marieclairearabia.com Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Submission: On March 10 via manual (March 10th 2022, 1:14:46 pm UTC) from LB — Scanned from DE

Summary HTTP 107 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 35 IPs in 5 countries across 21 domains to perform 107 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is marieclairearabia.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 25th 2021. Valid for: a year.

This is the only time marieclairearabia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6 35	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.66.248.77 18.66.248.77	16509 (AMAZON-02) (AMAZON-02)
2	143.204.98.21 143.204.98.21	16509 (AMAZON-02) (AMAZON-02)
3	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1 3	54.229.233.249 54.229.233.249	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:2112:b600:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.123.86.254 3.123.86.254	16509 (AMAZON-02) (AMAZON-02)
5	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1 2	2a03:2880:f21... 2a03:2880:f21c:80e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
3	2606:4700::68... 2606:4700::6812:d941	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400c:c09::9d	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:fb:... 2a02:26f0:fb:199::26e5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	92.122.254.4 92.122.254.4	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
3	52.213.111.123 52.213.111.123	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
2	2600:9000:215... 2600:9000:2156:1800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	52.37.64.197 52.37.64.197	16509 (AMAZON-02) (AMAZON-02)
1	199.127.207.180 199.127.207.180	26120 (RHYTHMONE) (RHYTHMONE)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
3 4	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
107	35

35 2a06:98c1:3121::7 (United States) 6 redirects

ASN13335 (CLOUDFLARENET, US)

marieclairearabia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.248.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-77.dus51.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-21.fra50.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.229.233.249 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-233-249.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2112:b600:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.86.254 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-86-254.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f21c:80e5:face:b00c:0:4420 (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d941 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.izooto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5bab7fc2360eff3ab5718412f9f91999.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:fb:199::26e5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s8t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.122.254.4 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-254-4.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.213.111.123 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-111-123.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:1800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.37.64.197 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-64-197.us-west-2.compute.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.207.180 (United States)

ASN26120 (RHYTHMONE, US)

rs.gwallet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.130.49 (United States) 3 redirects

ASN54113 (FASTLY, US)

rtd-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	marieclairearabia.com 6 redirects marieclairearabia.com	780 KB
13	adsafeprotected.com pixel.adsafeprotected.com — Cisco Umbrella Rank: 521 static.adsafeprotected.com — Cisco Umbrella Rank: 500 dt.adsafeprotected.com — Cisco Umbrella Rank: 458	97 KB
11	googlesyndication.com 5bab7fc2360eff3ab5718412f9f91999.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 122 pagead2.googlesyndication.com — Cisco Umbrella Rank: 90	139 KB
8	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 stats.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 176	137 KB
8	teads.tv a.teads.tv — Cisco Umbrella Rank: 1118 s8t.teads.tv — Cisco Umbrella Rank: 5092 t.teads.tv — Cisco Umbrella Rank: 2303	133 KB
5	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 2150 bcp.crwdcntrl.net — Cisco Umbrella Rank: 691	29 KB
4	everesttech.net 3 redirects rtd-tm.everesttech.net — Cisco Umbrella Rank: 1825	1 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	677 B
4	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4644 buttons-config.sharethis.com — Cisco Umbrella Rank: 5510 l.sharethis.com — Cisco Umbrella Rank: 4230	49 KB
3	izooto.com cdn.izooto.com — Cisco Umbrella Rank: 14439	48 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 525 syndication.twitter.com — Cisco Umbrella Rank: 769	133 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	201 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8832 www.google.de — Cisco Umbrella Rank: 6433	1 KB
2	instagram.com 1 redirects www.instagram.com — Cisco Umbrella Rank: 1070	5 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	63 KB
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 567	167 B
1	gwallet.com rs.gwallet.com — Cisco Umbrella Rank: 16276	391 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	31 KB
0	btrll.com Failed segs.btrll.com Failed
107	21

	Domain	Requested by
35	marieclairearabia.com	6 redirects marieclairearabia.com
8	dt.adsafeprotected.com	marieclairearabia.com
5	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net marieclairearabia.com
4	rtd-tm.everesttech.net	3 redirects marieclairearabia.com
4	www.facebook.com	marieclairearabia.com
3	pixel.adsafeprotected.com	marieclairearabia.com static.adsafeprotected.com
3	s8t.teads.tv	marieclairearabia.com
3	www.google.com	marieclairearabia.com securepubads.g.doubleclick.net tpc.googlesyndication.com
3	cdn.izooto.com	www.googletagmanager.com cdn.izooto.com
3	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net
3	connect.facebook.net	marieclairearabia.com connect.facebook.net
3	www.google-analytics.com	marieclairearabia.com www.google-analytics.com
3	a.teads.tv	marieclairearabia.com a.teads.tv
2	static.adsafeprotected.com	pixel.adsafeprotected.com marieclairearabia.com
2	t.teads.tv	marieclairearabia.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.instagram.com	1 redirects marieclairearabia.com
2	platform.twitter.com	marieclairearabia.com platform.twitter.com
2	www.googletagservices.com	marieclairearabia.com securepubads.g.doubleclick.net
2	platform-api.sharethis.com	marieclairearabia.com platform-api.sharethis.com
2	tags.crwdcntrl.net	marieclairearabia.com
1	cm.g.doubleclick.net	marieclairearabia.com
1	insight.adsrvr.org	marieclairearabia.com
1	rs.gwallet.com	marieclairearabia.com
1	syndication.twitter.com	platform.twitter.com
1	www.google.de	marieclairearabia.com
1	5bab7fc2360eff3ab5718412f9f91999.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	www.googletagmanager.com	marieclairearabia.com
0	segs.btrll.com Failed	marieclairearabia.com
107	35

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-25` - `2022-06-24`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
sharethis.com Amazon	`2021-07-19` - `2022-08-17`	a year	crt.sh
teads.tv R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-17` - `2022-03-17`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-06` - `2023-01-05`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh
*.gwallet.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-27` - `2022-08-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Frame ID: 07D9A25CB6CFED1EF20473017B09BD99
Requests: 86 HTTP requests in this frame

Frame: https://5bab7fc2360eff3ab5718412f9f91999.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E4B2B22414CC43BFBB6F1D0211351260
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fmarieclairearabia.com
Frame ID: 175B912D3B37073D0423E4B42CE0185C
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstANXgAjZXKoyjscMGiwYi5TPcw2Z-MF-uNs4IW06Iyq8thoutBVBBoeWGcnzNaXT7MNCDNSZ7gl649BeSncbR9UdHZtzi0W5csjfIxkNZ6Ocf_S6YTQ_JceKP3o_qothFPlWD1ZklAt9OBcLoD2oh_2nGnuYHPvvScXLSUGb1UdrIs7DtAtUOJcwBobkLWpsxdsazeFUBay9Fc6HaQfcT5lkNGOMbSeQd3PFmsf1n9xdx0uhozAdxvO3wFUtDPh-YCt7gCi-2P7kTpP-Ya3iM9x_Vx9qj_LvbS7gLZJBhHs4UGG7TUI7b7UqKxBtnPxr3FGXIcbZ6KkuUfbb37JzquPstyxMi3VhzGP8Q6Fd3Ldw&sai=AMfl-YTnpDQPSGDHKJVAHZwlAGdJQLjnaMvRmYJ5gOHfsrpO0yEjl8D4yFz6e4V7f0Hv7zTGXrjBvugdM-AXFxIdsbLPAOCkBrQOvBn61TaRrT2a5a7w-anTV-A_R9k8bxM&sig=Cg0ArKJSzCIVjkiEPcT4EAE&uach_m=[UACH]&adurl=
Frame ID: 6B3992C734DEF3FD925F47B9E83AAA41
Requests: 9 HTTP requests in this frame

Frame: https://cdn.izooto.com/scripts/sak/iz_setcid.html
Frame ID: FD7F66BED1EB7676F3178EF5791503A3
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=931094&campId=970x250&pubId=4632936213&chanId=21750853334&placementId=5605654273&pubCreative=138338869969&pubOrder=2408532440&cb=198192961&adsafe_par&impId=&custom=marieclairearabia.com
Frame ID: 4D42A7893923B4FA44C88F4F125B5B18
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: F5EA6591C2A5F52D76EA30B9F16A9279
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=6381/rand=790706174/pv=y/int=%23OpR%2358067%23marieclairearabia%20%3A%20Site%20Section%20%3A%20preview%20%3A%20content/int=%23OpR%2358068%23marieclairearabia%20%3A%20Site%20Section%20%3A%20preview/int=%23OpR%2371517%23Total%20Site%20Traffic%20%3A%20marieclairearabia.com/rt=ifr
Frame ID: 5B107EDCC5262E3B566D44F847060111
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2DD0461ADCB1AC0CA72A8D66F5941428
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 195FC3079ECA5B443F8358C04CFF2FF1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Marie Claire Arabia | نظارات عصرية

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Izooto (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.izooto\.\w+

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

107
Requests

91 %
HTTPS

59 %
IPv6

21
Domains

35
Subdomains

35
IPs

5
Countries

1866 kB
Transfer

4359 kB
Size

13
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/MarieClaireAR/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/marieclairearabia/

Search URL Search Domain Scan URL

URL: https://twitter.com/marieclaire_ar

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://marieclairearabia.com/media/cache/resolve/ckeditor_photo_thumnail/uploads/content-body-images/c3af546a905fe49aca731e0d4f0088d8.jpeg HTTP 301
https://marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/c3af546a905fe49aca731e0d4f0088d8.jpeg

Request Chain 8

https://marieclairearabia.com/media/cache/resolve/ckeditor_photo_thumnail/uploads/content-body-images/dbfbc20b4592ede61ecabff6d4ebd58b.jpeg HTTP 301
https://marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/dbfbc20b4592ede61ecabff6d4ebd58b.jpeg

Request Chain 9

https://marieclairearabia.com/media/cache/resolve/ckeditor_photo_thumnail/uploads/content-body-images/14053a104c208710ff3d54ee393c897c.jpeg HTTP 301
https://marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/14053a104c208710ff3d54ee393c897c.jpeg

Request Chain 10

https://marieclairearabia.com/media/cache/resolve/ckeditor_photo_thumnail/uploads/content-body-images/c0c26568af1b484165d95dd2086528c1.jpeg HTTP 301
https://marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/c0c26568af1b484165d95dd2086528c1.jpeg

