349835AC
Requests: 52 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/34Ghtv78eBc?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Frame ID: 24980E6D9EE8CD3BB29D1C27C837FFCC
Requests: 27 HTTP requests in this frame

Frame: https://10720395.fls.doubleclick.net/activityi;dc_pre=CLWEyJ7KnPwCFZSEsgod9EABTg;src=10720395;type=allvi005;cat=allvi0;ord=1;num=5383600565337;gtm=2wgbu0;auiddc=1473465530.1672239675;~oref=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Deverliver%26utm_content%3Dlivervsl%26utm_campaign%3Dlivercpa%26affid%3D361%26oid%3D31%26uid%3D%26_ef_transaction_id%3D%26n%3D631%26oid%3D31%26affid%3D361%26sub1%3Dmwfagif1227mwfagif%26creative_id%3D4
Frame ID: 6B2E20A4D0A8B22644E63EDFA0C253D4
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=liverhealthsupport.com&origin=onetag
Frame ID: 412D0FE38E9D22310D3F0BBEF394E9B3
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CLWEyJ7KnPwCFZSEsgod9EABTg;src=10720395;type=allvi005;cat=allvi0;ord=1;num=5383600565337;gtm=2wgbu0;auiddc=1473465530.1672239675;~oref=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Deverliver%26utm_content%3Dlivervsl%26utm_campaign%3Dlivercpa%26affid%3D361%26oid%3D31%26uid%3D%26_ef_transaction_id%3D%26n%3D631%26oid%3D31%26affid%3D361%26sub1%3Dmwfagif1227mwfagif%26creative_id%3D4
Frame ID: 1BD33BE1EA47E349058E8DA91BE3096B
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CLWEyJ7KnPwCFZSEsgod9EABTg;src=10720395;type=allvi005;cat=allvi0;ord=1;num=5383600565337;gtm=2wgbu0;auiddc=1473465530.1672239675;~oref=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Deverliver%26utm_content%3Dlivervsl%26utm_campaign%3Dlivercpa%26affid%3D361%26oid%3D31%26uid%3D%26_ef_transaction_id%3D%26n%3D631%26oid%3D31%26affid%3D361%26sub1%3Dmwfagif1227mwfagif%26creative_id%3D4
Frame ID: 9B052B7DCB56ACC113B058A236A25776
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-QQnu07raGaegbaIyIDiyj7OhiVF00svqcWug4g&expires=30
Frame ID: BDAA0F0C3EE33CBCA94E1A8DF5D86DD2
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Liver Health Formula | PureHealth Research

Page URL History Show full URLs

  1. https://click.doityourselfhealthcare.com/?ids=Mzg2ODI1NjAz__MTMwODk=__MTA2MDMwMzM=__NTc2__185&t=c&url=aHR0cHMlM0ElMkY... Page URL
  2. https://hlthsol.com/b4eh Page URL
  3. https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_ca... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

117
Requests

90 %
HTTPS

33 %
IPv6

54
Domains

67
Subdomains

65
IPs

9
Countries

2196 kB
Transfer

6270 kB
Size

66
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.doityourselfhealthcare.com/?ids=Mzg2ODI1NjAz__MTMwODk=__MTA2MDMwMzM=__NTc2__185&t=c&url=aHR0cHMlM0ElMkYlMkZobHRoc29sLmNvbSUyRmI0ZWg= Page URL
  2. https://hlthsol.com/b4eh Page URL
  3. https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://10720395.fls.doubleclick.net/activityi;src=10720395;type=allvi005;cat=allvi0;ord=1;num=5383600565337;gtm=2wgbu0;auiddc=1473465530.1672239675;~oref=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Deverliver%26utm_content%3Dlivervsl%26utm_campaign%3Dlivercpa%26affid%3D361%26oid%3D31%26uid%3D%26_ef_transaction_id%3D%26n%3D631%26oid%3D31%26affid%3D361%26sub1%3Dmwfagif1227mwfagif%26creative_id%3D4 HTTP 302
  • https://10720395.fls.doubleclick.net/activityi;dc_pre=CLWEyJ7KnPwCFZSEsgod9EABTg;src=10720395;type=allvi005;cat=allvi0;ord=1;num=5383600565337;gtm=2wgbu0;auiddc=1473465530.1672239675;~oref=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Deverliver%26utm_content%3Dlivervsl%26utm_campaign%3Dlivercpa%26affid%3D361%26oid%3D31%26uid%3D%26_ef_transaction_id%3D%26n%3D631%26oid%3D31%26affid%3D361%26sub1%3Dmwfagif1227mwfagif%26creative_id%3D4
Request Chain 55
  • https://gum.criteo.com/sid/json?origin=onetag&domain=liverhealthsupport.com&sn=ChromeSyncframe&so=0&topUrl=liverhealthsupport.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=kQwYvHw1bGJRM1d4VlBjamZabytrMkkzY1NmdzMxUVhEUGlKeDlDSzI4TVFNM2d2VjRwUis5ZHgxRnlWdURpSlVrR0xwTDU2Wk1CNGpSWkJrMzJTUGNWazFTeUtSR2hGeVZtVFpGOTNlc1htaUlzN011ZVlPM05RYlZZQ3J3RkkvczlJL1NMQnVvNkFSYWxMTkM0V2pEbmFQdEx5OHFOSjROTTB2SkdLOW9EU0VDdUQyMnlEWlRUblMxR0l3TENNOEpEanY3TkhHOTRSaXBSU0xnZHo5STBNdXBlWnlPV3Y3TE1LODVHbU9lSmNZMVd3MjBHdUQ4SnkycnJOMERURElHbzRNTjUrS0psWjdMa3hYNWdHYzc1RHBheS9rWGlTbmNudyt2SjJtd2FwWldhZz18&cppv=2
Request Chain 69
  • https://a1.adform.net/Serving/TrackPoint/?pm=2634138&ADFPageName=All%20Pages%20-%20Liver%20Health&ADFdivider=%7C&ord=737536431971&ADFtpmode=2&loc=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Deverliver%26utm_content%3Dlivervsl%26utm_campaign%3Dlivercpa%26affid%3D361%26oid%3D31%26uid%3D%26_ef_transaction_id%3D%26n%3D631%26oid%3D31%26affid%3D361%26sub1%3Dmwfagif1227mwfagif%26creative_id%3D4&CPref=https%3A%2F%2Fhlthsol.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
  • https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2634138&ADFPageName=All%20Pages%20-%20Liver%20Health&ADFdivider=%7C&ord=737536431971&ADFtpmode=2&loc=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Deverliver%26utm_content%3Dlivervsl%26utm_campaign%3Dlivercpa%26affid%3D361%26oid%3D31%26uid%3D%26_ef_transaction_id%3D%26n%3D631%26oid%3D31%26affid%3D361%26sub1%3Dmwfagif1227mwfagif%26creative_id%3D4&CPref=https%3A%2F%2Fhlthsol.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Request Chain 77
  • https://sslwidget.criteo.com/event?a=%5B95245%2C84888%2C86919%5D&v=5.12.3&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fhlthsol.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis%26a%3D%255B86919%252C95245%252C95245%252C84888%252C86919%255D&adce=1&bundle=eMTf1V90dk5FU1VKcXlYUlRVU3B1b3RueVUzdk5uQVVQOGJ3Z0xaZVUlMkZUajdMS09YSjNxZk1YdnFFWmh5eGJaTiUyRmtYVlNpRWxTZno5RnNjTkVnNHlQcU5tcGIyekRPOFI4OTNFaFdJTkU2aDhFa0p0S1Z6a2xQMGxNcHVkZFRobnMxczFkSTMxVGxMcTY0NVB3UDVaNFpwVWJZOUlZOFE4bHVJRmNMJTJCYU5wU3VDTUElM0Q&tld=liverhealthsupport.com&dy=1&fu=https%253A%252F%252Fliverhealthsupport.com%252Fpresentation%253Futm_source%253Dcpa%2526utm_medium%253Deverliver%2526utm_content%253Dlivervsl%2526utm_campaign%253Dlivercpa%2526affid%253D361%2526oid%253D31%2526uid%253D%2526_ef_transaction_id%253D%2526n%253D631%2526oid%253D31%2526affid%253D361%2526sub1%253Dmwfagif1227mwfagif%2526creative_id%253D4&pu=https%253A%252F%252Fhlthsol.com%252F&dtycbr=24374 HTTP 302
  • https://widget.us.criteo.com/event?a=%5B95245%2C84888%2C86919%5D&v=5.12.3&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fhlthsol.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis%26a%3D%255B86919%252C95245%252C95245%252C84888%252C86919%255D&adce=1&bundle=eMTf1V90dk5FU1VKcXlYUlRVU3B1b3RueVUzdk5uQVVQOGJ3Z0xaZVUlMkZUajdMS09YSjNxZk1YdnFFWmh5eGJaTiUyRmtYVlNpRWxTZno5RnNjTkVnNHlQcU5tcGIyekRPOFI4OTNFaFdJTkU2aDhFa0p0S1Z6a2xQMGxNcHVkZFRobnMxczFkSTMxVGxMcTY0NVB3UDVaNFpwVWJZOUlZOFE4bHVJRmNMJTJCYU5wU3VDTUElM0Q&tld=liverhealthsupport.com&dy=1&fu=https%253A%252F%252Fliverhealthsupport.com%252Fpresentation%253Futm_source%253Dcpa%2526utm_medium%253Deverliver%2526utm_content%253Dlivervsl%2526utm_campaign%253Dlivercpa%2526affid%253D361%2526oid%253D31%2526uid%253D%2526_ef_transaction_id%253D%2526n%253D631%2526oid%253D31%2526affid%253D361%2526sub1%253Dmwfagif1227mwfagif%2526creative_id%253D4&pu=https%253A%252F%252Fhlthsol.com%252F&dtycbr=24374
Request Chain 87
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-QQnu07raGaegbaIyIDiyj7OhiVF00svqcWug4g&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-QQnu07raGaegbaIyIDiyj7OhiVF00svqcWug4g&expires=30
Request Chain 88
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Vwk9trraGaegbaIyIDiyj7OhiVHyEMuHJIwxNg&google_cm&google_hm=ay1Wd2s5dHJyYUdhZWdiYUl5SURpeWo3T2hpVkh5RU11SEpJd3hOZw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Vwk9trraGaegbaIyIDiyj7OhiVHyEMuHJIwxNg&google_gid=CAESELGKdDNpFQgwmj1EjoRdeCU&google_cver=1&google_ula=913071,0
Request Chain 89
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1828094294962135075
Request Chain 90
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5a9m-rraGaegbaIyIDiyj7OhiVGVfvmnyvyDqQ HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5a9m-rraGaegbaIyIDiyj7OhiVGVfvmnyvyDqQ&C=1
Request Chain 91
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-7z3bq7raGaegbaIyIDiyj7OhiVFOdfbKdUyHPA HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-7z3bq7raGaegbaIyIDiyj7OhiVFOdfbKdUyHPA
Request Chain 100
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QWSIM7raGaegbaIyIDiyj7OhiVE9kx9gYQalYA HTTP 302
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QWSIM7raGaegbaIyIDiyj7OhiVE9kx9gYQalYA&verify=true
Request Chain 104
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=kTOIu25bNIFEayn_M67h7goE0ImZkDFm HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=kTOIu25bNIFEayn_M67h7goE0ImZkDFm
Request Chain 114
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=xydmkxfi_fmFWqrjjmQZTvS2Ul9AY4LA
Request Chain 115
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=jJqGAAH1MSuRantjXoo1ep5MrB_Yndqm

117 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
click.doityourselfhealthcare.com/ 		72 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://click.doityourselfhealthcare.com/?ids=Mzg2ODI1NjAz__MTMwODk=__MTA2MDMwMzM=__NTc2__185&t=c&url=aHR0cHMlM0ElMkYlMkZobHRoc29sLmNvbSUyRmI0ZWg=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
170.187.185.18 Frankfurt am Main, Germany, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
vsrv379.armadaservers.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 28 Dec 2022 15:01:13 GMT
server
nginx
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-nginx-upstream-cache-status
MISS
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
b4eh
hlthsol.com/ 		804 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hlthsol.com/b4eh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://click.doityourselfhealthcare.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
780b2b89a9769be9-FRA
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html;charset=UTF-8
date
Wed, 28 Dec 2022 15:01:14 GMT
expires
Mon, 07 Jul 1777 07:07:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLvNBIhG0L9l4%2FTq84oJHMbXUbba0QJ70V7yWqyslEM1BZKAarwEYhFFpPSYgWmyQVcEQYrkA2b3kuocbxG2g2PBjwzN3qAx%2F5DYW0xhwJEmdW%2F%2FcjHBQl6UomE%2Fu6EAfKo2PxZtpDyfcw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-nginx-upstream-cache-status
MISS
x-redirect-powered-by
Pretty Link Executive 3.2.8 http://prettylink.com
x-robots-tag
noindex, nofollow
x-server-powered-by
Engintron
x-xss-protection
1; mode=block
javascript-redirect.js
hlthsol.com/wp-content/plugins/pretty-link/pro/js/ 		99 B
453 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hlthsol.com/wp-content/plugins/pretty-link/pro/js/javascript-redirect.js?ver=3.2.8
Requested by
Host: hlthsol.com
URL: https://hlthsol.com/b4eh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hlthsol.com/b4eh
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:14 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-server-powered-by
Engintron
age
443030
cf-cache-status
HIT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-nginx-upstream-cache-status
STALE
last-modified
Thu, 22 Dec 2022 21:06:56 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vB9yeE8EQ57S0576hQ1NosP9b84VVWkmqYKAeTr8%2BuoZSSlknIiHs05WYgUfzwiiibZesIgDC4f7nFP8dcu3bCO7nJjEI8d4lpPrALNSi94nxG15jJ5SCsvrWO%2Fm5Yx7drjIoExPu55x%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
780b2b8c6f709be9-FRA
expires
Sun, 22 Jan 2023 11:57:24 GMT
Primary Request presentation
liverhealthsupport.com/ 		395 KB
82 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4
Requested by
Host: hlthsol.com
URL: https://hlthsol.com/wp-content/plugins/pretty-link/pro/js/javascript-redirect.js?ver=3.2.8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
198.211.101.149 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Express
Resource Hash
90505d1b0db5e6834f1f1797729fe80e6c427202bd3b6d01065430902207a0c4