Request Chain 11

https://marieclairearabia.com/media/cache/resolve/ckeditor_photo_thumnail/uploads/content-body-images/ac6d63b544c4901c80596cd4bce93e58.jpeg HTTP 301
https://marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/ac6d63b544c4901c80596cd4bce93e58.jpeg

Request Chain 12

https://marieclairearabia.com/media/cache/resolve/ckeditor_photo_thumnail/uploads/content-body-images/b5d350fe72eb68bad315c6f1ccca9e07.jpeg HTTP 301
https://marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/b5d350fe72eb68bad315c6f1ccca9e07.jpeg

Request Chain 45

https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

Request Chain 88

https://rtd-tm.everesttech.net/upi/?sid=RE4NsHsY5dFM35AtuumK&cs=1 HTTP 302
https://rtd-tm.everesttech.net/ct/upi/?sid=RE4NsHsY5dFM35AtuumK&cs=1&_test=Yin5wAAAHu5wwQBd HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWluNXdBQUFIdTV3d1FCZA

Request Chain 89

https://rtd-tm.everesttech.net/upi/?sid=PbfkjWGwpPgsEfjhQvOD&cs=0 HTTP 302
https://rtd-tm.everesttech.net/ct/upi/?sid=PbfkjWGwpPgsEfjhQvOD&cs=0&_test=Yin5wAAALwKbCQBj

Request Chain 93

https://bcp.crwdcntrl.net/5/c=6381/rand=790706174/pv=y/int=%23OpR%2358067%23marieclairearabia%20%3A%20Site%20Section%20%3A%20preview%20%3A%20content/int=%23OpR%2358068%23marieclairearabia%20%3A%20Site%20Section%20%3A%20preview/int=%23OpR%2371517%23Total%20Site%20Traffic%20%3A%20marieclairearabia.com/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=6381/rand=790706174/pv=y/int=%23OpR%2358067%23marieclairearabia%20%3A%20Site%20Section%20%3A%20preview%20%3A%20content/int=%23OpR%2358068%23marieclairearabia%20%3A%20Site%20Section%20%3A%20preview/int=%23OpR%2371517%23Total%20Site%20Traffic%20%3A%20marieclairearabia.com/rt=ifr

107 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 1646862995 Show response
marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/ 113 KB
29 KB 516ms
446ms Document
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 119bf694411d0671552f6fd4afae48106f9949bb90adbed6627df93f51cd79cd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-varnish: 46289428
age: 0
via: 1.1 varnish (Varnish/6.0)
x-cache: MISS
cache-control: no-cache, must-revalidate
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y20r07iS6IB2E281JVtjXt81y9WLQArLVQmKvzaUTOWBbjfEbFPCFlQfhWTai8HaEpiVN5lMeYxGqT5bcnB4sIVgapd4EBalPi33StUjAEWIt0XkT5K3X8gRP%2BO%2BTiIpYAN6cqxcO1BFTQvinNnCsKj6Jvk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6e9c50887a7383b2-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/6381/ 43 KB
14 KB 67ms
16ms Script
text/javascript 18.66.248.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/6381/lt.min.js
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-77.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fd2fe0813b343c513d49ae8f168c38510daff5e6ed61d5fff6d63616a042a439

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 05:22:55 GMT
content-encoding: gzip
etag: W/"0104c1d3c9d4b6c7afa4c1c799a29ff2"
last-modified: Wed, 23 Feb 2022 22:41:43 GMT
server: AmazonS3
age: 28305
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: RPubvdGX0LeukvHvxqHfptVu9jgdz5AFH2m4gb4MGrZRap14T2Z1Ww==

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 184 KB
41 KB 61ms
9ms Script
text/javascript 143.204.98.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-21.fra50.r.cloudfront.net

Software

Resource Hash

0ee3ba8d62688a5dcd8b12d596ab5256e567d0d314e79a12904ff428a666e27e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:13:57 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 42
etag: W/"2e0b4-HqSCmdOd0X+0faUgjZuvR/26Oog"
x-frame-options: SAMEORIGIN
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-amz-cf-pop: FRA50-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: T7JrMZm9bdEByiyiRH-n6FZN19ViDLLXXpsSmuqor9jUUWdqYA8U1w==

GET
H2 200 search-black.png
marieclairearabia.com/bundles/marieclairewebsite/images/ 320 B
662 B 51ms
44ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclairearabia.com/bundles/marieclairewebsite/images/search-black.png
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86baeba76229e957b0eb488d6bce55712227736260e06df702e23ed07ff498ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 163781
x-cache: HIT
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 320
last-modified: Tue, 08 Mar 2022 07:17:12 GMT
server: cloudflare
etag: "622702f8-140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJppKKNRjYrxw2coUgDteLCuyLStcSYU5GIvePFXcJXcftGBoQJv16rK8tcbBGhnqcZf%2FbAAyNExMkbh0PUoiQ97cG1X1PYUvTQu6Jv2kTgzBM%2FgVhN1P7cljIT%2BRW5naYQa57uGQ9%2Fb9zIdiHeCDWdcFks%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 48145651 46410092
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e9c508b8b9083b2-MXP

GET
H2 200 close-menu.svg
marieclairearabia.com/bundles/marieclairewebsite/images/ 490 B
598 B 194ms
187ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclairearabia.com/bundles/marieclairewebsite/images/close-menu.svg
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6f9c60d234abe80d89808ee3047394603f9e0b8f967f8fb15847598493f6620

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish: 50480776 50480747
last-modified: Tue, 08 Mar 2022 07:17:12 GMT
server: cloudflare
etag: W/"622702f8-1ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7gu7%2BUaLjaYNxWeDQVAjkOA14y8SI6TY46UXjBxPNcaZmYNINJmo3J%2BfywR227CyxhaX1Xdvf0GglJqbaHDBgMcpEaT6s2EJx1e%2BRP5RvJOhcehR3jOBjuHb5wOOzRmz3C2cpbiK1n4TyWcSh1mqiFNlb8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 6e9c508b8b9283b2-MXP

GET
H2 200 logo-black.png
marieclairearabia.com/bundles/marieclairewebsite/images/ 2 KB
2 KB 51ms
45ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclairearabia.com/bundles/marieclairewebsite/images/logo-black.png
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c5ab8ef03de9de0f2d2d08a379277fea1ab8f31f1e0f216c1601b82db9a960a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32118
x-cache: HIT
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1948
last-modified: Tue, 08 Mar 2022 07:17:12 GMT
server: cloudflare
etag: "622702f8-79c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLmqF%2BDC5x21hWzvRLipwYfda%2Fpd9RUSKLclsJV6QpPyMyUqgERlkSg5k56w4cocddvtNf%2BVGDOzNdhffab9aQ2YaKg5X0e3UhzB1rmQEfwAyL3eynI7acbDHcaMMS44kuWYUbESFVdJ19%2FoqBW8AxXxKFU%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 50971621 50359779
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e9c508b8b9383b2-MXP

GET
H2 200 menu-icon.svg
marieclairearabia.com/bundles/marieclairewebsite/images/ 713 B
616 B 153ms
147ms Image
image/svg+xml 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclairearabia.com/bundles/marieclairewebsite/images/menu-icon.svg
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 831c28a348c1542429a7543f06f3a935330c0a04c54e4e6f94e9f3e4aa5e7b64

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish: 50480778 48937551
last-modified: Tue, 08 Mar 2022 07:17:12 GMT
server: cloudflare
etag: W/"622702f8-2c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=If4FIZc2dCYZLDtOaUb0tI%2FnEd99%2FOIWswTL73h%2B7guBtFJuhxupzrnwpJla%2Bi9uod3C%2Bm3b2HgQ4yXOLUEmkV41jTVpvPfU62ObRdqBs%2FcJ1lZ9qr6%2Ffen4PCMUKzIBlRUx9Lji0HCKv32sBWgf2lajXn0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 6e9c508b8b9483b2-MXP

GET
H2 200 arrow.png
marieclairearabia.com/bundles/marieclairewebsite/images/ 167 B
500 B 50ms
44ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclairearabia.com/bundles/marieclairewebsite/images/arrow.png
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc149d19903932f583c3a6ba29637ce3f0563de5f291144529d3a8f2c4e34cb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 163780
x-cache: HIT
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 167
last-modified: Tue, 08 Mar 2022 07:17:12 GMT
server: cloudflare
etag: "622702f8-a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cCjqKAULCxLOZs5lq7YprCsdtX6%2BsykpdwNEhgJYC%2Bs6O%2Biavd0M8mCa3yuZrJ6B9we4wHevUBhunHE9ic%2FkiyxhXVWVtE%2Bc7i7DxR%2B0kdY5OKPEIbKWzgLHtYLd8cH5yREUsD%2B5IDPLDumhV%2Fryqdw8GRM%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 48145654 47468868
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e9c508b8b9683b2-MXP

GET
H3

200

c3af546a905fe49aca731e0d4f0088d8.jpeg
marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/
Redirect Chain

https://marieclairearabia.com/media/cache/resolve/ckeditor_photo_thumnail/uploads/content-body-images/c3af546a905fe49aca731e0d4f0088d8.jpeg
https://marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/c3af546a905fe49aca731e0d4f0088d8.jpeg

80 KB
81 KB

203ms
203ms

Image
image/jpeg

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/c3af546a905fe49aca731e0d4f0088d8.jpeg
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H3
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f19c7ec31ab46e50284e550b5166f6d3a767e9db8326ceaef1af7f4f5a2e7ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 81899
last-modified: Wed, 09 Mar 2022 21:51:06 GMT
server: cloudflare
etag: "6229214a-13feb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3vlcf1unspJ7ZWBL71YDOtY9vVZN0WwrkQzP5tC4XB1n3NLiW4%2BbIDlPI5qlLxYhrV4BwfAkR%2BFUW45ajrUToxRz0THsy8fBGOUfS9R7ifIkY15M2nPtA5V%2BkG8Yjyqb2tZyCjhez6p1NCr%2Bc6iw3fnJ%2BY%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 50249978 47838396
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e9c508cd8620e0e-MXP

Redirect headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
location: https://marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/c3af546a905fe49aca731e0d4f0088d8.jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHjcNcVr%2Fo7r006FaggCZjI4%2B0b7nJQJxPFn7bQuVwqw6F7uyxA83fl0bMRIlXOTf%2F4qNokpoox5BbbMNWTgTIwbi2GgW7QhJelR%2Bud02VDwqQw2bv7L6RIfDY39gHD0Q2jSBQgJNDpLKMcCXgpNDkI7lOk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-varnish: 50548981 51159818
cf-ray: 6e9c508b8b9883b2-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

dbfbc20b4592ede61ecabff6d4ebd58b.jpeg
marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/
Redirect Chain

https://marieclairearabia.com/media/cache/resolve/ckeditor_photo_thumnail/uploads/content-body-images/dbfbc20b4592ede61ecabff6d4ebd58b.jpeg
https://marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/dbfbc20b4592ede61ecabff6d4ebd58b.jpeg

58 KB
58 KB

184ms
183ms

Image
image/jpeg

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/dbfbc20b4592ede61ecabff6d4ebd58b.jpeg
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H3
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a02b477f7e73241ddfb8561655e4cb6ffa545fb5c62d02f01beb1fc489bab8b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58908
last-modified: Wed, 09 Mar 2022 21:52:10 GMT
server: cloudflare
etag: "6229218a-e61c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iBrUC%2F1K%2Fp%2BXRI3WELvgHwRljzV%2BZWPXf82%2BuLNCPVnagSx84KFHrBjVWa0b2vJo3eDC01fwz70Kv7e8eKbCarjFPbPBI6DaNLoEvZjvBll%2BoLB2iWGtPPzZlTRv%2FnkF0081hn4I7lyVZTFHXvve6ecN9Q0%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 50249975 46289274
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e9c508cd8650e0e-MXP

Redirect headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
location: https://marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/dbfbc20b4592ede61ecabff6d4ebd58b.jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8h6%2BRpK8qxHQZ5BDPIsKMHf8q2sCb3sSNqijyLSOoRdBf0Dhe3ahOM%2BtNnf%2ByUmvnWalm5Subdh8QKoWmWBJCSUb2ktVyQrEcOgP1uwKAeGr2kN5cApl%2BLptq4%2B2skW6eRkD8D4tL%2Fi7auqgxUtHY4BcxLk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-varnish: 50548987 51283200
cf-ray: 6e9c508b8b9c83b2-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

14053a104c208710ff3d54ee393c897c.jpeg
marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/
Redirect Chain

https://marieclairearabia.com/media/cache/resolve/ckeditor_photo_thumnail/uploads/content-body-images/14053a104c208710ff3d54ee393c897c.jpeg
https://marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/14053a104c208710ff3d54ee393c897c.jpeg

46 KB
46 KB

185ms
184ms

Image
image/jpeg

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/14053a104c208710ff3d54ee393c897c.jpeg
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H3
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1e4cfbb578b8df8afa7fe80912a94f1f39bfc983500115f7d328aa6fa032416

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 46924
last-modified: Wed, 09 Mar 2022 21:52:30 GMT
server: cloudflare
etag: "6229219e-b74c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wBCG5jcDZleiUnvf6knA14HVdS2gBbz37ws9S0PpbSViq9EvjQLLywS0E0zg65JAncMK1ZuE3HYfdTX4eZDTC%2FgZHSh%2FI%2F1Y7Jttf5PaRFMeswIjU4xcbidvmzJXMfzdXe7ovgk1CElIly%2FtyuoFL4qr%2Bc%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 47838451 50996924
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e9c508cd8670e0e-MXP

Redirect headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
location: https://marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/14053a104c208710ff3d54ee393c897c.jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRmUt1qe74qmT4MTZufhJTOWmxECvOpAFi24G88GTno%2B1wDi2F1lDg9XqhGvJ7ZRXCW%2Fow0SS41sFcpib6RGOElLVihnEuYh87tuPGdGv1Bh%2FONIlHWKw38%2FH7aKKbH7B%2FhnwDd5M7kQdRT1naZ9lOQ2vXw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-varnish: 46289433 47617143
cf-ray: 6e9c508b8b9d83b2-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

c0c26568af1b484165d95dd2086528c1.jpeg
marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/
Redirect Chain

https://marieclairearabia.com/media/cache/resolve/ckeditor_photo_thumnail/uploads/content-body-images/c0c26568af1b484165d95dd2086528c1.jpeg
https://marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/c0c26568af1b484165d95dd2086528c1.jpeg

60 KB
61 KB

198ms
198ms

Image
image/jpeg

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/c0c26568af1b484165d95dd2086528c1.jpeg
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H3
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfd8b14006f5a2beb1bccae47fa3beccafd6db251cbc8371de28380632fc848c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61657
last-modified: Wed, 09 Mar 2022 21:52:49 GMT
server: cloudflare
etag: "622921b1-f0d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ansq%2B5e%2FQ7UvDwN650MmIjCyNOtqKMYAmMdU3TT89xFy63Vcbq8ely77EK3zsQFxRBvO9LGfXAPwUGbVUQtwQULiwDjtZRmve5xVhpGbwauRfIZMZzdLHOWQRU2f3Tf0zV4%2FaIf9KnHaY%2FwGy0jLQCLb8sE%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 47838454 46289280
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e9c508cd8710e0e-MXP

Redirect headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
location: https://marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/c0c26568af1b484165d95dd2086528c1.jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLGjoCmkIpEriCEu0K2fpKYkbwEp0zrh2C906jTpL7%2BmCfDy%2Fu76HbERbeP%2FV7Xjtj3i5KuWy%2BM6sMeEO6DK8XCSuXG6u7whnpDFbBemoKWjomNkUcpMQ4GBVfyy%2BnTW%2FNpbqqzy36dDVm7%2BJ%2BsV%2FoCWD9A%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-varnish: 46289444 51159823
cf-ray: 6e9c508b8b9f83b2-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

ac6d63b544c4901c80596cd4bce93e58.jpeg
marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/
Redirect Chain

https://marieclairearabia.com/media/cache/resolve/ckeditor_photo_thumnail/uploads/content-body-images/ac6d63b544c4901c80596cd4bce93e58.jpeg
https://marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/ac6d63b544c4901c80596cd4bce93e58.jpeg

42 KB
43 KB

227ms
226ms

Image
image/jpeg

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/ac6d63b544c4901c80596cd4bce93e58.jpeg
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H3
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04cbe1a0453fe7c7789d40e110146cfa1c413c456dc62deb495e2dfe55408fd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42900
last-modified: Wed, 09 Mar 2022 21:53:03 GMT
server: cloudflare
etag: "622921bf-a794"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6UccqEKEj6NgcLV54O%2B5GuCxcPb02nL%2F0wQAT6TDGDWMxEuVlgTr24PlDmZwpjyH39%2Fyp6SwRbJlw5GU99n0eoPtefKOy9mGYgQs0vzLiTvtLBV06ePH4z5EfZD%2FEy1OssMGEGfOxyZB%2FIjrDqp%2BKy8LEQ%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 50249981 50548860
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e9c508cd8680e0e-MXP

Redirect headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
location: https://marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/ac6d63b544c4901c80596cd4bce93e58.jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jNd0rRpqEyO1gCXY1xeczGitkqzkfpTJfx4GdHw%2Fn7vvlYq38jqBvTMwzNyV6KMuTpLLGvjLnqpdnoqsTDQjt7qFwyV6MQVbnSGFnFfmqvWyU2o6smbBPajneiTJ4rnof%2BHnAPG2sgYagLvaaIhKMmaxUZA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-varnish: 46289436 46289259
cf-ray: 6e9c508b9be383b2-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3

200

b5d350fe72eb68bad315c6f1ccca9e07.jpeg
marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/
Redirect Chain

https://marieclairearabia.com/media/cache/resolve/ckeditor_photo_thumnail/uploads/content-body-images/b5d350fe72eb68bad315c6f1ccca9e07.jpeg
https://marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/b5d350fe72eb68bad315c6f1ccca9e07.jpeg

54 KB
55 KB

228ms
228ms

Image
image/jpeg

2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/b5d350fe72eb68bad315c6f1ccca9e07.jpeg
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H3
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c01c4b3eac78caa4020bbe8b55f49cbb4f351dca9fcaf624076f1b637baeba5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55507
last-modified: Wed, 09 Mar 2022 21:53:22 GMT
server: cloudflare
etag: "622921d2-d8d3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uR1fE2Sb8LI9uZaopfzrvmdf33vKQl%2FLvmGtHOQfzbRmJqSA8ibsPA7I4MpJIK%2F0304htBxLQihUDLJmCKefW%2FEPwsQNtuiXFbUPrYPEHbnrmwe7oBN9iapW%2Fdbuv%2Bw6360PIylT2bRKdUEPMPIsmtK354%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 47838457 47617164
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e9c508cd86a0e0e-MXP

Redirect headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: HIT
content-type: text/html; charset=UTF-8
location: https://marieclairearabia.com/media/cache/ckeditor_photo_thumnail/uploads/content-body-images/b5d350fe72eb68bad315c6f1ccca9e07.jpeg
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYx%2Bcw7E7Xy1xMPbKTVIaK5b8HRDFUSJEB8Jg7AHyVBzljdMbLSEdt0fjtwehLwqm46cctTIOXyg70d5QpISdUlAd4tH40Kw3cZU4S3sjr65VqcZxolk2bABA86tNI%2B2NOtTkd92WVHIcegp0%2FGTZl%2BmHbo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-varnish: 50548984 50548837
cf-ray: 6e9c508b9be983b2-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 tag Show response
a.teads.tv/page/133428/ 743 B
660 B 199ms
108ms Script
application/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/133428/tag
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0f8d6804fb46eeca4b6fbaad1c54392042255049f85f21149c6c60d557ee7a60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 460
expires: Thu, 10 Mar 2022 14:14:39 GMT

GET
H2 200 6229f023c239a448398532.jpg
marieclairearabia.com/media/cache/related_article_thumbnail/uploads/cms/standalone-content/thumbnail/ 55 KB
55 KB 226ms
221ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclairearabia.com/media/cache/related_article_thumbnail/uploads/cms/standalone-content/thumbnail/6229f023c239a448398532.jpg
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 599bfe0e54878ae6e20e73a8873630eee97139d3086449cab7fe36151f3d4103