Request headers

Referer
https://hlthsol.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 28 Dec 2022 15:01:14 GMT
ETag
W/"62a46-RpEvH4h8Hmew5myFQyGhglEtVMo"
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
Express
gtm.js
www.googletagmanager.com/ 		292 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PQFZSKZ
Requested by
Host: liverhealthsupport.com
URL: https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
99ed5ba464b803737aece029468533dac3cdd53c8af00b043b7168ba11964f89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94225
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 28 Dec 2022 15:01:15 GMT
34Ghtv78eBc
www.youtube-nocookie.com/embed/ Frame 2498 		69 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/embed/34Ghtv78eBc?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Requested by
Host: liverhealthsupport.com
URL: https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
207134dc29076619b069387b3315756c653b68d23965ba9233ca128cbbd872e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://liverhealthsupport.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Dec 2022 15:01:15 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
volume_up-24px.svg
liverhealthsupport.com/assets/images/ 		325 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://liverhealthsupport.com/assets/images/volume_up-24px.svg
Requested by
Host: liverhealthsupport.com
URL: https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
198.211.101.149 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
161f3517a3c23cc59fde7fbeb4aa6e4aa0cf1e4e3e4751f3b77d62f56fa74214

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 28 Dec 2022 15:01:15 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Jul 2021 06:53:42 GMT
Server
nginx
ETag
W/"60f915f6-145"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=2592000, public
Connection
keep-alive
Expires
Fri, 27 Jan 2023 15:01:15 GMT
dr-holly.png
liverhealthsupport.com/assets/images/ 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://liverhealthsupport.com/assets/images/dr-holly.png
Requested by
Host: liverhealthsupport.com
URL: https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
198.211.101.149 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
060a68e01bc020ef6e13e388a78b47047fd61069b5c3e77bdb3a08f3f1367281

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 28 Dec 2022 15:01:15 GMT
Last-Modified
Thu, 22 Jul 2021 06:53:42 GMT
Server
nginx
ETag
"60f915f6-b7b2"
Content-Type
image/png
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
47026
Expires
Fri, 27 Jan 2023 15:01:15 GMT
featuredLogo.svg
liverhealthsupport.com/assets/svg/ 		65 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://liverhealthsupport.com/assets/svg/featuredLogo.svg
Requested by
Host: liverhealthsupport.com
URL: https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
198.211.101.149 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
4a432f50ced3c08097f1924b0039849937279cf85941afd4e61798c4c19d1855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 28 Dec 2022 15:01:15 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Jul 2021 06:53:42 GMT
Server
nginx
ETag
W/"60f915f6-104e7"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
image/svg+xml
Cache-Control
max-age=2592000, public
Connection
keep-alive
Expires
Fri, 27 Jan 2023 15:01:15 GMT
UCAffiliateNetworkPixel
secure.liverhealthformula.com/cgi-bin/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.liverhealthformula.com/cgi-bin/UCAffiliateNetworkPixel
Requested by
Host: liverhealthsupport.com
URL: https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.162.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-162-24.compute-1.amazonaws.com
Software
Apache /
Resource Hash
860621526f94df1e0bac3bad1e85b292f463838d48070ec756337e52c11908b5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/javascript; charset=utf-8
content-length
749
UCAffiliateNetworkPixel
secure2.liverhealthformula.com/cgi-bin/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure2.liverhealthformula.com/cgi-bin/UCAffiliateNetworkPixel
Requested by
Host: liverhealthsupport.com
URL: https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.104.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-104-83.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e233701e3866df39a9394a392241a224dca10d2615d9dc61333c153dc2b21d9c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/javascript; charset=utf-8
content-length
751
iframe_api
www.youtube.com/ 		992 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: liverhealthsupport.com
URL: https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c4db351e7b79f5ed215ba61fae34b3eebc733da305e877826b17fc2de3c90cd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 28 Dec 2022 15:01:15 GMT
d-play-gif-321.gif
liverhealthsupport.com/assets/gif/ 		142 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://liverhealthsupport.com/assets/gif/d-play-gif-321.gif
Requested by
Host: liverhealthsupport.com
URL: https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
198.211.101.149 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
d5bfa18b6ab7050b460cf37f7b3002f1b2a29bf454edfd61d3416d9849bac43e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 28 Dec 2022 15:01:15 GMT
Last-Modified
Fri, 11 Nov 2022 07:18:35 GMT
Server
nginx
ETag
"636df74b-23981"
Content-Type
image/gif
Cache-Control
max-age=2592000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
145793
Expires
Fri, 27 Jan 2023 15:01:15 GMT
www-widgetapi.js
www.youtube.com/s/player/21149d65/www-widgetapi.vflset/ 		184 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/21149d65/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c8c4819f65dd12131d77a7b5d4a5ef6ab87a7385ed7aaaab68ebca112c0b1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 14:37:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
1410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63032
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 01:17:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 28 Dec 2023 14:37:45 GMT
optimize.js
www.google-analytics.com/gtm/ 		124 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/optimize.js?id=OPT-PPCWSHH
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQFZSKZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
40688aa5acbd42899bdabcd5bb6f6ed8b113a59cfc183c79df5a8ff23fb1f325
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
47654
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 28 Dec 2022 15:01:15 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: click.doityourselfhealthcare.com
URL: https://click.doityourselfhealthcare.com/?ids=Mzg2ODI1NjAz__MTMwODk=__MTA2MDMwMzM=__NTc2__185&t=c&url=aHR0cHMlM0ElMkYlMkZobHRoc29sLmNvbSUyRmI0ZWg=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 28 Dec 2022 15:01:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27298
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
K/rEJVDwFiEBPrPuOBEB8+HFPR+OEmbpRt5bx7zpNwUIdumx5mvCy+IZcaaP4sjhrrK6KjbTep44Y65Mk6dTog==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQFZSKZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Dec 2022 13:24:37 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5798
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 28 Dec 2022 15:24:37 GMT
activityi;dc_pre=CLWEyJ7KnPwCFZSEsgod9EABTg;src=10720395;type=allvi005;cat=allvi0;ord=1;num=5383600565337;gtm=2wgbu0;auiddc=1473465530.1672239675;~oref=https%3A%2F%2Fliverhealthsupport.com%2Fpresen...
10720395.fls.doubleclick.net/ Frame 6B2E
Redirect Chain
  • https://10720395.fls.doubleclick.net/activityi;src=10720395;type=allvi005;cat=allvi0;ord=1;num=5383600565337;gtm=2wgbu0;auiddc=1473465530.1672239675;~oref=https%3A%2F%2Fliverhealthsupport.com%2Fpre...
  • https://10720395.fls.doubleclick.net/activityi;dc_pre=CLWEyJ7KnPwCFZSEsgod9EABTg;src=10720395;type=allvi005;cat=allvi0;ord=1;num=5383600565337;gtm=2wgbu0;auiddc=1473465530.1672239675;~oref=https%3A...
742 B
411 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10720395.fls.doubleclick.net/activityi;dc_pre=CLWEyJ7KnPwCFZSEsgod9EABTg;src=10720395;type=allvi005;cat=allvi0;ord=1;num=5383600565337;gtm=2wgbu0;auiddc=1473465530.1672239675;~oref=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Deverliver%26utm_content%3Dlivervsl%26utm_campaign%3Dlivercpa%26affid%3D361%26oid%3D31%26uid%3D%26_ef_transaction_id%3D%26n%3D631%26oid%3D31%26affid%3D361%26sub1%3Dmwfagif1227mwfagif%26creative_id%3D4?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQFZSKZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
81709cc2ceb4b0e26ea2475bd845eca64e6461ce327902a50f87cc5aa44555eb
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://liverhealthsupport.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 Dec 2022 15:01:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 Dec 2022 15:01:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10720395.fls.doubleclick.net/activityi;dc_pre=CLWEyJ7KnPwCFZSEsgod9EABTg;src=10720395;type=allvi005;cat=allvi0;ord=1;num=5383600565337;gtm=2wgbu0;auiddc=1473465530.1672239675;~oref=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Deverliver%26utm_content%3Dlivervsl%26utm_campaign%3Dlivercpa%26affid%3D361%26oid%3D31%26uid%3D%26_ef_transaction_id%3D%26n%3D631%26oid%3D31%26affid%3D361%26sub1%3Dmwfagif1227mwfagif%26creative_id%3D4?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
bat.js
bat.bing.com/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQFZSKZ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 28 Dec 2022 15:01:14 GMT
last-modified
Mon, 05 Dec 2022 17:15:50 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5422D664D89B4334B6012101A9724860 Ref B: FRAEDGE1516 Ref C: 2022-12-28T15:01:15Z
etag
"027e538cd8d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
11460
ld.js
dynamic.criteo.com/js/ld/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=86919
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQFZSKZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
54ffc65278248e3f14612e22697a4c986834ad35cdd11855ef9e9dc610c16df8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
ld.js
static.criteo.net/js/ld/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQFZSKZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
d6c1aa198589b0a87b22f515905607c1c11839948491cea44a74b88116b40561
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 08 Nov 2022 15:05:46 GMT
server
nginx
etag
W/"636a704a-a8d9"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 29 Dec 2022 15:01:15 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C93K013C77U12DDSVOTG&lib=ttq
Requested by
Host: click.doityourselfhealthcare.com
URL: https://click.doityourselfhealthcare.com/?ids=Mzg2ODI1NjAz__MTMwODk=__MTA2MDMwMzM=__NTc2__185&t=c&url=aHR0cHMlM0ElMkYlMkZobHRoc29sLmNvbSUyRmI0ZWg=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-42.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
29a19a25375c0ae5c0d58bb8f23cc2916423369de5822a6e23bd760eacb1fe9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id
9dbba052
date
Wed, 28 Dec 2022 15:01:15 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
server-timing
inner; dur=2, cdn-cache; desc=MISS, edge; dur=0, origin; dur=102
content-length
1144
pragma
no-cache
server
nginx
x-tt-logid
20221228150115962970FDFDFB315DE943
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
102,104.126.37.38
x-tt-trace-host
012dea839922447ee516d2eb03147c95bcadcaab9c081346a7361b516d480b1d3d85b73a95520a2e6922f42c63c4b738bc70b6e4cbb8720f3fd87644d2ca2b0875dcd6a4d9a3d78416c174c32644750dff5bd05d0b762f5cd398ef63a4affc2a07
expires
Wed, 28 Dec 2022 15:01:15 GMT
everflow.js
www.ibph4trk.com/scripts/sdk/ 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ibph4trk.com/scripts/sdk/everflow.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQFZSKZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.130.28 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
28.130.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6cba4d9a917e024a2026f9f0aacc80e5a2cf92cf9bd89e4f522927f6e4089589

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:15 GMT
content-encoding
gzip
via
1.1 google
server
nginx
vary
Origin
content-type
text/javascript
cache-control
max-age=14400
x-eflow-request-id
10635396-69c1-4f06-b1d7-0901f55938d2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ld.js
dynamic.criteo.com/js/ld/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=84888
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQFZSKZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e6a25bae698d56eef9a18aa048a0239b5359554f5a8cc51c35a827f89c161de1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
collect-g.js
d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/ 		100 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.liverhealthformula.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQFZSKZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.208 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-208.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
852d2dd8669405eaff3d86df48a9405f18152d10c42e46bbb7a00fa4881f2769