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55856
last-modified: Thu, 10 Mar 2022 12:35:52 GMT
server: cloudflare
etag: "6229f0a8-da30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cg%2ByoXqXrh6I%2B88GBdUIxoYkUe1j5qGNqUT2I0%2F8xgtZUAI0fQJjVn6oeA9H3eLNr%2BRU3FcK66uKJK%2FPXmG4kq9Qd7sANdMDihLJsEvlJEDD29ta1I7Rviy92%2F%2Bvr3Fr1fdal69gYQACIEsDLBlxLMRJIXA%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 46289441 51283195
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e9c508b9beb83b2-MXP

GET
H2 200 6228a047a8bb9221946690.jpg
marieclairearabia.com/media/cache/related_article_thumbnail/uploads/cms/standalone-content/thumbnail/ 36 KB
36 KB 219ms
214ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclairearabia.com/media/cache/related_article_thumbnail/uploads/cms/standalone-content/thumbnail/6228a047a8bb9221946690.jpg
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 960ff8d02ab9b434d448d4094e5f1131c521a5eb0da0d68c6dc3e1515e3fca99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36702
last-modified: Wed, 09 Mar 2022 12:43:31 GMT
server: cloudflare
etag: "6228a0f3-8f5e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zxVr4gepdqBrxLJwCCO6CkiEwiBqRs8moo4oRiiFV9pg4I0KntO15G4olZAh%2FM39aRGiiY9P8lHW37q0iYn57WL3WdVPSdu4NJYVTpr1JMb4JnWpfObLdVBYliYufsjbT0fwtRj3IqIPPeI3joddBxZ5K8I%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 46289447 47617140
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e9c508b9bef83b2-MXP

GET
H2 200 62289517e4763836846915.jpg
marieclairearabia.com/media/cache/related_article_thumbnail/uploads/cms/standalone-content/thumbnail/ 47 KB
48 KB 254ms
250ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclairearabia.com/media/cache/related_article_thumbnail/uploads/cms/standalone-content/thumbnail/62289517e4763836846915.jpg
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cfdd33073837cf0845b2c54ee1c95317516c696cc889b087b609e8c2bc3d286

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48571
last-modified: Wed, 09 Mar 2022 11:58:16 GMT
server: cloudflare
etag: "62289658-bdbb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZN4i5CFV2hqDkv3d26kQ9150kg1meB6ITilYSVr2qc7Gy%2BFitMZrIZpj0jpcZwpgBum%2B0YZCCU5W%2Bbjqv4YH35rNXpPsp4xb9CmVwYQcwqTrD2nbktutQ%2BukTLfvTKgZlLzI6lCrhds4UkaBDgg1awg3kzo%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 43957967 47617146
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e9c508b9bf283b2-MXP

GET
H2 200 62286db965683036993975.jpg
marieclairearabia.com/media/cache/related_article_thumbnail/uploads/cms/standalone-content/thumbnail/ 34 KB
34 KB 205ms
200ms Image
image/jpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclairearabia.com/media/cache/related_article_thumbnail/uploads/cms/standalone-content/thumbnail/62286db965683036993975.jpg
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e3197cac4c48207ed06fc11edcf04be458165518d678dc60a045113e4275867

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34312
last-modified: Wed, 09 Mar 2022 09:05:52 GMT
server: cloudflare
etag: "62286df0-8608"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GgwKjugQ8w0FwHCotYVzYZo6vrJaBukYV8qg%2BFnABrkfCOLp9hLi4n7S%2FKMxJolwa3Qo3UjxpOSVdFzC8v%2BrN4ol0tdECkxHU5%2FqkiDRGnTRR6exDH4DzJgXumYrZJV3Q6yrbsT4GR4r7d8sqNmLn%2FwGqv8%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 50548990 50548840
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e9c508b9bf383b2-MXP

GET
H2 200 close-search.png
marieclairearabia.com/bundles/marieclairewebsite/images/ 1 KB
1 KB 97ms
93ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclairearabia.com/bundles/marieclairewebsite/images/close-search.png
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c31a9b51bc1e4d611c36400332cc8fed8fa4fc80deb73b89727ef13cdbcbfa8c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 163780
x-cache: HIT
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1083
last-modified: Tue, 08 Mar 2022 07:17:12 GMT
server: cloudflare
etag: "622702f8-43b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AVV%2BYIrFpdnGpPG%2BW8N4q%2F6IFk4cfvZjBoR8qcfSlEC7DU1TIkgiCrK4HS9gQ24gwZcaUw4hssNQnLTKT%2BSagyjFw0TsDo2TFOlAoubZtBMJFxDp%2BqDRNweWZCsIXFtp2a3AeoreuIHVorjFamSdmnaQYN8%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 49321494 46410124
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e9c508b9bf783b2-MXP

GET
H2 200 layout.js Show response
marieclairearabia.com/assets/marieclairewebsite/js/ 2 KB
762 B 55ms
51ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://marieclairearabia.com/assets/marieclairewebsite/js/layout.js?version=201a7bd4df
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4a0d51675d80fac48fd40854194d505a313171c6b334955811d7009a9dee4b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 163780
x-cache: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish: 48145657 49283525
last-modified: Tue, 08 Mar 2022 07:17:12 GMT
server: cloudflare
etag: W/"622702f8-76f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=01bhh8GPyP%2FJF74AxBHy5GtVeh9zObk5hP7JSJWVADrEcttz9ZwKAT41x7Vd615fv7rKYvEQX2B5WN0s2GNB6PsX0%2Bel3vcSc3e70VcCqUGjQGUMmhQ%2Bkc92fmUnr6JBFuL9dl7YhR1iVxgi2sOHYvKNvgc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 6e9c508b9bf983b2-MXP

GET
H2 200 cc_af.js Show response
tags.crwdcntrl.net/c/6381/ 59 KB
14 KB 53ms
11ms Script
application/json 18.66.248.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/6381/cc_af.js
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-77.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: caa0cbe9784e09d5cf93e2e9deace3ab52c31307eed5f8ac9a12e17713d3fe39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 04:28:04 GMT
content-encoding: gzip
etag: W/"a940cf106aaf563936b3608356c63cfb"
last-modified: Wed, 23 Feb 2022 22:32:43 GMT
server: AmazonS3
age: 31596
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: kZcVwByDWGnaqPaTq0mJqDrszyKpQfu5mizJU7AZYlawhnQml64jng==

GET
H2 200 inside-page.js Show response
marieclairearabia.com/assets/marieclairewebsite/js/ 501 B
609 B 40ms
33ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://marieclairearabia.com/assets/marieclairewebsite/js/inside-page.js?version=59f9c8e4c8
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b2a8248d53efa5d3a7ce1a6f1c62a5fa1e803e60b5bb6d4d4a6fe18bf495cab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 163780
x-cache: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish: 47922103 50238068
last-modified: Tue, 08 Mar 2022 07:17:12 GMT
server: cloudflare
etag: W/"622702f8-1f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SgiCHYN%2BnYRskUqSvreGpWPpbNhFDbw2HsCo6pgL2wf99T5VFk6zYYo%2FOz1POksl%2FeZD6hLlnjfE41SVVhIbCpB1AnkBnvD%2FIqthG0ES2xVbYQGux8%2FSyq5vulQS9EHvvsrTl6HDn5V7xM%2F1YGbY20hdBTo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 6e9c508b8b8f83b2-MXP

GET
H2 200 content-layout.js Show response
marieclairearabia.com/assets/marieclairewebsite/js/ 66 KB
23 KB 55ms
51ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://marieclairearabia.com/assets/marieclairewebsite/js/content-layout.js?version=79eed2a78a
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 276079be1a8e9a8dd30c2898207bd683de7b4e34d63d7e1f26d1b4ee4b96c8f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 32119
x-cache: HIT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-varnish: 48970263 51185840
last-modified: Tue, 08 Mar 2022 07:17:12 GMT
server: cloudflare
etag: W/"622702f8-10703"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=coKzYgQBFz8KWmj4f5JzzrjaJ2s6C9%2FneDHRCZc857NiKjWzBHqMKMAYWLZqFSasNXV%2FziDjF%2F%2FtAMCr6jalUr796zWR%2BwJY0fscdraBshdLWbacNezI2Rv6qzHXpwCDuGzTNAKyUT7UDi12vlYBluLYKlc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 6e9c508b9bfc83b2-MXP

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 44ms
6ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5986
date: Thu, 10 Mar 2022 11:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 10 Mar 2022 13:34:53 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 57ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8535e0a595bc825a55473989a9f9f57160accee5f6d3023749841e6fcc24ab92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27775
x-xss-protection: 0
server: sffe
etag: "1154 / 392 of 1000 / last-modified: 1646914169"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 10 Mar 2022 13:14:39 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 40ms
4ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26291
x-xss-protection: 0
pragma: public
x-fb-debug: fmocgDfbyNHzaNAlf+DNTYMAEYfbRgVL0rsRCmn+Wd3xVjgMS5zgWY0/3okryXjmj5lin6BGXvhHEtZiPFYwZw==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Thu, 10 Mar 2022 13:14:39 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 77 KB
31 KB 59ms
21ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-57B2T9R

Requested by

Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

34c9338690a1cc1347f456db316bb68b078a75eb2cbed9cca4ab764c087cf75e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31122
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 10 Mar 2022 13:14:39 GMT

GET
H2 200 Swissra-Normal.woff2
marieclairearabia.com/bundles/marieclairewebsite/fonts/ 17 KB
17 KB 56ms
55ms Font
application/octet-stream 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://marieclairearabia.com/bundles/marieclairewebsite/fonts/Swissra-Normal.woff2
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0620b208824b667b1328b0425aca6851ed3f3a9a65247e310824915b11cd60eb

Request headers

Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Origin: https://marieclairearabia.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160992
x-cache: HIT
content-type: application/octet-stream
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17016
last-modified: Tue, 08 Mar 2022 07:17:12 GMT
server: cloudflare
etag: "622702f8-4278"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2FrwUEuPjQKVoNziBQtHVZSqYuZGFlbtN3y%2BdSTuP4auYWPARddJNde3ZJLxv6Kb8dJ1v2hdyS%2FoYlfIZniZY8ioE0avQSY0RcByBkAcV%2B%2F6gpBWthqnifn%2FGANeXlYbv8R1YImPIvf7WCeu%2FV5iwYRA2zY%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 49283987 44792948
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e9c508b9bff83b2-MXP

GET
H2 200 positive-icon.png
marieclairearabia.com/bundles/marieclairewebsite/images/ 217 B
611 B 49ms
49ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclairearabia.com/bundles/marieclairewebsite/images/positive-icon.png
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95b3c343af0c8c8ef15d6e6a97488692e8ac3c6a61efdaf79127725111cba988

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 163775
x-cache: HIT
content-type: image/png
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 217
last-modified: Tue, 08 Mar 2022 07:17:12 GMT
server: cloudflare
etag: "622702f8-d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsiIDBqbQYOrq8EBAq6kQHaVxN%2FcDPzT7gQx9qWqvo7LjBuDjbBga6KVaC89JkBIi1wOZwMbqTqQqBvFJQGzRzm2CbMno3c2YsVP2zyA5cA7iG2UwMILsIh4bDAURsKPk2bQr2wzKVBD%2FumbqFudHCIeEbs%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 48865137 49283528
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e9c508b9c0283b2-MXP

GET
H2 200 Tajawal-Medium.woff2
marieclairearabia.com/bundles/marieclairewebsite/fonts/ 19 KB
20 KB 49ms
48ms Font
application/octet-stream 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://marieclairearabia.com/bundles/marieclairewebsite/fonts/Tajawal-Medium.woff2
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 874a3e2841798e583f07e78f22c90f390da4d01b5b55802a3d7da8efcbf7af87

Request headers

Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Origin: https://marieclairearabia.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 154333
x-cache: HIT
content-type: application/octet-stream
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19936
last-modified: Tue, 08 Mar 2022 07:17:12 GMT
server: cloudflare
etag: "622702f8-4de0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=641c5H7pUQjjU6FnzGA7ZDgR3QQYKptJ8cnZ0X6z857N9uU2Gkr8LQ2nq%2FglETU5xsS6W1tcy8PX7Wsv0RCY12VB8mWNPFvJYxgofv5mE5aELzT8BnkYsHz%2BXN25BUWxGwfPcx6c1Zer9qG2XmTzrJrv450%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 50313780 49680045
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e9c508b9c0583b2-MXP

GET
H2 200 Swissra-Medium.woff2
marieclairearabia.com/bundles/marieclairewebsite/fonts/ 17 KB
17 KB 65ms
63ms Font
application/octet-stream 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://marieclairearabia.com/bundles/marieclairewebsite/fonts/Swissra-Medium.woff2
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bde58a20bb026d18314b5250f490762cf3f46ac65b7531e5fe87d0d2705489fa

Request headers

Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Origin: https://marieclairearabia.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160992
x-cache: HIT
content-type: application/octet-stream
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17108
last-modified: Tue, 08 Mar 2022 07:17:12 GMT
server: cloudflare
etag: "622702f8-42d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKD686RpT4vnVUe2WumyAdVsMsgUs%2Bh679Ed2u0gsFu0oOlylNeT9l4Ss7KQZbq6sBlJV3ykFwkX3m%2Fb%2FabFGiumIlYVsBrYuJ9y3K5gG1w8mU%2BAhpQFYYpUrXqzWep32vWh2EonQrK8Q%2BjCKXyGjBFXF%2BY%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 50486601 50864006
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e9c508b9c0883b2-MXP

GET
H2 200 Swissra-Light.woff2
marieclairearabia.com/bundles/marieclairewebsite/fonts/ 17 KB
17 KB 65ms
63ms Font
application/octet-stream 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://marieclairearabia.com/bundles/marieclairewebsite/fonts/Swissra-Light.woff2
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e9b9fc248ce252861fc59cb2148ad2e3b2ccdb8891fb9c1e42944114af0c2f6

Request headers

Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Origin: https://marieclairearabia.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 161000
x-cache: HIT
content-type: application/octet-stream
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16984
last-modified: Tue, 08 Mar 2022 07:17:12 GMT
server: cloudflare
etag: "622702f8-4258"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1n%2BknpDxElMviOhukc%2BiB4mAHGwnhS0kgz9UeVLlw3tJyjbYeU7m41UZv8Fm9qeDuHr8N1ybQvLFYii7SAINdA6fYzppgEyOwSbAE1LCNI%2B2dq%2F01G1EomuXqBi2kVjrRAoM9DYHwvabotUovm8L7jtQ9sw%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 49952943 50486353
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e9c508b9c0983b2-MXP

GET
H2 200 mca-social.ttf
marieclairearabia.com/bundles/marieclairewebsite/fonts/ 3 KB
4 KB 162ms
161ms Font
application/octet-stream 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://marieclairearabia.com/bundles/marieclairewebsite/fonts/mca-social.ttf?jx69n6
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da3927b0c71175ddc564c59443595614c89a5d6058a27572268ce58d3159585d

Request headers

Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Origin: https://marieclairearabia.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT
content-type: application/octet-stream
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3268
last-modified: Tue, 08 Mar 2022 07:17:12 GMT
server: cloudflare
etag: "622702f8-cc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2sbg8UR%2BeoaNNR5CvLE56rf4WdVK4q8LohQUu6YsBPinWwRKuxk6O4Ejvm6muI368CTNaJjBZmbo3U3pZSBFJqKPoP9fTbG3NPqgIn%2BxpScje%2B2ILqpfr%2FKqGufpc3Tjh35hdbcFLDYbE7xmQUyk94%2BZoeU%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 47913971 43252559
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6e9c508b9c0c83b2-MXP

GET
H2 200 Swissra-Bold.woff2
marieclairearabia.com/bundles/marieclairewebsite/fonts/ 17 KB
17 KB 63ms
62ms Font
application/octet-stream 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://marieclairearabia.com/bundles/marieclairewebsite/fonts/Swissra-Bold.woff2
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eec56719e24c51a55b5212f89cbea14eb96a0af4a55f8b8a25a6eb6bc583a7df

Request headers

Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Origin: https://marieclairearabia.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 161013
x-cache: HIT
content-type: application/octet-stream
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16896
last-modified: Tue, 08 Mar 2022 07:17:12 GMT
server: cloudflare
etag: "622702f8-4200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9q8pDZYEFvAZLLJGxf7rA2SKkhuNST1MZIcLpZS8ZYuJw1poKGTlQsVwmtvj7ALwW36oUnGaBnhyid7qPjdggAX1c%2BCMs43ygezSiL7XNBopmgALSwMdYOAhGQg2JkFqT8RMvs4WFett0n1t6Bf3a2Hi9as%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 49952935 49382442
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e9c508b9c1383b2-MXP

GET
H2 200 Tajawal-Black.woff2
marieclairearabia.com/bundles/marieclairewebsite/fonts/ 19 KB
20 KB 64ms
63ms Font
application/octet-stream 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://marieclairearabia.com/bundles/marieclairewebsite/fonts/Tajawal-Black.woff2
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b198a341d8cd60bb16fabe63877b3d994060b747ab97fdb6bc491761d521b33

Request headers

Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Origin: https://marieclairearabia.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160991
x-cache: HIT
content-type: application/octet-stream
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19964
last-modified: Tue, 08 Mar 2022 07:17:12 GMT
server: cloudflare
etag: "622702f8-4dfc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NFO9Ubx7GEh0YEYBpcMeZC67zC%2BzGHJ5sRPhBkNPVQ8W4z%2FHxM2JK1C2Qf8EZ%2BbLKZMPuv1g5S1ldjQx6056CTV4mN3T3Fix%2FvDXUGg7y5Nz7GuRPD4rEr1OJACGSBHIbAaYB05tPTUj5ZBMeMml%2BF3jMo%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 44295114 46936530
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e9c508b9c1983b2-MXP

GET
H3 200 Montserrat-Regular.woff2
marieclairearabia.com/bundles/marieclairewebsite/fonts/ 90 KB
90 KB 37ms
32ms Font
application/octet-stream 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://marieclairearabia.com/bundles/marieclairewebsite/fonts/Montserrat-Regular.woff2
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa88ed6dcc00cf660ae6cb9c4bf4fa279d3ce55549ac439f18a87af2f03f1579

Request headers

Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Origin: https://marieclairearabia.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 164358
x-cache: HIT
content-type: application/octet-stream
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 91812
last-modified: Tue, 08 Mar 2022 07:17:12 GMT
server: cloudflare
etag: "622702f8-166a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wu6xRClRcIARa7ezNVcyNYPDSfNFd7PSHy66Xozz1d2Uq%2BN8M%2BBXWyBq4MbyIrdKc7zcsjUz%2FKRe82cqcS1Ij0iRE9uze%2BzqNJYAO8y9eYcIxxyAifvH3d%2FhLrlMyVT55iHU7xeamk4R8QUnPBUYDCP%2FnrY%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 47440429 49426634
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 6e9c508bbe5b0e0e-MXP

GET
H3 200 586855661733176 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 23ms
8ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/586855661733176?v=2.9.55&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

399d203fd1e14e73322d95810c14c952ad83d37a09991b219f4a9407838ce906

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 89252
x-xss-protection: 0
pragma: public
x-fb-debug: y9fsd6OpKpjv+9A4mNG/J55/BqtfdcXFlVHs4HBqcH1PPMVGSctEH53oC8fo1rESQ83DjQQrfr3HcmgtSEem8w==
x-frame-options: DENY
date: Thu, 10 Mar 2022 13:14:39 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 28ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2045492418&t=pageview&_s=1&dl=https%3A%2F%2Fmarieclairearabia.com%2Fpreview%2Fcontent%2F13365%2F2efa7bcdd5041f88b8c28d2ebe46e377%2F1646862995&ul=en-us&de=UTF-8&dt=Marie%20Claire%20Arabia%20%7C%20%D9%86%D8%B8%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%B9%D8%B5%D8%B1%D9%8A%D8%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=279458784&gjid=1945491253&cid=200358391.1646918079&tid=UA-127130482-1&_gid=327395246.1646918079&_r=1&_slc=1&z=639536648

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://marieclairearabia.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 13:14:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://marieclairearabia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 15ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2045492418&t=pageview&_s=1&dl=https%3A%2F%2Fmarieclairearabia.com%2Fpreview%2Fcontent%2F13365%2F2efa7bcdd5041f88b8c28d2ebe46e377%2F1646862995&ul=en-us&de=UTF-8&dt=Marie%20Claire%20Arabia%20%7C%20%D9%86%D8%B8%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%B9%D8%B5%D8%B1%D9%8A%D8%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAAC~&jid=1462249567&gjid=62558383&cid=200358391.1646918079&tid=UA-127147068-1&_gid=327395246.1646918079&_r=1&_slc=1&z=1317445111