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 02:49:30 GMT
content-encoding
gzip
via
1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront)
last-modified
Mon, 05 Dec 2022 18:42:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
475940
etag
"ae4b1be888ae9f45124a5b09d00aab17"
x-cache
Hit from cloudfront
content-type
application/x-javascript; charset=UTF-8
cache-control
max-age=604800,s-maxage=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
19494
x-amz-cf-id
w0j4lnppNVXVS_HtdGzTVa0yh4bjgitn2ztEcoUlzyaoHmhMQ9tMHg==
ld.js
dynamic.criteo.com/js/ld/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=95245
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQFZSKZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ee41d13427c9425be0624c2d73cb90458ecc4c40ee611a2adabe0ebd623c8153
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
trackpoint-async.js
s2.adform.net/banners/scripts/st/ 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by
Host: click.doityourselfhealthcare.com
URL: https://click.doityourselfhealthcare.com/?ids=Mzg2ODI1NjAz__MTMwODk=__MTA2MDMwMzM=__NTc2__185&t=c&url=aHR0cHMlM0ElMkYlMkZobHRoc29sLmNvbSUyRmI0ZWg=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 14:56:50 GMT
content-encoding
gzip
last-modified
Tue, 29 Nov 2022 10:23:25 GMT
server
nginx
x-amz-request-id
tx00000bdfae384ccf5a381-006385e0d4-329373d4-default
etag
W/"83eb5fafaa212c785f7393188ff817aa"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
js
www.googletagmanager.com/gtag/ 		111 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-12217290
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PQFZSKZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4c1daf48486a8152e09c649ac5e8d83ed2b0a54a54643e2df417abe9aaaca92d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
44190
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 28 Dec 2022 15:01:15 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: click.doityourselfhealthcare.com
URL: https://click.doityourselfhealthcare.com/?ids=Mzg2ODI1NjAz__MTMwODk=__MTA2MDMwMzM=__NTc2__185&t=c&url=aHR0cHMlM0ElMkYlMkZobHRoc29sLmNvbSUyRmI0ZWg=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:15 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-hhn-etou8220092-HHN
www-player.css
www.youtube-nocookie.com/s/player/21149d65/ Frame 2498 		360 KB
49 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/21149d65/www-player.css
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/34Ghtv78eBc?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b12df28928ae6402d9d672b356057877a9829fb5701e913e162c03774ab4cec7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/34Ghtv78eBc?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:35:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
73554
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49901
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 01:17:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 27 Dec 2023 18:35:21 GMT
www-embed-player.js
www.youtube-nocookie.com/s/player/21149d65/www-embed-player.vflset/ Frame 2498 		338 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/21149d65/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/34Ghtv78eBc?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49df9116f57b85bfe106cfc8d6356ccaa0ffb99177b05906a7ed90dc15ecbd5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/34Ghtv78eBc?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 08:24:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
110215
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108885
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 01:17:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 27 Dec 2023 08:24:20 GMT
base.js
www.youtube-nocookie.com/s/player/21149d65/player_ias.vflset/de_DE/ Frame 2498 		2 MB
595 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/21149d65/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/34Ghtv78eBc?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d01982abbbe21c9f64c88a3bc5c0008c69603b7772de84594efa286b71badf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/34Ghtv78eBc?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:41:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
73163
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
608852
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 01:17:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 27 Dec 2023 18:41:52 GMT
fetch-polyfill.js
www.youtube-nocookie.com/s/player/21149d65/fetch-polyfill.vflset/ Frame 2498 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/21149d65/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/34Ghtv78eBc?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/34Ghtv78eBc?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 12:09:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
183104
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 01:17:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 26 Dec 2023 12:09:31 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2498 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/34Ghtv78eBc?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube-nocookie.com/
Origin
https://www.youtube-nocookie.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 12:17:50 GMT
x-content-type-options
nosniff
age
355405
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Dec 2023 12:17:50 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2498 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/34Ghtv78eBc?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube-nocookie.com/
Origin
https://www.youtube-nocookie.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:21:19 GMT
x-content-type-options
nosniff
age
146396
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Dec 2023 22:21:19 GMT
1181125052062198
connect.facebook.net/signals/config/ 		298 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1181125052062198?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9f072bb00857ece10f9a2658259965d13829977f579b0ef493487ddae7192336
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 28 Dec 2022 15:01:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
8UEdj2kWpKva1ILKIPWkioheCeebuxzI+63d2GyDUyTVK1LDE0vMcdOuViiNSto3MVsxNB+j6QHO9fpgWepHzQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=658068755&t=pageview&_s=1&dl=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Deverliver%26utm_content%3Dlivervsl%26utm_campaign%3Dlivercpa%26affid%3D361%26oid%3D31%26uid%3D%26_ef_transaction_id%3D%26n%3D631%26oid%3D31%26affid%3D361%26sub1%3Dmwfagif1227mwfagif%26creative_id%3D4&dr=https%3A%2F%2Fhlthsol.com%2F&ul=en-us&de=UTF-8&dt=Liver%20Health%20Formula%20%7C%20PureHealth%20Research&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACEABRAAAACAAI~&jid=1609538127&gjid=1704173626&cid=2109794148.1672239675&tid=UA-55722554-1&_gid=1394885107.1672239675&_r=1&gtm=2wgbu0PQFZSKZ&z=34135484
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://liverhealthsupport.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 28 Dec 2022 15:01:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://liverhealthsupport.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
137000058.js
bat.bing.com/p/action/ 		0
118 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/137000058.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
date
Wed, 28 Dec 2022 15:01:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 316215D85C6847E9B9C108CF0821B5EE Ref B: FRAEDGE1516 Ref C: 2022-12-28T15:01:15Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=137000058&tm=gtm002&Ver=2&mid=84abda5f-bd43-4b87-bec0-62377e80698e&sid=79bf0b8086c011ed990fe3e6a3a7545b&vid=79bf1fa086c011edb5de0f7aa64aa375&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Liver%20Health%20Formula%20%7C%20PureHealth%20Research&kw=liver%20supplements,%20healthy%20liver,%20protect%20liver,%20healthy%20liver,%20liver%20boost,%20liver%20balance,%20liver%20detox,%20liver%20guard,%20no%20side%20effects&p=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Deverliver%26utm_content%3Dlivervsl%26utm_campaign%3Dlivercpa%26affid%3D361%26oid%3D31%26uid%3D%26_ef_transaction_id%3D%26n%3D631%26oid%3D31%26affid%3D361%26sub1%3Dmwfagif1227mwfagif%26creative_id%3D4&r=https%3A%2F%2Fhlthsol.com%2F&lt=685&evt=pageLoad&sv=1&rn=434807
Requested by
Host: liverhealthsupport.com
URL: https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 28 Dec 2022 15:01:14 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3618F763ED0E4A63822DE95E568AF743 Ref B: FRAEDGE1516 Ref C: 2022-12-28T15:01:15Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
447 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-55722554-1&cid=2109794148.1672239675&jid=1609538127&gjid=1704173626&_gid=1394885107.1672239675&_u=aGBACEAARAAAACAAI~&z=470046797
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://liverhealthsupport.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 28 Dec 2022 15:01:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://liverhealthsupport.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 412D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=liverhealthsupport.com&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=86919
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://liverhealthsupport.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 28 Dec 2022 15:01:14 GMT
server
Kestrel
server-processing-duration-in-ticks
814531
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
adsct
t.co/1/i/ 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=4d5f7336-681f-41e4-a25f-11724c5ef89f&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=cf850fde-2099-421d-9528-149673ef8280&tw_document_href=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Deverliver%26utm_content%3Dlivervsl%26utm_campaign%3Dlivercpa%26affid%3D361%26oid%3D31%26uid%3D%26_ef_transaction_id%3D%26n%3D631%26oid%3D31%26affid%3D361%26sub1%3Dmwfagif1227mwfagif%26creative_id%3D4&tw_iframe_status=0&txn_id=ocsjy&type=javascript&version=2.3.29
Requested by
Host: liverhealthsupport.com
URL: https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time
103
date
Wed, 28 Dec 2022 15:01:14 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
f8fd34f93a7d7a76
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
df3d2a160085890236980bb76377952af2f2e29cfb77c0cf8e35d9e6b72a2eed
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
724 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=4d5f7336-681f-41e4-a25f-11724c5ef89f&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=cf850fde-2099-421d-9528-149673ef8280&tw_document_href=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Deverliver%26utm_content%3Dlivervsl%26utm_campaign%3Dlivercpa%26affid%3D361%26oid%3D31%26uid%3D%26_ef_transaction_id%3D%26n%3D631%26oid%3D31%26affid%3D361%26sub1%3Dmwfagif1227mwfagif%26creative_id%3D4&tw_iframe_status=0&txn_id=ocsjy&type=javascript&version=2.3.29
Requested by
Host: liverhealthsupport.com
URL: https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time
106
date
Wed, 28 Dec 2022 15:01:14 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
7e0ace5bcb1798d5
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
0b7f446f80e74648e0ee21bc5a52b61a42a87c05f386f07635044fbe2dea9096
content-length
43
main.MWI1MTgwZGZmMQ.js
analytics.tiktok.com/i18n/pixel/static/ 		248 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMQ.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C93K013C77U12DDSVOTG&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-42.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
31a833fe17d971c72b398404d6c4b340214ff2e88ef7c45e414797e844683057

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id
9dbba152
date
Wed, 28 Dec 2022 15:01:15 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20221220165723DE42A811A5E624DDC805
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01fb884c5ae7e92b0dfce67bb6a66f0119b5b4338c0545524d69bbf4ea243987785b1761f77c38749fb90cd03f2281edef78452f0ed134ab037adb26a77ff8e91d818ebf38c5ef01c4549ff19243373c2198375ee2c44b644ff00cd1e49af876a2
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length
68933
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-55722554-1&cid=2109794148.1672239675&jid=1609538127&_u=aGBACEAARAAAACAAI~&z=1902718225
Requested by
Host: liverhealthsupport.com
URL: https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Dec 2022 15:01:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-55722554-1&cid=2109794148.1672239675&jid=1609538127&_u=aGBACEAARAAAACAAI~&z=1902718225
Requested by
Host: liverhealthsupport.com
URL: https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Dec 2022 15:01:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CLWEyJ7KnPwCFZSEsgod9EABTg;src=10720395;type=allvi005;cat=allvi0;ord=1;num=5383600565337;gtm=2wgbu0;auiddc=1473465530.1672239675;~oref=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Fu...
adservice.google.com/ddm/fls/i/ Frame 1BD3 		741 B
857 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CLWEyJ7KnPwCFZSEsgod9EABTg;src=10720395;type=allvi005;cat=allvi0;ord=1;num=5383600565337;gtm=2wgbu0;auiddc=1473465530.1672239675;~oref=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Deverliver%26utm_content%3Dlivervsl%26utm_campaign%3Dlivercpa%26affid%3D361%26oid%3D31%26uid%3D%26_ef_transaction_id%3D%26n%3D631%26oid%3D31%26affid%3D361%26sub1%3Dmwfagif1227mwfagif%26creative_id%3D4
Requested by
Host: 10720395.fls.doubleclick.net
URL: https://10720395.fls.doubleclick.net/activityi;dc_pre=CLWEyJ7KnPwCFZSEsgod9EABTg;src=10720395;type=allvi005;cat=allvi0;ord=1;num=5383600565337;gtm=2wgbu0;auiddc=1473465530.1672239675;~oref=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Deverliver%26utm_content%3Dlivervsl%26utm_campaign%3Dlivercpa%26affid%3D361%26oid%3D31%26uid%3D%26_ef_transaction_id%3D%26n%3D631%26oid%3D31%26affid%3D361%26sub1%3Dmwfagif1227mwfagif%26creative_id%3D4?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef3c9c490753d8c2ee916dbb71fa03eebbb7a5895761be33df9eea5dba31c4c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10720395.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
389
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 Dec 2022 15:01:15 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube-nocookie.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube-nocookie.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Wed, 28 Dec 2022 15:01:15 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2498 		65 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/21149d65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
60ba83226e9405d8476c66221e576048008a3ee5f08aea6857b7217fb0a97d12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube-nocookie.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 28 Dec 2022 15:01:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube-nocookie.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30825
x-xss-protection
0
player
www.youtube-nocookie.com/youtubei/v1/ Frame 2498 		63 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/21149d65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
7da147cd7339064d283e22a1c6e575776403105c6dfc61d56dac76cc3b5b9fae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Youtube-Bootstrap-Logged-In
false
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json
Referer
https://www.youtube-nocookie.com/embed/34Ghtv78eBc?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20221218.00.00
X-Goog-Visitor-Id
CgtVMk5xSkxOdFRyRSi7tLGdBg%3D%3D

Response headers

date
Wed, 28 Dec 2022 15:01:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23331
x-xss-protection
0
expires
Wed, 28 Dec 2022 15:01:15 GMT
98eZ1SvQKncrIy_uxRv1pSvbmSGZ50EV24E3eut_s2o.js
www.google.com/js/th/ Frame 2498 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/98eZ1SvQKncrIy_uxRv1pSvbmSGZ50EV24E3eut_s2o.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/21149d65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7c799d52bd02a772b232feec51bf5a52bdb992199e74115db81377aeb7fb36a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 09:01:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
21569
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14262
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Dec 2023 09:01:46 GMT
embed.js
www.youtube-nocookie.com/s/player/21149d65/player_ias.vflset/de_DE/ Frame 2498 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/21149d65/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/21149d65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9505467473c1648aa9e072460ba9f340d82c1dff8468fe01054c6df8d99cd40c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/34Ghtv78eBc?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:41:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
73160
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8405
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 01:17:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 27 Dec 2023 18:41:55 GMT
truncated
/ Frame 2498 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
AMLnZu-GnzJ7ZGkXHEDi-xd3PCUUsHKBivKOYdyn76DVKw=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 2498 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AMLnZu-GnzJ7ZGkXHEDi-xd3PCUUsHKBivKOYdyn76DVKw=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/34Ghtv78eBc?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
d68c9ecb951aa1a3af288e3b7b7dc7944c3e485df5be778af4ff82b801899e18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 12:42:11 GMT
x-content-type-options
nosniff
age
8344
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1275
x-xss-protection
0
server
fife
etag
"vf6"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Wed, 02 Nov 2022 20:17:00 GMT
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ 		20 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Requested by
Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.liverhealthformula.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.92.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-92-153.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
7573b10466c66e9de1ae8a229abcbc963f985bcb6b1f05d6591bf3a13ceabe4f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://liverhealthsupport.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/json

Response headers

date
Wed, 28 Dec 2022 15:01:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
FRA56-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
date, x-api-id
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
SZdb02VSW7E13JuTiK3AmfWyQbkycDNf9jEP3d8nOMRoR0jeyyQeHA==
content-length
35
apigw-requestid
d3MJWjguIAMEScA=
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.92.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-92-153.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://liverhealthsupport.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
300
age
47963
alt-svc
h3=":443"; ma=86400
apigw-requestid
d1XDCiUWIAMEVVw=
date
Wed, 28 Dec 2022 01:41:52 GMT
via
1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
x-amz-cf-id
8_WeQ8pY3qR7mp8L-jDsO5Cbtam7TCLyCQm9zAwyTKp7tGwQFpEU5A==
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
sid
mug.criteo.com/ Frame 412D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=liverhealthsupport.com&sn=ChromeSyncframe&so=0&topUrl=liverhealthsupport.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=kQwYvHw1bGJRM1d4VlBjamZabytrMkkzY1NmdzMxUVhEUGlKeDlDSzI4TVFNM2d2VjRwUis5ZHgxRnlWdURpSlVrR0xwTDU2Wk1CNGpSWkJrMzJTUGNWazFTeUtSR2hGeVZtVFpGOTNlc1htaUlzN011ZVlPM05RYlZZQ3...
449 B
665 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=kQwYvHw1bGJRM1d4VlBjamZabytrMkkzY1NmdzMxUVhEUGlKeDlDSzI4TVFNM2d2VjRwUis5ZHgxRnlWdURpSlVrR0xwTDU2Wk1CNGpSWkJrMzJTUGNWazFTeUtSR2hGeVZtVFpGOTNlc1htaUlzN011ZVlPM05RYlZZQ3J3RkkvczlJL1NMQnVvNkFSYWxMTkM0V2pEbmFQdEx5OHFOSjROTTB2SkdLOW9EU0VDdUQyMnlEWlRUblMxR0l3TENNOEpEanY3TkhHOTRSaXBSU0xnZHo5STBNdXBlWnlPV3Y3TE1LODVHbU9lSmNZMVd3MjBHdUQ4SnkycnJOMERURElHbzRNTjUrS0psWjdMa3hYNWdHYzc1RHBheS9rWGlTbmNudyt2SjJtd2FwWldhZz18&cppv=2
Requested by
Host: liverhealthsupport.com
URL: https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
79123f624f82c3669d83540e4211797320fbec6218419ac4c6c5a1ea9aaccac1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Dec 2022 15:01:15 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2739142
expires
0

Redirect headers

pragma
no-cache
date
Wed, 28 Dec 2022 15:01:14 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=kQwYvHw1bGJRM1d4VlBjamZabytrMkkzY1NmdzMxUVhEUGlKeDlDSzI4TVFNM2d2VjRwUis5ZHgxRnlWdURpSlVrR0xwTDU2Wk1CNGpSWkJrMzJTUGNWazFTeUtSR2hGeVZtVFpGOTNlc1htaUlzN011ZVlPM05RYlZZQ3J3RkkvczlJL1NMQnVvNkFSYWxMTkM0V2pEbmFQdEx5OHFOSjROTTB2SkdLOW9EU0VDdUQyMnlEWlRUblMxR0l3TENNOEpEanY3TkhHOTRSaXBSU0xnZHo5STBNdXBlWnlPV3Y3TE1LODVHbU9lSmNZMVd3MjBHdUQ4SnkycnJOMERURElHbzRNTjUrS0psWjdMa3hYNWdHYzc1RHBheS9rWGlTbmNudyt2SjJtd2FwWldhZz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
383521
content-length
0
expires
0
identify_13839.js
analytics.tiktok.com/i18n/pixel/static/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_13839.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-42.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-akamai-request-id
9dbba30d
date
Wed, 28 Dec 2022 15:01:15 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
20221220165723216E0C97266D52F52016
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
01b9f1817ba6067a0b2d529725919f13339635511c16353c306186c37c4044e757073044265c8fd66729ba75afb13c23554ca9477b29cb78c1663babf32730aff436d51d1bd893006587f08dfa55d295a9721dd0963d200802d1e723aef10e141c
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
30911
pixel
analytics.tiktok.com/api/v2/ 		0
695 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-42.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://liverhealthsupport.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
6f99b6bb.9dbba3a7
date
Wed, 28 Dec 2022 15:01:15 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
x-parent-response-time
108,104.126.37.38
server-timing
cdn-cache; desc=MISS, edge; dur=94, origin; dur=18, inner; dur=15
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
202212281501155387D988BB76913559F8
x-cache-remote
TCP_MISS from a23-222-16-13.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
18,23.222.16.13
x-tt-trace-host
012dea839922447ee516d2eb03147c95bc1900bf66383bede9a8c1bee54f87bf31bb86321d4670a774fa39928b819d5413de7f14833b8f50df557a47e907376edd727831e888242822d045847a8c746683b6b6567f25d754113273ea7a7a68fc97a919a3c67c93802728cadedde9d5e650
expires
Wed, 28 Dec 2022 15:01:15 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
550 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWI1MTgwZGZmMQ.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.42 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-42.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://liverhealthsupport.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 28 Dec 2022 15:01:15 GMT
x-akamai-request-id
9dbba3a8
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
20221228150115892E622DD872A2B266B1
x-cache
TCP_MISS from a104-126-37-38.deploy.akamaitechnologies.com (AkamaiGHost/10.10.3-45298580) (-)
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
133,104.126.37.38
x-tt-trace-host
012dea839922447ee516d2eb03147c95bcadcaab9c081346a7361b516d480b1d3df2805175c104e409707234802824e4ad2172485245ee802b234fe884eea25ec54147e2f6a524596e207110d8a2d08286fddb7aa8cc7458f254602e014ea6f030
server-timing
inner; dur=35, cdn-cache; desc=MISS, edge; dur=3, origin; dur=133
content-length
0
expires
Wed, 28 Dec 2022 15:01:15 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 2498 		90 B
133 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/21149d65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
89c5c43d87895db21c587a9fcddde239b02775d8efacafb179b5c30b1fe1b262
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube-nocookie.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Wed, 28 Dec 2022 15:01:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube-nocookie.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube-nocookie.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube-nocookie.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Wed, 28 Dec 2022 15:01:15 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1181125052062198&ev=PageView&dl=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Deverliver%26utm_content%3Dlivervsl%26utm_campaign%3Dlivercpa%26affid%3D361%26oid%3D31%26uid%3D%26_ef_transaction_id%3D%26n%3D631%26oid%3D31%26affid%3D361%26sub1%3Dmwfagif1227mwfagif%26creative_id%3D4&rl=https%3A%2F%2Fhlthsol.com%2F&if=false&ts=1672239675756&sw=1600&sh=1200&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1672239675750.1697840126&it=1672239675157&coo=false&rqm=GET
Requested by
Host: liverhealthsupport.com
URL: https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 28 Dec 2022 15:01:15 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
dc_pre=CLWEyJ7KnPwCFZSEsgod9EABTg;src=10720395;type=allvi005;cat=allvi0;ord=1;num=5383600565337;gtm=2wgbu0;auiddc=1473465530.1672239675;~oref=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Fu...
adservice.google.de/ddm/fls/i/ Frame 9B05 		194 B
776 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CLWEyJ7KnPwCFZSEsgod9EABTg;src=10720395;type=allvi005;cat=allvi0;ord=1;num=5383600565337;gtm=2wgbu0;auiddc=1473465530.1672239675;~oref=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Deverliver%26utm_content%3Dlivervsl%26utm_campaign%3Dlivercpa%26affid%3D361%26oid%3D31%26uid%3D%26_ef_transaction_id%3D%26n%3D631%26oid%3D31%26affid%3D361%26sub1%3Dmwfagif1227mwfagif%26creative_id%3D4
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CLWEyJ7KnPwCFZSEsgod9EABTg;src=10720395;type=allvi005;cat=allvi0;ord=1;num=5383600565337;gtm=2wgbu0;auiddc=1473465530.1672239675;~oref=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Deverliver%26utm_content%3Dlivervsl%26utm_campaign%3Dlivercpa%26affid%3D361%26oid%3D31%26uid%3D%26_ef_transaction_id%3D%26n%3D631%26oid%3D31%26affid%3D361%26sub1%3Dmwfagif1227mwfagif%26creative_id%3D4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 28 Dec 2022 15:01:15 GMT
expires
Wed, 28 Dec 2022 15:01:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
qoe
www.youtube-nocookie.com/api/stats/ Frame 2498 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/api/stats/qoe?fmt=134&afmt=251&cpn=7pwtTVc2q8Z9Ogw0&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24292955%2C24390013%2C24406621%2C24415864%2C24416291%2C24416437&cl=496261446&seq=1&docid=34Ghtv78eBc&ei=O1qsY4_IHomggAeJ8ZK4DQ&event=streamingstats&plid=AAXw5KPW5vl8ZpgE&referrer=https%3A%2F%2Fwww.youtube-nocookie.com%2Fembed%2F34Ghtv78eBc%3Fenablejsapi%3D1%26playsinline%3D1%26rel%3D0%26controls%3D0%26showinfo%3D0%26autoplay%3D1%26modestbranding%3D1%26iv_load_policy%3D3&cbr=Chrome&cbrver=108.0.5359.124&c=WEB_EMBEDDED_PLAYER&cver=1.20221218.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.067:B,0.448:B,0.448:B&cmt=0.067:0.000,0.448:0.000&afs=0.448:251::i&vfs=0.448:134:135::r&view=0.448:920:518&bwe=0.448:130000&bat=0.448:1:1&vis=0.448:0&bh=0.448:0.000
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/21149d65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube-nocookie.com/embed/34Ghtv78eBc?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-YouTube-Client-Version
1.20221218.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtVMk5xSkxOdFRyRSi7tLGdBg%3D%3D
X-YouTube-Ad-Signals
dt=1672239675314&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C920%2C518&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Wed, 28 Dec 2022 15:01:15 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr3---sn-4g5e6nzs.googlevideo.com/ Frame 2498 		158 KB
159 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-4g5e6nzs.googlevideo.com/videoplayback?expire=1672261275&ei=O1qsY4_IHomggAeJ8ZK4DQ&ip=2001%3Aac8%3A20%3A272%3A%3A2e&id=o-ACOzf9lwf5UkvOOabCiDjhUNFe3hGsqiP_y06up8uzaT&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=Bj&mm=31%2C29&mn=sn-4g5e6nzs%2Csn-4g5ednd7&ms=au%2Crdu&mv=m&mvi=3&pl=53&initcwndbps=352500&spc=zIddbGQMFX5WBwtgmj9-UzfJ74TDNGk&vprv=1&mime=video%2Fmp4&ns=AN6IZKjDWzjNGtgA2YLJRE4K&gir=yes&clen=55662128&otfp=1&dur=1692.208&lmt=1652428892268665&mt=1672239440&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6216224&n=DvEmLG_QE7khBA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhANtlADFUSOp-SmRLhR9ITXdfi9roRl-vWcCKr5OGUB1-AiAl5NDCdntoXOy9tYcGe48GQ9-vS8Uii1j4WczrAs5IWw%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgEhWFa69J1IVVyv_uxFbZJHXGgC2uKCTmn9N_K4OrWfcCIFH9SYp1InLqJjSLP_pAYV4QpDHf8F9bEoc7rpCS-28z&alr=yes&cpn=7pwtTVc2q8Z9Ogw0&cver=1.20221218.00.00&range=0-161594&rn=1&rbuf=0
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/21149d65/player_ias.vflset/de_DE/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:4c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
4c4ba8b9b67465641b469f5945a574d8c55321f1b5041b6d9f760552d940f07e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 28 Dec 2022 15:01:15 GMT
X-Restrict-Formats-Hint
None
X-Content-Type-Options
nosniff
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
161595
Last-Modified
Fri, 13 May 2022 08:01:32 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
https://www.youtube-nocookie.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21300
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube-nocookie.com
Expires
Wed, 28 Dec 2022 15:01:15 GMT
videoplayback
rr3---sn-4g5e6nzs.googlevideo.com/ Frame 2498 		67 KB
68 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-4g5e6nzs.googlevideo.com/videoplayback?expire=1672261275&ei=O1qsY4_IHomggAeJ8ZK4DQ&ip=2001%3Aac8%3A20%3A272%3A%3A2e&id=o-ACOzf9lwf5UkvOOabCiDjhUNFe3hGsqiP_y06up8uzaT&itag=251&source=youtube&requiressl=yes&mh=Bj&mm=31%2C29&mn=sn-4g5e6nzs%2Csn-4g5ednd7&ms=au%2Crdu&mv=m&mvi=3&pl=53&initcwndbps=352500&spc=zIddbGQMFX5WBwtgmj9-UzfJ74TDNGk&vprv=1&mime=audio%2Fwebm&ns=AN6IZKjDWzjNGtgA2YLJRE4K&gir=yes&clen=23816895&otfp=1&dur=1692.241&lmt=1652428919660805&mt=1672239440&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=DvEmLG_QE7khBA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgPhu2p8aUQ3plsJkz1t6SZCALPe9wY2UzJ8GB-IjtZpUCICL1srZ0vSVNIsGhtEOz48PbFuZJfQuB2-mUn2BQB9AH&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgEhWFa69J1IVVyv_uxFbZJHXGgC2uKCTmn9N_K4OrWfcCIFH9SYp1InLqJjSLP_pAYV4QpDHf8F9bEoc7rpCS-28z&alr=yes&cpn=7pwtTVc2q8Z9Ogw0&cver=1.20221218.00.00&range=0-68739&rn=2&rbuf=0
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/21149d65/player_ias.vflset/de_DE/base.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:4c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
8b7e111fdc83dd99ae48ec5ee05aac2b597165d1eeda429bab29f77ded9c55b1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 28 Dec 2022 15:01:15 GMT
X-Content-Type-Options
nosniff
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
68740
Last-Modified
Fri, 13 May 2022 08:01:59 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
audio/webm
Access-Control-Allow-Origin
https://www.youtube-nocookie.com
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=21300
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
https://www.youtube-nocookie.com
Expires
Wed, 28 Dec 2022 15:01:15 GMT
captions.js
www.youtube-nocookie.com/s/player/21149d65/player_ias.vflset/de_DE/ Frame 2498 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/21149d65/player_ias.vflset/de_DE/captions.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/21149d65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75f1dc4fc750739ea37d9adeecd99dc01bb8fc6129e8ac97b03af51c282026bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/34Ghtv78eBc?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:43:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
73086
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25848
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 01:17:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 27 Dec 2023 18:43:09 GMT
endscreen.js
www.youtube-nocookie.com/s/player/21149d65/player_ias.vflset/de_DE/ Frame 2498 		32 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/s/player/21149d65/player_ias.vflset/de_DE/endscreen.js
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/21149d65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
801142cac1a7b61ffb33866ffd9c5b2a3c01fdef085b0543814dfc19c87f8778
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/34Ghtv78eBc?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 18:43:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
73086
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8814
x-xss-protection
0
last-modified
Mon, 19 Dec 2022 01:17:46 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 27 Dec 2023 18:43:09 GMT
next
www.youtube-nocookie.com/youtubei/v1/ Frame 2498 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/21149d65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
70bbbd70363d60317b194b1de26504ff9a5212406c9d46fba90baf182434d6dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Youtube-Bootstrap-Logged-In
false
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json
Referer
https://www.youtube-nocookie.com/embed/34Ghtv78eBc?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20221218.00.00
X-Goog-Visitor-Id
CgtVMk5xSkxOdFRyRSi7tLGdBg%3D%3D