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://marieclairearabia.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 13:14:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://marieclairearabia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 24 B
315 B 98ms
32ms XHR
application/json 54.229.233.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/6381/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.233.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-233-249.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 3499c2bfdc525e4672c8a2d78d7fb89e7cadd4b4c84a58daf8c30f3a2c7cee59

Request headers

Referer: https://marieclairearabia.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 13:14:39 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://marieclairearabia.com
expires: 0
cache-control: no-cache
x-server: 10.45.21.71
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 24
x-consent: absent

GET
H2 200 5c3c9066e784a00011c522e0.js Show response
buttons-config.sharethis.com/js/ 30 B
420 B 1437ms
888ms Script
text/javascript 2600:9000:2112:b600:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/5c3c9066e784a00011c522e0.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2112:b600:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:41 GMT
via: 1.1 750e3ab1422892abff69852252bac004.cloudfront.net (CloudFront)
last-modified: Mon, 14 Jan 2019 13:36:39 GMT
server: AmazonS3
x-amz-cf-pop: NRT51-C1
etag: "e6e1643313740711175f51662a65b42f"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: max-age=60,public
accept-ranges: bytes
content-length: 30
x-amz-cf-id: Pfwl2coqrxwoVz3orYicH5BSY7BzXVN0owEnZ1XmjWuOOT9pZ4UcAw==

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
408 B 39ms
9ms XHR
text/plain 3.123.86.254
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=marieclairearabia.com&location=%2Fpreview%2Fcontent%2F13365%2F2efa7bcdd5041f88b8c28d2ebe46e377%2F1646862995&product=custom-share-buttons&url=https%3A%2F%2Fmarieclairearabia.com%2Fpreview%2Fcontent%2F13365%2F2efa7bcdd5041f88b8c28d2ebe46e377%2F1646862995&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Marie%20Claire%20Arabia%20%7C%20%D9%86%D8%B8%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%B9%D8%B5%D8%B1%D9%8A%D8%A9&cms=unknown&publisher=5c3c9066e784a00011c522e0&sop=true&version=st_sop.js&lang=en&description=%D9%86%D8%B8%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%B9%D8%B5%D8%B1%D9%8A%D8%A9%20%D9%84%D8%A7%20%D8%A8%D8%AF%20%D9%84%D9%83%20%D9%85%D9%86%20%D8%A7%D9%86%D8%AA%D9%82%D8%A7%D8%A6%D9%87%D8%A7%20%D9%87%D8%B0%D8%A7%20%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.86.254 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-123-86-254.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 13:14:39 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin: https://marieclairearabia.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H2 200 pubads_impl_2022030301.js Show response
securepubads.g.doubleclick.net/gpt/ 364 KB
122 KB 46ms
7ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065570

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 12:20:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3250
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124636
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:34:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 10 Mar 2023 12:20:29 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 126 B
731 B 54ms
16ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=marieclairearabia.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

dceaa5f127432440df6daa083321fa8a3c67d36cdbd59fa4f3b36d67f6c0f08f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 13:14:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
expires: Thu, 10 Mar 2022 13:14:39 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 156ms
36ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/assets/marieclairewebsite/js/content-layout.js?version=79eed2a78a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE9) /
Resource Hash: c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 10 Mar 2022 13:14:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 864
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29178
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:46:17 GMT
Server: ECS (mil/6CE9)
Etag: "f7f936f48944db7f829585c4368f33ae+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H3

200

ab12745d93c5.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js

15 KB
5 KB

17ms
7ms

Script
text/javascript

2a03:2880:f21c:80e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H3
Server: 2a03:2880:f21c:80e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 08 Mar 2022 22:26:42 GMT
content-encoding: br
etag: "ab12745d93c5"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 4843
priority: u=3,i

Redirect headers

date: Thu, 10 Mar 2022 13:14:39 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: ldc
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control: max-age=21600
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 358771f85217cca2751772f9d636a782acb57e69.js Show response
cdn.izooto.com/scripts/ 917 B
881 B 71ms
30ms Script
application/javascript 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/358771f85217cca2751772f9d636a782acb57e69.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-57B2T9R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

545c262b5d3a34626a5a523bddcea70e5ec0456228b8b8433a554667a2659304

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6797
x-xss-protection: 1; mode=block
last-modified: Thu, 30 Sep 2021 14:33:38 GMT
server: cloudflare
etag: W/"6155cac2-395"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
access-control-allow-origin: *
expires: Sun, 10 Apr 2022 13:14:39 GMT
cache-control: public, max-age=2678400
cf-ray: 6e9c508d2eb62397-ZRH
cf-bgj: minify

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
442 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-127130482-1&cid=200358391.1646918079&jid=279458784&gjid=1945491253&_gid=327395246.1646918079&_u=IEBAAEAAAAAAAC~&z=2065194800

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://marieclairearabia.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 10 Mar 2022 13:14:39 GMT
content-type: text/plain
access-control-allow-origin: https://marieclairearabia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
72 B 58ms
20ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-127147068-1&cid=200358391.1646918079&jid=1462249567&gjid=62558383&_gid=327395246.1646918079&_u=IEDAAEABAAAAAC~&z=1473591046

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://marieclairearabia.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 10 Mar 2022 13:14:39 GMT
content-type: text/plain
access-control-allow-origin: https://marieclairearabia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 600 KB
132 KB 25ms
24ms Script
text/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/133428/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: be4bbb723567baa72760e739edfd6b0ea5e0e2e3c368954f6cd422785b9e5e99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 10 Mar 2022 13:14:39 GMT
content-encoding: br
last-modified: Wed, 09 Mar 2022 16:32:50 GMT
x-amz-request-id: Y2G8V0BVT2F41F1A
etag: "78ddcc31d55a74799831adb4da7f01de"
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: 6
accept-ranges: bytes
content-length: 134124
x-amz-id-2: 7bgz7kjaObYhl53sWCX7dlHd27O3NNzEMaxTMCfU1AAmcDiy262ZG9gf47TxzY7S06qYa1JW4Lk=
expires: Thu, 10 Mar 2022 13:44:39 GMT

GET
H3 200 1011260005918146 Show response
connect.facebook.net/signals/config/ 307 KB
87 KB 83ms
82ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1011260005918146?v=2.9.55&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e45479585469591494695bacdb881ebcb19a3bfc2bb03f4fde441636ab5f7b72

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: mO8OZG43BUo1MYkm94CGj+2/etYigWfr++dD4h4kH2eO5NyVHlMw7ucBtmQTsj4EC5Ohbyd9s+YbX93q7+wlHw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 10 Mar 2022 13:14:39 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 22ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=586855661733176&ev=PageView&dl=https%3A%2F%2Fmarieclairearabia.com%2Fpreview%2Fcontent%2F13365%2F2efa7bcdd5041f88b8c28d2ebe46e377%2F1646862995&rl=&if=false&ts=1646918079513&sw=1600&sh=1200&v=2.9.55&r=stable&ec=0&o=30&fbp=fb.1.1646918079510.1204473811&it=1646918079384&coo=false&exp=p0&rqm=GET

Requested by

Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 10 Mar 2022 13:14:39 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 38ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=marieclairearabia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065570

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 13:14:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 37ms
16ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=marieclairearabia.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065570

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 13:14:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
13 KB 107ms
91ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4458432515264128&correlator=83884426206133&eid=31065294%2C31065570%2C31061165%2C31063247&output=ldjh&gdfp_req=1&vrg=2022030301&ptt=17&impl=fifs&sc=1&iu_parts=8826%2Cmarieclaire-2%2Cmarieclaire2-skin%2Cmarieclaire2-overlay%2Cmarieclaire2-mpu%2Cmarieclaire2-Halfpage%2Cmarieclaire2-topbanner%2Cmarieclaire2-inread2x2%2Cmarieclaire2-inread%2Cmarieclaire2-1x1%2CMarieClaire2-Jubna-1x1%2Cmarieclaire2-editorialpixel-1x1&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8%2C%2F0%2F1%2F9%2C%2F0%2F1%2F10%2C%2F0%2F1%2F11&prev_iu_szs=1x1%2C1x1%2C300x250%7C300x601%2C300x600%2C728x90%7C970x90%7C970x250%7C970x450%7C980x90%7C980x250%7C1000x300%7C1000x500%7C980x450%2C2x2%2C1x1%2C1x1%2C1x1%2C1x1&sfv=1-0-38&ecs=20220310&ists=776&fsapi=false&eri=1&cust_params=environment%3Dlive%26articleID%3D13365%26editorialtype%3DCampaign%2520Editorial%26category%3Dnotavailable%26DT64%3D0%26pagetype%3Darticle&cookie_enabled=1&abxe=1&dt=1646918079574&lmt=1646918079&dlt=1646918079241&idt=303&biw=1600&bih=1200&oid=2&adxs=0%2C0%2C350%2C350%2C872%2C0%2C0%2C0%2C0%2C0&adys=0%2C0%2C1816%2C327%2C114%2C0%2C0%2C0%2C0%2C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&adks=1080774026%2C2735310471%2C19300741%2C276311972%2C3108735115%2C2734074319%2C3241299718%2C2054300825%2C3025675743%2C3942822788&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fmarieclairearabia.com%2Fpreview%2Fcontent%2F13365%2F2efa7bcdd5041f88b8c28d2ebe46e377%2F1646862995&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0%7C1600x0%7C350x1469%7C350x1469%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0%7C1600x0&msz=0x0%7C0x0%7C300x0%7C300x0%7C1600x2%7C2x0%7C0x0%7C0x0%7C1x-1%7C0x0&fws=128%2C128%2C132%2C132%2C132%2C128%2C128%2C128%2C128%2C128&ohw=0%2C0%2C1600%2C1600%2C1600%2C0%2C0%2C0%2C0%2C0&ga_vid=200358391.1646918079&ga_sid=1646918080&ga_hid=2045492418&ga_fc=true&btvi=0%7C0%7C1%7C0%7C0%7C0%7C0%7C0%7C0%7C0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065570

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5a64325b088419281b882cbf5eb477a50e4f0f664c20e5f1ae100cda5da46be3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12885
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,5605654273,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,138338869969,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://marieclairearabia.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5bab7fc2360eff3ab5718412f9f91999.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E4B2 6 KB
4 KB 64ms
14ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5bab7fc2360eff3ab5718412f9f91999.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065570

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 10 Mar 2022 13:14:39 GMT
expires: Fri, 10 Mar 2023 13:14:39 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 60ms
34ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-127147068-1&cid=200358391.1646918079&jid=1462249567&_u=IEDAAEABAAAAAC~&z=1047200980