Response headers

date
Wed, 28 Dec 2022 15:01:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1779
x-xss-protection
0
expires
Wed, 28 Dec 2022 15:01:16 GMT
/
a1.adform.net/Serving/TrackPoint/
Redirect Chain
  • https://a1.adform.net/Serving/TrackPoint/?pm=2634138&ADFPageName=All%20Pages%20-%20Liver%20Health&ADFdivider=%7C&ord=737536431971&ADFtpmode=2&loc=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation...
  • https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2634138&ADFPageName=All%20Pages%20-%20Liver%20Health&ADFdivider=%7C&ord=737536431971&ADFtpmode=2&loc=https%3A%2F%2Fliverhealthsupport.com%2Fpresent...
125 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2634138&ADFPageName=All%20Pages%20-%20Liver%20Health&ADFdivider=%7C&ord=737536431971&ADFtpmode=2&loc=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Deverliver%26utm_content%3Dlivervsl%26utm_campaign%3Dlivercpa%26affid%3D361%26oid%3D31%26uid%3D%26_ef_transaction_id%3D%26n%3D631%26oid%3D31%26affid%3D361%26sub1%3Dmwfagif1227mwfagif%26creative_id%3D4&CPref=https%3A%2F%2Fhlthsol.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
Requested by
Host: liverhealthsupport.com
URL: https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4
Protocol
H2
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
829c7877bfb8e7a4035ab45042628b24383575fe7f468d06d7bb99fc716d0f6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Dec 2022 15:01:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
197
expires
-1

Redirect headers

pragma
no-cache
date
Wed, 28 Dec 2022 15:01:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
content-type
text/html; charset=utf-8
location
https://a1.adform.net/Serving/TrackPoint/?CC=1&pm=2634138&ADFPageName=All%20Pages%20-%20Liver%20Health&ADFdivider=%7C&ord=737536431971&ADFtpmode=2&loc=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Deverliver%26utm_content%3Dlivervsl%26utm_campaign%3Dlivercpa%26affid%3D361%26oid%3D31%26uid%3D%26_ef_transaction_id%3D%26n%3D631%26oid%3D31%26affid%3D361%26sub1%3Dmwfagif1227mwfagif%26creative_id%3D4&CPref=https%3A%2F%2Fhlthsol.com%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
maxresdefault.jpg
i.ytimg.com/vi/34Ghtv78eBc/ Frame 2498 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/34Ghtv78eBc/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGGUgWihPMA8=&rs=AOn4CLB2humoH_ONppZRK8egGqik1vamGQ
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/34Ghtv78eBc?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2016 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc4cdd16a3d7e0556eb1c69b5998c8847501e9339723b019eccbfce658303153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:16 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58933
x-xss-protection
0
server
sffe
etag
"0"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 28 Dec 2022 17:01:16 GMT
click
www.ibph4trk.com/sdk/ 		86 B
106 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.ibph4trk.com/sdk/click?effp=c76c3b2060544cc6bf5d8ec1967c701b&_ef_transaction_id=&oid=31&affid=361&__cc=&async=json&uid=&sub1=mwfagif1227mwfagif
Requested by
Host: www.ibph4trk.com
URL: https://www.ibph4trk.com/scripts/sdk/everflow.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.130.28 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
28.130.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
fa9e1743d3d96179a9cfe74a472235cea6d5451a02eb6f917f6df9737f9a6a8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:16 GMT
via
1.1 google
server
nginx
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://liverhealthsupport.com
access-control-allow-credentials
true
x-eflow-request-id
aa5bc72e-984d-4b59-98cb-ee0e9a347f1f
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86
embedded_player
www.youtube-nocookie.com/youtubei/v1/ Frame 2498 		29 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/youtubei/v1/embedded_player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/21149d65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ad62a807d4eb49185d95ca8019ae53386b3c905775421f527e7070c1d9d07d2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Youtube-Bootstrap-Logged-In
false
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json
Referer
https://www.youtube-nocookie.com/embed/34Ghtv78eBc?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20221218.00.00
X-Goog-Visitor-Id
CgtVMk5xSkxOdFRyRSi7tLGdBg%3D%3D

Response headers

date
Wed, 28 Dec 2022 15:01:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18606
x-xss-protection
0
expires
Wed, 28 Dec 2022 15:01:16 GMT
UCAffiliateNetworkPixel
secure2.liverhealthformula.com/cgi-bin/ 		0
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure2.liverhealthformula.com/cgi-bin/UCAffiliateNetworkPixel?t=0.3290770214891321&r=https%3A%2F%2Fhlthsol.com%2F&u=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Deverliver%26utm_content%3Dlivervsl%26utm_campaign%3Dlivercpa%26affid%3D361%26oid%3D31%26uid%3D%26_ef_transaction_id%3D%26n%3D631%26oid%3D31%26affid%3D361%26sub1%3Dmwfagif1227mwfagif%26creative_id%3D4
Requested by
Host: secure2.liverhealthformula.com
URL: https://secure2.liverhealthformula.com/cgi-bin/UCAffiliateNetworkPixel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.104.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-104-83.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:16 GMT
server
Apache
content-length
0
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
UCAffiliateNetworkPixel
secure2.liverhealthformula.com/cgi-bin/ 		0
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure2.liverhealthformula.com/cgi-bin/UCAffiliateNetworkPixel?t=0.2235432648067326&r=https%3A%2F%2Fhlthsol.com%2F&u=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Deverliver%26utm_content%3Dlivervsl%26utm_campaign%3Dlivercpa%26affid%3D361%26oid%3D31%26uid%3D%26_ef_transaction_id%3D%26n%3D631%26oid%3D31%26affid%3D361%26sub1%3Dmwfagif1227mwfagif%26creative_id%3D4
Requested by
Host: secure2.liverhealthformula.com
URL: https://secure2.liverhealthformula.com/cgi-bin/UCAffiliateNetworkPixel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.104.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-104-83.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:16 GMT
server
Apache
content-length
0
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
videoplayback
rr3---sn-4g5e6nzs.googlevideo.com/ Frame 2498 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-4g5e6nzs.googlevideo.com/videoplayback?expire=1672261275&ei=O1qsY4_IHomggAeJ8ZK4DQ&ip=2001%3Aac8%3A20%3A272%3A%3A2e&id=o-ACOzf9lwf5UkvOOabCiDjhUNFe3hGsqiP_y06up8uzaT&itag=135&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=yt_otf&requiressl=yes&mh=Bj&mm=31%2C29&mn=sn-4g5e6nzs%2Csn-4g5ednd7&ms=au%2Crdu&mv=m&mvi=3&pl=53&initcwndbps=352500&spc=zIddbGQMFX5WBwtgmj9-UzfJ74TDNGk&vprv=1&mime=video%2Fmp4&ns=AN6IZKjDWzjNGtgA2YLJRE4K&otf=1&otfp=1&dur=0.000&lmt=1652428895344276&mt=1672239440&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6210224&n=DvEmLG_QE7khBA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cotf%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgMxTX7EUejHI5jiOVy9jOiAEbzPTlrjhjqImFZmWT4dUCIE3rUVDXWH1BQez46eUd6g_kD0KEG5DwE5cOJ__MIHSJ&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgEhWFa69J1IVVyv_uxFbZJHXGgC2uKCTmn9N_K4OrWfcCIFH9SYp1InLqJjSLP_pAYV4QpDHf8F9bEoc7rpCS-28z&alr=yes&cpn=7pwtTVc2q8Z9Ogw0&cver=1.20221218.00.00&sq=0&rn=3&rbuf=0&pot=D-fnqIssDlnJ59-5ggihW1EGDfurH_h8xEHN9rxBac5JXQ6nnCwaFgGKmXb1KIzKuzg_2X1uEpt-xd6bJja-2Tn8LbixdP8lpGnVwx4gJgOd_BedC2MG17aVEJCFaKAdmqzLoSs=
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/21149d65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:4c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
c80bb2ba3604829807c84fa301922757a878225961b9d6bc7464d2563ccb3980
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

client-protocol
quic
date
Wed, 28 Dec 2022 15:01:16 GMT
x-restrict-formats-hint
None
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2442
last-modified
Thu, 10 Nov 2022 00:34:34 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://www.youtube-nocookie.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube-nocookie.com
expires
Wed, 28 Dec 2022 15:01:16 GMT
videoplayback
rr3---sn-4g5e6nzs.googlevideo.com/ Frame 2498 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rr3---sn-4g5e6nzs.googlevideo.com/videoplayback?expire=1672261275&ei=O1qsY4_IHomggAeJ8ZK4DQ&ip=2001%3Aac8%3A20%3A272%3A%3A2e&id=o-ACOzf9lwf5UkvOOabCiDjhUNFe3hGsqiP_y06up8uzaT&itag=251&source=youtube&requiressl=yes&mh=Bj&mm=31%2C29&mn=sn-4g5e6nzs%2Csn-4g5ednd7&ms=au%2Crdu&mv=m&mvi=3&pl=53&initcwndbps=352500&spc=zIddbGQMFX5WBwtgmj9-UzfJ74TDNGk&vprv=1&mime=audio%2Fwebm&ns=AN6IZKjDWzjNGtgA2YLJRE4K&gir=yes&clen=23816895&otfp=1&dur=1692.241&lmt=1652428919660805&mt=1672239440&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&txp=6211224&n=DvEmLG_QE7khBA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRAIgPhu2p8aUQ3plsJkz1t6SZCALPe9wY2UzJ8GB-IjtZpUCICL1srZ0vSVNIsGhtEOz48PbFuZJfQuB2-mUn2BQB9AH&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgEhWFa69J1IVVyv_uxFbZJHXGgC2uKCTmn9N_K4OrWfcCIFH9SYp1InLqJjSLP_pAYV4QpDHf8F9bEoc7rpCS-28z&alr=yes&cpn=7pwtTVc2q8Z9Ogw0&cver=1.20221218.00.00&range=68740-134275&rn=4&rbuf=3618&pot=D-fnqIssDlnJ59-5ggihW1EGDfurH_h8xEHN9rxBac5JXQ6nnCwaFgGKmXb1KIzKuzg_2X1uEpt-xd6bJja-2Tn8LbixdP8lpGnVwx4gJgOd_BedC2MG17aVEJCFaKAdmqzLoSs=
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/21149d65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:4c::8 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