Requested by

Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 13:14:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 54ms
31ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-127147068-1&cid=200358391.1646918079&jid=1462249567&_u=IEDAAEABAAAAAC~&z=1047200980

Requested by

Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 13:14:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 http-source
s8t.teads.tv/logs/format/ 0
0 96ms
38ms Image
text/plain 2a02:26f0:fb:199::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s8t.teads.tv/logs/format/http-source?%5B20%5D%5B1011%7Cd%7CWindows%7C10%7CChrome%7C99%7Cweb%7C%7C%5D%5B%7C%7C%5D%5Bwarning%5D%20getViewerInfo%20api%20not%20accessible
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:199::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 http-source
s8t.teads.tv/logs/format/ 0
0 96ms
38ms Image
text/plain 2a02:26f0:fb:199::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s8t.teads.tv/logs/format/http-source?%5B20%5D%5B1011%7Cd%7CWindows%7C10%7CChrome%7C99%7Cweb%7C%7C%5D%5B%7C%7C%5D%5Bwarning%5D%20getViewerInfo%20cookie%20not%20accessible
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:199::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 track
t.teads.tv/ 23 B
113 B 148ms
42ms Image
image/gif 92.122.254.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=35732415-5eea-42d9-a57c-7acbba81ca78&pageId=133428&pid=146507&debug_metadata=67WTima5lH&fv=1011&ts=1646918079644&f=1&referer=https%3A%2F%2Fmarieclairearabia.com%2Fpreview%2Fcontent%2F13365%2F2efa7bcdd5041f88b8c28d2ebe46e377%2F1646862995
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.254.4 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-254-4.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 149ms
44ms Image
image/gif 92.122.254.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=35732415-5eea-42d9-a57c-7acbba81ca78&pageId=133428&pid=146507&slot=native&fv=1011&ts=1646918079650&f=1&referer=https%3A%2F%2Fmarieclairearabia.com%2Fpreview%2Fcontent%2F13365%2F2efa7bcdd5041f88b8c28d2ebe46e377%2F1646862995
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.254.4 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-254-4.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 23
content-type: image/gif

GET
H2 200 http-source
s8t.teads.tv/logs/format/ 0
0 84ms
39ms Image
text/plain 2a02:26f0:fb:199::26e5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s8t.teads.tv/logs/format/http-source?%5B10%5D%5B1011%7Cd%7CWindows%7C10%7CChrome%7C99%7Cweb%7C%7C%5D%5B146507%7C%7C%5D%5Binfo%5D%20ccpa-iab-consent%200%202
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:199::26e5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 ad Show response
a.teads.tv/page/133428/ 541 B
575 B 70ms
69ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/133428/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fmarieclairearabia.com%2Fpreview%2Fcontent%2F13365%2F2efa7bcdd5041f88b8c28d2ebe46e377%2F1646862995&page=%7B%22id%22%3A133428%2C%22placements%22%3A%5B%7B%22id%22%3A146507%2C%22validity%22%3A%7B%22status%22%3Atrue%2C%22reasons%22%3A%5B%5D%7D%2C%22player%22%3A%7B%22width%22%3A650%2C%22height%22%3A366%7D%2C%22slotType%22%3A%22native%22%7D%5D%2C%22gdpr_iab%22%3A%7B%22reason%22%3A220%2C%22status%22%3A22%2C%22consent%22%3A%22%22%2C%22apiVersion%22%3Anull%2C%22cmpId%22%3Anull%7D%2C%22segments%22%3A%7B%22permutive%22%3Anull%7D%2C%22first_party_data%22%3A%7B%22firstPartyCookieTeadsId%22%3Anull%2C%22sharedIds%22%3Anull%7D%7D&auctid=35732415-5eea-42d9-a57c-7acbba81ca78&formatVersion=1011&env=js-web&netBw=10&ttfb=446
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1e2c6129bc50e4341956d1d22dfab5a29b193811d91e5e2af5a4a6bffa1b3d02

Request headers

Accept: application/json; charset=UTF-8
Referer: https://marieclairearabia.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 13:14:39 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://marieclairearabia.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 365
expires: Thu, 10 Mar 2022 13:14:39 GMT

GET
H2 200 izooto.js Show response
cdn.izooto.com/scripts/sdk/ 185 KB
46 KB 28ms
24ms Script
application/javascript 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sdk/izooto.js

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/358771f85217cca2751772f9d636a782acb57e69.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

180fbfaedfdb61493a4d703090076262d00b421d6c66e22f55408b6db5dae359

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 699220
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Mar 2022 11:00:01 GMT
server: cloudflare
etag: W/"621f4e31-2e4a5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
access-control-allow-origin: *
expires: Sun, 10 Apr 2022 13:14:39 GMT
cache-control: public, max-age=2678400
cf-ray: 6e9c508defae2397-ZRH
cf-bgj: minify

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 19ms
10ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1011260005918146&ev=PageView&dl=https%3A%2F%2Fmarieclairearabia.com%2Fpreview%2Fcontent%2F13365%2F2efa7bcdd5041f88b8c28d2ebe46e377%2F1646862995&rl=&if=false&ts=1646918079671&sw=1600&sh=1200&v=2.9.55&r=stable&ec=0&o=30&fbp=fb.1.1646918079510.1204473811&it=1646918079384&coo=false&exp=p0&rqm=GET

Requested by

Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 10 Mar 2022 13:14:39 GMT

GET
H/1.1 200
OK widget_iframe.a58e82e150afc25eb5372dd55a98b778.html Show response
platform.twitter.com/widgets/ Frame 175B 319 KB
104 KB 46ms
46ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fmarieclairearabia.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE2) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 568162
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Thu, 10 Mar 2022 13:14:39 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 16 Feb 2022 18:36:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CE2)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6B39 0
0 37ms
36ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstANXgAjZXKoyjscMGiwYi5TPcw2Z-MF-uNs4IW06Iyq8thoutBVBBoeWGcnzNaXT7MNCDNSZ7gl649BeSncbR9UdHZtzi0W5csjfIxkNZ6Ocf_S6YTQ_JceKP3o_qothFPlWD1ZklAt9OBcLoD2oh_2nGnuYHPvvScXLSUGb1UdrIs7DtAtUOJcwBobkLWpsxdsazeFUBay9Fc6HaQfcT5lkNGOMbSeQd3PFmsf1n9xdx0uhozAdxvO3wFUtDPh-YCt7gCi-2P7kTpP-Ya3iM9x_Vx9qj_LvbS7gLZJBhHs4UGG7TUI7b7UqKxBtnPxr3FGXIcbZ6KkuUfbb37JzquPstyxMi3VhzGP8Q6Fd3Ldw&sai=AMfl-YTnpDQPSGDHKJVAHZwlAGdJQLjnaMvRmYJ5gOHfsrpO0yEjl8D4yFz6e4V7f0Hv7zTGXrjBvugdM-AXFxIdsbLPAOCkBrQOvBn61TaRrT2a5a7w-anTV-A_R9k8bxM&sig=Cg0ArKJSzCIVjkiEPcT4EAE&uach_m=[UACH]&adurl=

Requested by

Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 13:14:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 10 Mar 2022 13:14:39 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 6B39 2 KB
2 KB 46ms
11ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065570

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 24 Mar 2022 13:11:32 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B39 117 KB
36 KB 48ms
26ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065570

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36343
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1646830771070120"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 13:14:39 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6B39 0
0 45ms
19ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ6jyhPDjXXLjwb09Vmck8IsPmTtvmznlm1qXEFpy7jk3jbQTcSJ8qJ8c4t2DzgtHSM_SAynbEwYtXkjhlh1x_hwS5eDg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065570
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 14905986828582047285
tpc.googlesyndication.com/simgad/ Frame 6B39 98 KB
98 KB 105ms
71ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14905986828582047285

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065570

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4001174c440999da52865eb79413d022294cc455def636abc11fb56505da2f7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100140
x-xss-protection: 0
last-modified: Mon, 01 Feb 2021 11:19:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 10 Mar 2023 13:14:39 GMT

GET
H2 200 iz_setcid.html Show response
cdn.izooto.com/scripts/sak/ Frame FD7F 2 KB
884 B 28ms
28ms Document
text/html 2606:4700::6812:d941
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.izooto.com/scripts/sak/iz_setcid.html

Requested by

Host: cdn.izooto.com
URL: https://cdn.izooto.com/scripts/sdk/izooto.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d941 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92e62ed4b1792fbdb64faf2ec5507d26356b9e1bce54486fc130a2b1b68b7e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/

Response headers

date: Thu, 10 Mar 2022 13:14:39 GMT
content-type: text/html
last-modified: Tue, 11 Feb 2020 13:01:43 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-xss-protection: 1; mode=block
cache-control: public, max-age=2678400
access-control-allow-origin: *
cf-cache-status: HIT
age: 1724080
expires: Sun, 10 Apr 2022 13:14:39 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6e9c508e787d2397-ZRH
content-encoding: br

GET
DATA 200
OK truncated
/ Frame 6B39 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c98207c511d6f9d814e2fa194321a065aeefcd73d7c5d39fb3480112b52a582

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 4D42 47 KB
13 KB 109ms
32ms Script
application/javascript 52.213.111.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=931094&campId=970x250&pubId=4632936213&chanId=21750853334&placementId=5605654273&pubCreative=138338869969&pubOrder=2408532440&cb=198192961&adsafe_par&impId=&custom=marieclairearabia.com
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.111.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-111-123.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8475a77ab79d7159686b3ceb50bf9846ca2311b0243e4f4457bf673ce7287224

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 13:14:39 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 175B 293 B
467 B 146ms
113ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=016689f01fbdc35d7b723365927dad54638d0c55

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fmarieclairearabia.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c41896ee7b4524bd50de896a3e2ead44700fad37e563805235b76a6621751c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 106
date: Thu, 10 Mar 2022 13:14:39 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 13:14:39 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 5fe468d8a17dc5010711d3436cd8381949306998804ca81700b4c026aacf526d
content-length: 186