client-protocol
quic
date
Wed, 28 Dec 2022 15:01:16 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65536
last-modified
Fri, 13 May 2022 08:01:59 GMT
server
gvs 1.0
vary
Origin
content-type
audio/webm
access-control-allow-origin
https://www.youtube-nocookie.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=21299
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://www.youtube-nocookie.com
expires
Wed, 28 Dec 2022 15:01:16 GMT
event
widget.us.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=%5B95245%2C84888%2C86919%5D&v=5.12.3&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fhlthsol.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis%26a%3D%255B86919%...
  • https://widget.us.criteo.com/event?a=%5B95245%2C84888%2C86919%5D&v=5.12.3&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fhlthsol.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis%26a%3D%255B86919%...
20 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.us.criteo.com/event?a=%5B95245%2C84888%2C86919%5D&v=5.12.3&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fhlthsol.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis%26a%3D%255B86919%252C95245%252C95245%252C84888%252C86919%255D&adce=1&bundle=eMTf1V90dk5FU1VKcXlYUlRVU3B1b3RueVUzdk5uQVVQOGJ3Z0xaZVUlMkZUajdMS09YSjNxZk1YdnFFWmh5eGJaTiUyRmtYVlNpRWxTZno5RnNjTkVnNHlQcU5tcGIyekRPOFI4OTNFaFdJTkU2aDhFa0p0S1Z6a2xQMGxNcHVkZFRobnMxczFkSTMxVGxMcTY0NVB3UDVaNFpwVWJZOUlZOFE4bHVJRmNMJTJCYU5wU3VDTUElM0Q&tld=liverhealthsupport.com&dy=1&fu=https%253A%252F%252Fliverhealthsupport.com%252Fpresentation%253Futm_source%253Dcpa%2526utm_medium%253Deverliver%2526utm_content%253Dlivervsl%2526utm_campaign%253Dlivercpa%2526affid%253D361%2526oid%253D31%2526uid%253D%2526_ef_transaction_id%253D%2526n%253D631%2526oid%253D31%2526affid%253D361%2526sub1%253Dmwfagif1227mwfagif%2526creative_id%253D4&pu=https%253A%252F%252Fhlthsol.com%252F&dtycbr=24374
Requested by
Host: liverhealthsupport.com
URL: https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4
Protocol
H2
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
fe62678df5dd6eaef3645f7a8fa25ef02f858b6324879e14c059c0bbc6cd0e06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Dec 2022 15:01:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
31927058
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Wed, 28 Dec 2022 15:01:15 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://widget.us.criteo.com/event?a=%5B95245%2C84888%2C86919%5D&v=5.12.3&p0=e%3Dexd%26site_type%3Dd%26ref%3Dhttps%253A%252F%252Fhlthsol.com&p1=e%3Dvh&p2=e%3Dvp%26p%3D1&p3=e%3Ddis%26a%3D%255B86919%252C95245%252C95245%252C84888%252C86919%255D&adce=1&bundle=eMTf1V90dk5FU1VKcXlYUlRVU3B1b3RueVUzdk5uQVVQOGJ3Z0xaZVUlMkZUajdMS09YSjNxZk1YdnFFWmh5eGJaTiUyRmtYVlNpRWxTZno5RnNjTkVnNHlQcU5tcGIyekRPOFI4OTNFaFdJTkU2aDhFa0p0S1Z6a2xQMGxNcHVkZFRobnMxczFkSTMxVGxMcTY0NVB3UDVaNFpwVWJZOUlZOFE4bHVJRmNMJTJCYU5wU3VDTUElM0Q&tld=liverhealthsupport.com&dy=1&fu=https%253A%252F%252Fliverhealthsupport.com%252Fpresentation%253Futm_source%253Dcpa%2526utm_medium%253Deverliver%2526utm_content%253Dlivervsl%2526utm_campaign%253Dlivercpa%2526affid%253D361%2526oid%253D31%2526uid%253D%2526_ef_transaction_id%253D%2526n%253D631%2526oid%253D31%2526affid%253D361%2526sub1%253Dmwfagif1227mwfagif%2526creative_id%253D4&pu=https%253A%252F%252Fhlthsol.com%252F&dtycbr=24374
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
8014525
timing-allow-origin
*
content-length
0
expires
0
generate_204
www.youtube-nocookie.com/ Frame 2498 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube-nocookie.com/generate_204?RmoJsA
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/34Ghtv78eBc?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube-nocookie.com/embed/34Ghtv78eBc?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
qoe
www.youtube-nocookie.com/api/stats/ Frame 2498 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/api/stats/qoe?fmt=134&afmt=251&cpn=7pwtTVc2q8Z9Ogw0&el=embedded&ns=yt&fexp=23983296%2C24001373%2C24002022%2C24002025%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24219382%2C24255165%2C24292955%2C24390013%2C24406621%2C24415864%2C24416291%2C24416437&cl=496261446&seq=2&docid=34Ghtv78eBc&ei=O1qsY4_IHomggAeJ8ZK4DQ&event=streamingstats&plid=AAXw5KPW5vl8ZpgE&referrer=https%3A%2F%2Fwww.youtube-nocookie.com%2Fembed%2F34Ghtv78eBc%3Fenablejsapi%3D1%26playsinline%3D1%26rel%3D0%26controls%3D0%26showinfo%3D0%26autoplay%3D1%26modestbranding%3D1%26iv_load_policy%3D3&cbr=Chrome&cbrver=108.0.5359.124&c=WEB_EMBEDDED_PLAYER&cver=1.20221218.00.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cat=otfp&cmt=0.462:0.000,0.745:0.000,0.746:0.000&vps=0.462:N,0.745:SU,0.746:SU&ctmp=dompaused:t.463;r.promise;m.NotAllowedError&bat=0.746:1:1&bh=0.746:0.000
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/21149d65/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Video Stats Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube-nocookie.com/embed/34Ghtv78eBc?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-YouTube-Client-Version
1.20221218.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtVMk5xSkxOdFRyRSi7tLGdBg%3D%3D
X-YouTube-Ad-Signals
dt=1672239675314&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C920%2C518&vis=1&wgl=true&ca_type=image

Response headers

pragma
no-cache
date
Wed, 28 Dec 2022 15:01:16 GMT
x-content-type-options
nosniff
server
Video Stats Server
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ 		20 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Requested by
Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.liverhealthformula.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.92.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-92-153.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
7573b10466c66e9de1ae8a229abcbc963f985bcb6b1f05d6591bf3a13ceabe4f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://liverhealthsupport.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/json

Response headers

date
Wed, 28 Dec 2022 15:01:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
FRA56-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
date, x-api-id
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
9qqHxYzvvGtY04_oDgHfKLZtSju0cLcdGG927kEAmIJBijlNjky2wg==
content-length
35
apigw-requestid
d3MJfip2IAMESDg=
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ 		20 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Requested by
Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.liverhealthformula.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.92.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-92-153.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
7573b10466c66e9de1ae8a229abcbc963f985bcb6b1f05d6591bf3a13ceabe4f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://liverhealthsupport.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/json

Response headers

date
Wed, 28 Dec 2022 15:01:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
FRA56-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
date, x-api-id
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Tlc4U8QJim9PDU7CB-0CYxnOx-cq_uneCKCoRNHvOemcksHiN43cyA==
content-length
35
apigw-requestid
d3MJfhLOoAMEaVw=
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.92.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-92-153.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://liverhealthsupport.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
300
age
47964
alt-svc
h3=":443"; ma=86400
apigw-requestid
d1XDCiUWIAMEVVw=
content-length
0
date
Wed, 28 Dec 2022 01:41:52 GMT
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-id
GzmJnHg9MSSi6BQxhKucwH2RGJj-PlPrusAmZtILQIPr07JBQpRhRQ==
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.92.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-92-153.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://liverhealthsupport.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
300
age
47964
alt-svc
h3=":443"; ma=86400
apigw-requestid
d1XDCiUWIAMEVVw=
content-length
0
date
Wed, 28 Dec 2022 01:41:52 GMT
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-id
5eF7amYoLxBKpcaKF5xLsKGKcmWnDQ97buDYTeYQvYrz-ApteuJsQA==
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1181125052062198&ev=Microdata&dl=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Deverliver%26utm_content%3Dlivervsl%26utm_campaign%3Dlivercpa%26affid%3D361%26oid%3D31%26uid%3D%26_ef_transaction_id%3D%26n%3D631%26oid%3D31%26affid%3D361%26sub1%3Dmwfagif1227mwfagif%26creative_id%3D4&rl=https%3A%2F%2Fhlthsol.com%2F&if=false&ts=1672239676259&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Liver%20Health%20Formula%20%7C%20PureHealth%20Research%22%2C%22meta%3Akeywords%22%3A%22liver%20supplements%2C%20healthy%20liver%2C%20protect%20liver%2C%20healthy%20liver%2C%20liver%20boost%2C%20liver%20balance%2C%20liver%20detox%2C%20liver%20guard%2C%20no%20side%20effects%22%2C%22meta%3Adescription%22%3A%22Liver%20Health%20Formula%20supports%20detox%2C%20reduces%20fibroids%20%26%20fatty%20deposits%2C%20balances%20immunity%2C%20blocks%20toxins%2C%20improves%20blood%20flow%20%26%20bile.%20Try%20it%20now!%22%7D&cd[OpenGraph]=%7B%22og%3Adescription%22%3A%22Liver%20Health%20Formula%20supports%20detox%2C%20reduces%20fibroids%20%26%20fatty%20deposits%2C%20balances%20immunity%2C%20blocks%20toxins%2C%20improves%20blood%20flow%20%26%20bile.%20Try%20it%20now!%22%2C%22og%3Akeywords%22%3A%22liver%20supplements%2C%20healthy%20liver%2C%20protect%20liver%2C%20healthy%20liver%2C%20liver%20boost%2C%20liver%20balance%2C%20liver%20detox%2C%20liver%20guard%2C%20no%20side%20effects%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1672239675750.1697840126&it=1672239675157&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: liverhealthsupport.com
URL: https://liverhealthsupport.com/presentation?utm_source=cpa&utm_medium=everliver&utm_content=livervsl&utm_campaign=livercpa&affid=361&oid=31&uid=&_ef_transaction_id=&n=631&oid=31&affid=361&sub1=mwfagif1227mwfagif&creative_id=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 28 Dec 2022 15:01:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ 		20 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Requested by
Host: d9i5ve8f04qxt.cloudfront.net
URL: https://d9i5ve8f04qxt.cloudfront.net/UC/62/uca/0.1.0/js/collect-g.js?mid=PHR1&channel=secure.liverhealthformula.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.92.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-92-153.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
7573b10466c66e9de1ae8a229abcbc963f985bcb6b1f05d6591bf3a13ceabe4f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://liverhealthsupport.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/json

Response headers

date
Wed, 28 Dec 2022 15:01:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
FRA56-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
date, x-api-id
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
l0IWXa2Zhv17G58NX7KpDGo-xSHy5KNO9qZV-l0sYvVfXRUbM8S26A==
content-length
35
apigw-requestid
d3MJihyMIAMEacw=
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1181125052062198&ev=ViewContent&dl=https%3A%2F%2Fliverhealthsupport.com%2Fpresentation%3Futm_source%3Dcpa%26utm_medium%3Deverliver%26utm_content%3Dlivervsl%26utm_campaign%3Dlivercpa%26affid%3D361%26oid%3D31%26uid%3D%26_ef_transaction_id%3D%26n%3D631%26oid%3D31%26affid%3D361%26sub1%3Dmwfagif1227mwfagif%26creative_id%3D4&rl=https%3A%2F%2Fhlthsol.com%2F&if=false&ts=1672239676576&sw=1600&sh=1200&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=2&o=30&fbp=fb.1.1672239675750.1697840126&it=1672239675157&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://liverhealthsupport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 28 Dec 2022 15:01:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
sync
x.bidswitch.net/ul_cb/ Frame BDAA
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-QQnu07raGaegbaIyIDiyj7OhiVF00svqcWug4g&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-QQnu07raGaegbaIyIDiyj7OhiVF00svqcWug4g&expires=30
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-QQnu07raGaegbaIyIDiyj7OhiVF00svqcWug4g&expires=30
Protocol
H2
Server
18.197.41.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-197-41-16.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-QQnu07raGaegbaIyIDiyj7OhiVF00svqcWug4g&expires=30
date
Wed, 28 Dec 2022 15:01:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame BDAA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-Vwk9trraGaegbaIyIDiyj7OhiVHyEMuHJIwxNg&google_cm&google_hm=ay1Wd2s5dHJyYUdhZWdiYUl5SURpeWo3T2hpVkh5RU11S...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Vwk9trraGaegbaIyIDiyj7OhiVHyEMuHJIwxNg&google_gid=CAESELGKdDNpFQgwmj1EjoRdeCU&google_cver=1&google_ula=913071,0
43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Vwk9trraGaegbaIyIDiyj7OhiVHyEMuHJIwxNg&google_gid=CAESELGKdDNpFQgwmj1EjoRdeCU&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Dec 2022 15:01:15 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1262845
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Dec 2022 15:01:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-Vwk9trraGaegbaIyIDiyj7OhiVHyEMuHJIwxNg&google_gid=CAESELGKdDNpFQgwmj1EjoRdeCU&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame BDAA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1828094294962135075
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1828094294962135075
Protocol
H2
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Dec 2022 15:01:16 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1911071
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 28 Dec 2022 15:01:16 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
146.70.117.110; 146.70.117.110; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
75df2ddb-b2c6-4d4b-bd10-60276fe63596
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1828094294962135075
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
r.casalemedia.com/ Frame BDAA
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5a9m-rraGaegbaIyIDiyj7OhiVGVfvmnyvyDqQ
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5a9m-rraGaegbaIyIDiyj7OhiVGVfvmnyvyDqQ&C=1
43 B
868 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-5a9m-rraGaegbaIyIDiyj7OhiVGVfvmnyvyDqQ&C=1
Protocol
H3
Server
104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Dec 2022 15:01:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TE7wVm6ZVf3aENrxrCjL0c%2BK7po%2Bib8Zm1rBHAWARNLM6VvCgc9CzlEKjc6D6rn5vXQZ100HL7LGLAWXfoYLzWLkIXS5fZEiEWhKxFX2RXs%2BcfUEIS1LM9jxpL3yKeWD3BI0"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
780b2b9bbeb49b71-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 28 Dec 2022 15:01:16 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6ixSJPO5MrOXpLuCkmcn%2FhOpC10Y6GvndVxSsm8WjN2cawKjuk7BCjTJK%2FdX4sZq59qFVtqD%2BfDLrLsNvNbjBlR2JAHVUXSdQdd98NTzHjidPIKLTdPFPpNHfSmm3Li%2F8Uv"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=20&external_user_id=k-5a9m-rraGaegbaIyIDiyj7OhiVGVfvmnyvyDqQ&C=1
cache-control
no-cache
cf-ray
780b2b9b7d6e5ca4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
match
ad.360yield.com/ul_cb/ Frame BDAA
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-7z3bq7raGaegbaIyIDiyj7OhiVFOdfbKdUyHPA
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-7z3bq7raGaegbaIyIDiyj7OhiVFOdfbKdUyHPA
43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-7z3bq7raGaegbaIyIDiyj7OhiVFOdfbKdUyHPA
Protocol
H2
Server
35.158.55.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-158-55-96.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 28 Dec 2022 15:01:16 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-7z3bq7raGaegbaIyIDiyj7OhiVFOdfbKdUyHPA
date
Wed, 28 Dec 2022 15:01:16 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cksync.php
contextual.media.net/ Frame BDAA 		45 B
785 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-h-OzqLraGaegbaIyIDiyj7OhiVFkkJ5mYz8exQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 28 Dec 2022 15:01:16 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 28 Dec 2022 15:01:16 GMT
cookie-sync
sync.outbrain.com/ Frame BDAA 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-RXqXk7raGaegbaIyIDiyj7OhiVEtq6O26kfYxQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 28 Dec 2022 15:01:16 GMT
Cache-Control
no-cache
X-TraceId
ba1520f8593ea63509b6917796298369
Content-Length
0
tap.php
pixel.rubiconproject.com/ Frame BDAA 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-o123PLraGaegbaIyIDiyj7OhiVEOSEhmiEH2Zg&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame BDAA 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-NfwH_rraGaegbaIyIDiyj7OhiVFbijPBhXpmOw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.18.221 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-18-221.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:16 GMT
/
rtb-csync.smartadserver.com/redir/ Frame BDAA 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-K85hErraGaegbaIyIDiyj7OhiVG04vNYQlDt9w
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:15 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame BDAA 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-sZfGtLraGaegbaIyIDiyj7OhiVFdHCR490UcSA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:16 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
15191
um
criteo-sync.teads.tv/ Frame BDAA 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-uUHdNLraGaegbaIyIDiyj7OhiVFvPm22xomj3w
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Wed, 28 Dec 2022 15:01:16 GMT
pragma
no-cache
date
Wed, 28 Dec 2022 15:01:16 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame BDAA 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-E6Up8rraGaegbaIyIDiyj7OhiVE3h5uwgEUxyA&dongle=013b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:16 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame BDAA
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QWSIM7raGaegbaIyIDiyj7OhiVE9kx9gYQalYA
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QWSIM7raGaegbaIyIDiyj7OhiVE9kx9gYQalYA&verify=true
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QWSIM7raGaegbaIyIDiyj7OhiVE9kx9gYQalYA&verify=true
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:16 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-QWSIM7raGaegbaIyIDiyj7OhiVE9kx9gYQalYA&verify=true
date
Wed, 28 Dec 2022 15:01:16 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
put
e1.emxdgt.com/ Frame BDAA 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-Ml4_prraGaegbaIyIDiyj7OhiVEvzVZ8VkVu9Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.156.32.70 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-32-70.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:16 GMT
content-length
0
content-type
text/html
pixel
cm.adform.net/ Frame BDAA 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-LHUXhrraGaegbaIyIDiyj7OhiVEvvnV9CpT59A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:16 GMT
last-modified
Wed, 11 Oct 2017 13:39:07 GMT
server
nginx
accept-ranges
bytes
etag
"59de1efb-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame BDAA 		49 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-RH7mIbraGaegbaIyIDiyj7OhiVFGyXg-WHVE_A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Dec 2022 15:01:16 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
content-length
49
expires
0
demconf.jpg
dpm.demdex.net/ Frame BDAA
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=kTOIu25bNIFEayn_M67h7goE0ImZkDFm
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=kTOIu25bNIFEayn_M67h7goE0ImZkDFm
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=kTOIu25bNIFEayn_M67h7goE0ImZkDFm
Protocol
HTTP/1.1
Server
52.209.194.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-194-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-061dae83e.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
8D69+1awRcs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v045-0f45dc272.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
5QaSZpjzTAk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=kTOIu25bNIFEayn_M67h7goE0ImZkDFm
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame BDAA 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-12pCRbraGaegbaIyIDiyj7OhiVEGn-rmQSRdIA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 28 Dec 2022 15:01:16 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
sync
matching.ivitrack.com/ Frame BDAA 		42 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-_V74aLraGaegbaIyIDiyj7OhiVG4hnktvHNXEQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:16 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame BDAA 		0
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-51UCNLraGaegbaIyIDiyj7OhiVH9bOmv898vOQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.167.117 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-167-117.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 15:01:16 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame BDAA 		42 B
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-Q-dcj7raGaegbaIyIDiyj7OhiVEbZfNuQNU-IQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 28 Dec 2022 15:01:15 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
criteo-partners.tremorhub.com/ Frame BDAA 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-IOalILraGaegbaIyIDiyj7OhiVHCiBm6JIC8nw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:67a8:6f4b:2275:f8f4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Wed, 28 Dec 2022 15:01:17 GMT
server
Apache-Coyote/1.1
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame BDAA 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-yEZaj7raGaegbaIyIDiyj7OhiVFJC9inmpVAHA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.30
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 28 Dec 2022 15:01:16 GMT
server
Apache
x-powered-by
PHP/7.3.30
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame BDAA 		0
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k--IvEk7raGaegbaIyIDiyj7OhiVGlgX290o-xMg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-132-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 28 Dec 2022 15:01:16 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Tue, 27 Dec 2022 15:01:16 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame BDAA 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-6YxUtrraGaegbaIyIDiyj7OhiVEQu_BCQIksow&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.179.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-179-95.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 28 Dec 2022 15:01:16 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
rt
d1pqvb2h9xgm7r.cloudfront.net/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://d1pqvb2h9xgm7r.cloudfront.net/v1/rt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.66.92.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-92-153.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://liverhealthsupport.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
300
age
47964
alt-svc
h3=":443"; ma=86400
apigw-requestid
d1XDCiUWIAMEVVw=
content-length
0
date
Wed, 28 Dec 2022 01:41:52 GMT
via
1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-id
1K03jo7MDDnOl_LD0mvhunnsgwz3S3ThiNvGyyiCi-Pv7YKjxRjXHg==
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
usermatch.gif
beacon.krxd.net/ Frame BDAA
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=xydmkxfi_fmFWqrjjmQZTvS2Ul9AY4LA
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=xydmkxfi_fmFWqrjjmQZTvS2Ul9AY4LA
Protocol
H2
Server
54.155.45.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-45-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by
beacon-n012-dub-prod.krxd.net
date
Wed, 28 Dec 2022 15:01:16 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1672239676
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=xydmkxfi_fmFWqrjjmQZTvS2Ul9AY4LA
date
Wed, 28 Dec 2022 15:01:16 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
5304908
content-length
0
cs
s.thebrighttag.com/ Frame BDAA
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=jJqGAAH1MSuRantjXoo1ep5MrB_Yndqm
35 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=jJqGAAH1MSuRantjXoo1ep5MrB_Yndqm
Protocol
H2
Server
18.188.123.24 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-188-123-24.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Dec 2022 15:01:17 GMT
x-bt-requestid
7aecb750-86c0-11ed-a4ff-0000ac170375
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=jJqGAAH1MSuRantjXoo1ep5MrB_Yndqm
date
Wed, 28 Dec 2022 15:01:16 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
894009
content-length
0
log_event
www.youtube-nocookie.com/youtubei/v1/ Frame 2498 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube-nocookie.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/21149d65/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
X-Goog-Request-Time
1672239678246
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube-nocookie.com/embed/34Ghtv78eBc?enablejsapi=1&playsinline=1&rel=0&controls=0&showinfo=0&autoplay=1&modestbranding=1&iv_load_policy=3
X-YouTube-Client-Version
1.20221218.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtVMk5xSkxOdFRyRSi7tLGdBg%3D%3D
X-YouTube-Ad-Signals
dt=1672239675247&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C920%2C518&vis=1&wgl=true&ca_type=image

Response headers

date
Wed, 28 Dec 2022 15:01:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Wed, 28 Dec 2022 15:01:18 GMT

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| oncontentvisibilityautostatechange object| dataLayer function| Swiper object| lazySizesConfig object| lazySizes function| smoothScrollTo function| calculateScrollTopPosition function| init function| adjustVideoPlayerSize function| getVideoStartTime function| onProgress function| updateTime function| onYouTubeIframeAPIReady function| videoChangeGo function| setTapImageSource function| showElement function| hideElement function| isFacebookApp function| handleKeyboardEvent object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq string| deviceType object| criteo_q string| TiktokAnalyticsObject object| ttq object| _adftrack function| twq object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| gaplugins object| google_optimize object| gaGlobal object| gaData function| UET function| UET_init function| UET_push object| Criteo object| ueto_c7b3a1da15 object| uetq1 object| regeneratorRuntime object| twttr object| EF object| TimeMe boolean| _ucaloaded string| _ucav function| ucGetCssSelectorShort function| ucParentsCalc function| ucCalculateSelector function| ucaPushPageEvent object| _uca number| c_start function| ucaEvent boolean| ucaInit function| gtag object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks function| ucAnpFailback function| ucAnpCallback object| Adform object| KJUR object| adf

66 Cookies

Domain/Path Name / Value
hlthsol.com/ Name: prli_click_19
Value: b4eh
hlthsol.com/ Name: prli_visitor
Value: 63ac5a3a4555f
.youtube.com/ Name: YSC
Value: d7KxIqqsywU
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: wzxkz91vHfQ
.liverhealthsupport.com/ Name: _gcl_au
Value: 1.1.1473465530.1672239675
.bing.com/ Name: MUID
Value: 1ACBD15FE8B060752EA7C3D7E9DB615C
.liverhealthsupport.com/ Name: _ga
Value: GA1.2.2109794148.1672239675
.liverhealthsupport.com/ Name: _gid
Value: GA1.2.1394885107.1672239675
.liverhealthsupport.com/ Name: _gat_UA-55722554-1
Value: 1
.liverhealthsupport.com/ Name: _uetsid
Value: 79bf0b8086c011ed990fe3e6a3a7545b
.liverhealthsupport.com/ Name: _uetvid
Value: 79bf1fa086c011edb5de0f7aa64aa375
.tiktok.com/ Name: _ttp
Value: 2JY0OO2LNmWOiVmqvB17wgORL2e
.criteo.com/ Name: uid
Value: 8cc5269d-d817-4dad-8bb3-c47fd518a000
secure.liverhealthformula.com/ Name: AWSALBCORS
Value: UycLnYQ3+L2kBLdTc6I4Y/9U5ERvxhngFMhLfvibpVTWSmMFZsVeAGyXjLrrnarbjGgqRB84DYjwshr5ia2OQwrbNoW5Zcjx2pZQaQHnSjcDB375xTCUkk+kcEnr
.t.co/ Name: muc_ads
Value: b1e97aa0-3422-4305-92db-a5df0c337961
.twitter.com/ Name: guest_id_marketing
Value: v1%3A167223967536078694
.twitter.com/ Name: guest_id_ads
Value: v1%3A167223967536078694
.twitter.com/ Name: personalization_id
Value: "v1_LKOgcaT8caT7U7C6hEWOug=="
.twitter.com/ Name: guest_id
Value: v1%3A167223967536078694
.liverhealthsupport.com/ Name: ucacid
Value: 1672278795.307669
.liverhealthsupport.com/ Name: _tt_enable_cookie
Value: 1
.liverhealthsupport.com/ Name: _ttp
Value: P-hAS9r23_9b0qSUHCDx_sEAfKc
.liverhealthsupport.com/ Name: _fbp
Value: fb.1.1672239675750.1697840126
.adform.net/ Name: C
Value: 1
.liverhealthsupport.com/ Name: cto_bundle
Value: eMTf1V90dk5FU1VKcXlYUlRVU3B1b3RueVUzdk5uQVVQOGJ3Z0xaZVUlMkZUajdMS09YSjNxZk1YdnFFWmh5eGJaTiUyRmtYVlNpRWxTZno5RnNjTkVnNHlQcU5tcGIyekRPOFI4OTNFaFdJTkU2aDhFa0p0S1Z6a2xQMGxNcHVkZFRobnMxczFkSTMxVGxMcTY0NVB3UDVaNFpwVWJZOUlZOFE4bHVJRmNMJTJCYU5wU3VDTUElM0Q
.adform.net/ Name: uid
Value: 3346066402981153084
secure2.liverhealthformula.com/ Name: AWSALBCORS
Value: 2+m2L+tyTvOlhiUJgZXPaQOjILnN77hLdWuwq9WvtH33t7+lfPoXIfIC0J0LwVWxaHWrZt5/5ry20MuYiQ7clDDPunrmRaKIDZiwEsXoRBEzMOOOLABZZVO6a7c2
www.ibph4trk.com/ Name: uniqueClick
Value: 5a7a39e6-e179-41da-94a0-892dc2cc1cb3:1672239676
www.ibph4trk.com/ Name: transaction_id
Value: ec0e7e687de34f9087c45c9260631e33
liverhealthsupport.com/ Name: ef_tid_c_o_31
Value: ec0e7e687de34f9087c45c9260631e33
liverhealthsupport.com/ Name: ef_tid_c_a_1
Value: ec0e7e687de34f9087c45c9260631e33
.adnxs.com/ Name: uuid2
Value: 1828094294962135075
.bidswitch.net/ Name: tuuid
Value: 4ea77e06-9d5c-4b09-b55b-a9bf338b8de6
.bidswitch.net/ Name: c
Value: 1672239676
.bidswitch.net/ Name: tuuid_lu
Value: 1672239676
.360yield.com/ Name: tuuid
Value: c66ff73d-334e-468c-b192-f56eb9fbd470
.360yield.com/ Name: tuuid_lu
Value: 1672239676
.doubleclick.net/ Name: IDE
Value: AHWqTUkHrSuzfonZ_RNUhiRTy3C1Xu4-2PuIKrjpLOIPcRTutXoeVh2JPrcLL7MtB5U
.360yield.com/ Name: um
Value: !38,Hgna7KQ4cxq-kQL9TcwMCeGKeddMxVCq7QsZPmYm.vT5jcbaV94dV-LFFtlOR16MahO9haRy,1680015676
.360yield.com/ Name: umeh
Value: !38,0,1734447676,-1
.casalemedia.com/ Name: CMID
Value: Y6xaPJAw8yGHUNvVSUD.zAAA
.casalemedia.com/ Name: CMPS
Value: 5148
.casalemedia.com/ Name: CMPRO
Value: 5148
.media.net/ Name: visitor-id
Value: 3152412769111864000V10
.media.net/ Name: data-c-ts
Value: 1672239676
.media.net/ Name: data-c
Value: k-h-OzqLraGaegbaIyIDiyj7OhiVFkkJ5mYz8exQ~~3
.demdex.net/ Name: demdex
Value: 29217534433003612962736321484095298856
.casalemedia.com/ Name: CMTS
Value: 3261
.yahoo.com/ Name: A3
Value: d=AQABBDxarGMCEKurwZCM4-n9xcjJ_fv-8toFEgEBAQGrrWO2YwAAAAAA_eMAAA&S=AQAAAoyZoXBu-zk4dXlTUc7t4XE
.analytics.yahoo.com/ Name: IDSYNC
Value: 18zh~293r
.dpm.demdex.net/ Name: dpm
Value: 29217534433003612962736321484095298856
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%227aa9e1f0-86c0-11ed-8b1b-a57ce38a5b2f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%227aa9e1f0-86c0-11ed-8b1b-a57ce38a5b2f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%227aa9e1f0-86c0-11ed-8b1b-a57ce38a5b2f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%227aa9e1f0-86c0-11ed-8b1b-a57ce38a5b2f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-51UCNLraGaegbaIyIDiyj7OhiVH9bOmv898vOQ%22%2C%22version%22%3A%22criteo%22%7D
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-Q-dcj7raGaegbaIyIDiyj7OhiVEbZfNuQNU-IQ&KRTB&23144-uid:k-Q-dcj7raGaegbaIyIDiyj7OhiVEbZfNuQNU-IQ&KRTB&23286-uid:k-Q-dcj7raGaegbaIyIDiyj7OhiVEbZfNuQNU-IQ&KRTB&23287-uid:k-Q-dcj7raGaegbaIyIDiyj7OhiVEbZfNuQNU-IQ
.pubmatic.com/ Name: PugT
Value: 1672239675
.krxd.net/ Name: _kuid_
Value: PSPMtvaI
liverhealthsupport.com/ Name: watvideotime
Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10720395.fls.doubleclick.net
a.twiago.com
a1.adform.net
ad.360yield.com
ad.yieldlab.net
adservice.google.com
adservice.google.de
analytics.tiktok.com
analytics.twitter.com
bat.bing.com
beacon.krxd.net
click.doityourselfhealthcare.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d1pqvb2h9xgm7r.cloudfront.net
d9i5ve8f04qxt.cloudfront.net
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
fonts.gstatic.com
gum.criteo.com
hlthsol.com
i.ytimg.com
ib.adnxs.com
id5-sync.com
jnn-pa.googleapis.com
liverhealthsupport.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pixel.rubiconproject.com
r.casalemedia.com
rr3---sn-4g5e6nzs.googlevideo.com
rtb-csync.smartadserver.com
s.thebrighttag.com
s2.adform.net
secure.liverhealthformula.com
secure2.liverhealthformula.com
simage2.pubmatic.com
sslwidget.criteo.com
static.ads-twitter.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
t.co
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.us.criteo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.ibph4trk.com
www.youtube-nocookie.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
104.126.37.42
104.18.33.19
104.244.42.131
104.244.42.133
13.248.245.213
13.32.118.208
141.226.228.48
141.95.98.64
142.250.186.38
146.75.120.157
170.187.185.18
178.250.0.163
178.250.2.146
178.250.2.151
18.156.32.70
18.188.123.24
18.196.167.117
18.197.41.16
18.66.92.153
184.30.20.22
185.255.84.153
185.64.190.80
185.86.137.133
198.211.101.149
216.58.212.162
23.218.209.56
2600:1f18:612b:4264:67a8:6f4b:2275:f8f4
2620:1ec:c11::200
2a00:1450:4001:4c::8
2a00:1450:4001:802::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:810::200e
2a00:1450:4001:827::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::200e
2a00:1450:400c:c0b::9c
2a00:1450:400d:806::2016
2a00:1450:400d:80e::2003
2a02:2638:1::13
2a02:2638:1::3
2a02:2638:1::d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a06:98c1:3121::3
3.126.56.137
3.64.18.221
34.117.157.22
35.158.55.96
35.244.130.28
37.157.2.249
37.157.3.28
37.157.4.24
37.252.171.149
52.209.194.100
52.5.162.24
52.54.104.83
54.155.179.95
54.155.45.178
69.173.144.138
70.42.32.31
74.119.119.150
85.215.5.31
96.16.132.239
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
060a68e01bc020ef6e13e388a78b47047fd61069b5c3e77bdb3a08f3f1367281
161f3517a3c23cc59fde7fbeb4aa6e4aa0cf1e4e3e4751f3b77d62f56fa74214
207134dc29076619b069387b3315756c653b68d23965ba9233ca128cbbd872e6
29a19a25375c0ae5c0d58bb8f23cc2916423369de5822a6e23bd760eacb1fe9c
2d01982abbbe21c9f64c88a3bc5c0008c69603b7772de84594efa286b71badf0
31a833fe17d971c72b398404d6c4b340214ff2e88ef7c45e414797e844683057
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40688aa5acbd42899bdabcd5bb6f6ed8b113a59cfc183c79df5a8ff23fb1f325
45d4d6fe0a9cae467c6d81caef5edd008c13b70ba403979f979fb86d400378c7
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49df9116f57b85bfe106cfc8d6356ccaa0ffb99177b05906a7ed90dc15ecbd5f
4a432f50ced3c08097f1924b0039849937279cf85941afd4e61798c4c19d1855
4c1daf48486a8152e09c649ac5e8d83ed2b0a54a54643e2df417abe9aaaca92d
4c4ba8b9b67465641b469f5945a574d8c55321f1b5041b6d9f760552d940f07e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ffc65278248e3f14612e22697a4c986834ad35cdd11855ef9e9dc610c16df8
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
60ba83226e9405d8476c66221e576048008a3ee5f08aea6857b7217fb0a97d12
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6cba4d9a917e024a2026f9f0aacc80e5a2cf92cf9bd89e4f522927f6e4089589
6efa775a864aba5b3b1bc9ce6335a617693c712d3a65633cbe6751fa1d291a9c
70bbbd70363d60317b194b1de26504ff9a5212406c9d46fba90baf182434d6dc
7573b10466c66e9de1ae8a229abcbc963f985bcb6b1f05d6591bf3a13ceabe4f
75f1dc4fc750739ea37d9adeecd99dc01bb8fc6129e8ac97b03af51c282026bd
79123f624f82c3669d83540e4211797320fbec6218419ac4c6c5a1ea9aaccac1
7da147cd7339064d283e22a1c6e575776403105c6dfc61d56dac76cc3b5b9fae
801142cac1a7b61ffb33866ffd9c5b2a3c01fdef085b0543814dfc19c87f8778
81709cc2ceb4b0e26ea2475bd845eca64e6461ce327902a50f87cc5aa44555eb
829c7877bfb8e7a4035ab45042628b24383575fe7f468d06d7bb99fc716d0f6f
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852d2dd8669405eaff3d86df48a9405f18152d10c42e46bbb7a00fa4881f2769
860621526f94df1e0bac3bad1e85b292f463838d48070ec756337e52c11908b5
89c5c43d87895db21c587a9fcddde239b02775d8efacafb179b5c30b1fe1b262
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b7e111fdc83dd99ae48ec5ee05aac2b597165d1eeda429bab29f77ded9c55b1
90505d1b0db5e6834f1f1797729fe80e6c427202bd3b6d01065430902207a0c4
9505467473c1648aa9e072460ba9f340d82c1dff8468fe01054c6df8d99cd40c
99ed5ba464b803737aece029468533dac3cdd53c8af00b043b7168ba11964f89
9c8c4819f65dd12131d77a7b5d4a5ef6ab87a7385ed7aaaab68ebca112c0b1ff
9f072bb00857ece10f9a2658259965d13829977f579b0ef493487ddae7192336
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad62a807d4eb49185d95ca8019ae53386b3c905775421f527e7070c1d9d07d2b
b12df28928ae6402d9d672b356057877a9829fb5701e913e162c03774ab4cec7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc4cdd16a3d7e0556eb1c69b5998c8847501e9339723b019eccbfce658303153
c4db351e7b79f5ed215ba61fae34b3eebc733da305e877826b17fc2de3c90cd8
c80bb2ba3604829807c84fa301922757a878225961b9d6bc7464d2563ccb3980
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d5bfa18b6ab7050b460cf37f7b3002f1b2a29bf454edfd61d3416d9849bac43e
d68c9ecb951aa1a3af288e3b7b7dc7944c3e485df5be778af4ff82b801899e18
d6c1aa198589b0a87b22f515905607c1c11839948491cea44a74b88116b40561
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e233701e3866df39a9394a392241a224dca10d2615d9dc61333c153dc2b21d9c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a25bae698d56eef9a18aa048a0239b5359554f5a8cc51c35a827f89c161de1
ee41d13427c9425be0624c2d73cb90458ecc4c40ee611a2adabe0ebd623c8153
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3c9c490753d8c2ee916dbb71fa03eebbb7a5895761be33df9eea5dba31c4c6
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f7c799d52bd02a772b232feec51bf5a52bdb992199e74115db81377aeb7fb36a
fa9e1743d3d96179a9cfe74a472235cea6d5451a02eb6f917f6df9737f9a6a8a
fe62678df5dd6eaef3645f7a8fa25ef02f858b6324879e14c059c0bbc6cd0e06