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6B39 0
0 44ms
30ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjFfrW_4GZaj3xy3vnf1w5OrXDyJVsgPjRRcPxnKisQFJy8Sj1gfPWxonKodpS5n4hsWYntawI8rScn1sDKgOpL_m9kGkt5NtGrdewBR9VMK4WC_ffCimnlaqSBiNq14H2DV6fffAh3zPVDfP8uJRYvEst36rKayD4472sDTeU9nA4uotUJymnbI0JU_9LJBLAsel6QRn36gVZz3Deq2CtZ6icb8MHW4JdNfzJ2srzFQrzMVEZQX0aZpbiRYp9A9wmmpPHEXQydivxOpfS6M3gtFzNXIp8w8b5dheMbRvj6mfZtOMS5itBb5ly-kG7_cT6zRyJcge1CpZ1gBLmjSh3LnenNA&sai=AMfl-YRtYiKN3dGFm2msWlivFgPv9mS3NHFdU75myKEzSkQJJfsS6ZEVmDXw0kca0Gn7ne0PLn1JfaM7G5v8pjm9rWAaZEe0YWcpmMvS0mfxy5bmlkWRDD-qmd_Q5kTdEww&sig=Cg0ArKJSzPD1MMwqtUmKEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 13:14:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Thu, 10 Mar 2022 13:14:39 GMT

GET
H2 200 main.gr.19.8.299.js Show response
static.adsafeprotected.com/ Frame 4D42 189 KB
60 KB 44ms
7ms Script
application/javascript 2600:9000:2156:1800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.299.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=931094&campId=970x250&pubId=4632936213&chanId=21750853334&placementId=5605654273&pubCreative=138338869969&pubOrder=2408532440&cb=198192961&adsafe_par&impId=&custom=marieclairearabia.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 07 Mar 2022 20:37:01 GMT
content-encoding: gzip
age: 232659
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 01 Mar 2022 19:11:01 GMT
server: AmazonS3
etag: W/"587738d3e44b43a2620f42eb51d89fbf"
vary: Accept-Encoding
x-amz-version-id: kp2GPcLunARmvxyYiu0RKpd0_UaoR.nW
via: 1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: EG64_2Ip0pcsh8HWGZMNYROJrVj91oTgIxIicMFncZDw1RqTtket7g==

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=586855661733176&ev=Microdata&dl=https%3A%2F%2Fmarieclairearabia.com%2Fpreview%2Fcontent%2F13365%2F2efa7bcdd5041f88b8c28d2ebe46e377%2F1646862995&rl=&if=false&ts=1646918080016&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Marie%20Claire%20Arabia%20%7C%20%D9%86%D8%B8%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%B9%D8%B5%D8%B1%D9%8A%D8%A9%22%2C%22meta%3Adescription%22%3A%22%D9%86%D8%B8%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%B9%D8%B5%D8%B1%D9%8A%D8%A9%20%D9%84%D8%A7%20%D8%A8%D8%AF%20%D9%84%D9%83%20%D9%85%D9%86%20%D8%A7%D9%86%D8%AA%D9%82%D8%A7%D8%A6%D9%87%D8%A7%20%D9%87%D8%B0%D8%A7%20%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22marie%20claire%20arabia%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmarieclairearabia.com%2Fmedia%2Fcache%2Fresolve%2Fcontent_og_image%2Fuploads%2Fcms%2Fstandalone-content%2Fthumbnail%2F6229224fead1c363360722.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fmarieclairearabia.com%2Fpreview%2Fcontent%2F13365%2F2efa7bcdd5041f88b8c28d2ebe46e377%2F1646862995%22%2C%22og%3Atitle%22%3A%22%D9%86%D8%B8%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%B9%D8%B5%D8%B1%D9%8A%D8%A9%22%2C%22og%3Adescription%22%3A%22%D9%86%D8%B8%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%B9%D8%B5%D8%B1%D9%8A%D8%A9%20%D9%84%D8%A7%20%D8%A8%D8%AF%20%D9%84%D9%83%20%D9%85%D9%86%20%D8%A7%D9%86%D8%AA%D9%82%D8%A7%D8%A6%D9%87%D8%A7%20%D9%87%D8%B0%D8%A7%20%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85%22%2C%22og%3Aupdate_time%22%3A%222022-03-10T01%3A56%3A35%2B0400%22%2C%22og%3Atype%22%3A%22article%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.55&r=stable&ec=1&o=30&fbp=fb.1.1646918079510.1204473811&it=1646918079384&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 10 Mar 2022 13:14:40 GMT

GET
H2 200 tpl Show response
pixel.adsafeprotected.com/ Frame 6B39 369 B
476 B 32ms
32ms Script
application/javascript 52.213.111.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/tpl?ias_callback=__IntegralAS_5be3235674c91d103ab55633b061fcc1_3711&asId=5be32356-74c9-1d10-3ab5-5633b061fcc1
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/main.gr.19.8.299.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.111.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-111-123.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e4cabcdbf0ab3653020ba1cf0c146f60b6a32dec74d927046a143709efc64a20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 13:14:40 GMT
content-encoding: gzip
x-server-name: app11.ie.303net.net
content-type: application/javascript;charset=utf-8
cache-control: no-cache
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame F5EA 80 KB
21 KB 11ms
11ms Script
application/javascript 2600:9000:2156:1800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
content-encoding: gzip
age: 1984597
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 baaf38f0a0d54e4834bf934fa5189cea.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: 2oBc4Sjy2jE3aXlXFShnnULX0PTGyyQhP18tSsy5cmeB-GcqVMmcSg==

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 35ms
35ms Image
image/gif 52.213.111.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=931094&campId=970x250&pubId=4632936213&chanId=21750853334&placementId=5605654273&pubCreative=138338869969&pubOrder=2408532440&cb=198192961&adsafe_par&impId=&custom=marieclairearabia.com&adsafe_url=https%3A%2F%2Fmarieclairearabia.com%2Fpreview%2Fcontent%2F13365%2F2efa7bcdd5041f88b8c28d2ebe46e377%2F1646862995&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fmarieclairearabia.com%2F&adsafe_type=f&adsafe_jsinfo=,id:5be32356-74c9-1d10-3ab5-5633b061fcc1,c:6sPNFa,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-5bb8f6f447-bbfdw,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:315.114.970.250,am:i,cc:315.114.970.250,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:79,fm:sZGsqpN+11%7C12%7C13*.931094%7C131%7C14,idMap:13*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:93,oid:0ac5374d-a074-11ec-ac5b-26311759e7c6,v:19.8.299,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.111.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-111-123.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 13:14:40 GMT
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
216 B 511ms
155ms Image
image/gif 52.37.64.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931094&asId=5be32356-74c9-1d10-3ab5-5633b061fcc1&tv=%7Bc:6sPNFb,pingTime:-8,time:94,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:94,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:92,wc:0.0.1600.1200,ac:315.114.970.250,am:i,cc:315.114.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B11~100%5D,as:%5B11~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sZGsqpN+11%7C12%7C13*.931094%7C131%7C14,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.37.64.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-64-197.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 13:14:40 GMT
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 506ms
157ms Image
image/gif 52.37.64.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931094&asId=5be32356-74c9-1d10-3ab5-5633b061fcc1&tv=%7Bc:6sPNFs,pingTime:0,time:111,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:93%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:111,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:92,wc:0.0.1600.1200,ac:315.114.970.250,am:i,cc:315.114.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B28~100%5D,as:%5B28~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sZGsqpN+11%7C12%7C13*.931094%7C131%7C14,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=u
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.37.64.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-64-197.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 13:14:40 GMT
x-server-name: dt07.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 500ms
157ms Image
image/gif 52.37.64.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931094&asId=5be32356-74c9-1d10-3ab5-5633b061fcc1&tv=%7Bc:6sPNFz,pingTime:-2,time:118,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:139,beZ:140,mfA:218,cmA:219,inA:219,inZ:223,prA:223,prZ:226,si:232,poA:233,poZ:244,cmZ:244,mfZ:244,loA:251,loZ:253,ltA:256,ltZ:256%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:93%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:118,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:92,wc:0.0.1600.1200,ac:315.114.970.250,am:i,cc:315.114.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B35~100%5D,as:%5B35~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sZGsqpN+11%7C12%7C13*.931094%7C131%7C14,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs,slid:%5Bgoogle_ads_iframe_/8826/marieclaire-2/marieclaire2-topbanner_0,google_ads_iframe_/8826/marieclaire-2/marieclaire2-topbanner_0__container__,div-gpt-ad-1538731734489-0-desk,ad-billboard-clone%5D,sinceFw:22,readyFired:true%7D&br=u
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.37.64.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-64-197.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 13:14:40 GMT
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK x46234
rs.gwallet.com/r1/pixel/ 43 B
391 B 305ms
98ms Image
image/gif 199.127.207.180
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rs.gwallet.com/r1/pixel/x46234
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 199.127.207.180 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: openresty/1.19.9.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 10 Mar 2022 13:14:40 GMT
Server: openresty/1.19.9.1
Vary: Origin
P3p: CP="PSAo PSDo OUR BUS DSP NON COR"
Access-Control-Allow-Origin: *
Cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
useSecure: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43

GET
H2 200 datain
insight.adsrvr.org/track/ 0
167 B 102ms
34ms Image
text/plain 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/datain?name=ibd&type=7&ttl=1440&rev=0&dot=2&doi=integral
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 13:14:40 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET sid.6586276
segs.btrll.com/v1/tpix/-/-/-/-/-/ 0
0

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://rtd-tm.everesttech.net/upi/?sid=RE4NsHsY5dFM35AtuumK&cs=1
https://rtd-tm.everesttech.net/ct/upi/?sid=RE4NsHsY5dFM35AtuumK&cs=1&_test=Yin5wAAAHu5wwQBd
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWluNXdBQUFIdTV3d1FCZA

170 B
502 B

51ms
21ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWluNXdBQUFIdTV3d1FCZA

Requested by

Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 13:14:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 10 Mar 2022 13:14:40 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1646918080.256539,VS0,VE90
x-served-by: cache-hhn4042-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWluNXdBQUFIdTV3d1FCZA
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2

200

/
rtd-tm.everesttech.net/ct/upi/
Redirect Chain

https://rtd-tm.everesttech.net/upi/?sid=PbfkjWGwpPgsEfjhQvOD&cs=0
https://rtd-tm.everesttech.net/ct/upi/?sid=PbfkjWGwpPgsEfjhQvOD&cs=0&_test=Yin5wAAALwKbCQBj

85 B
165 B

13ms
13ms

Image
image/png

151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtd-tm.everesttech.net/ct/upi/?sid=PbfkjWGwpPgsEfjhQvOD&cs=0&_test=Yin5wAAALwKbCQBj
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 13:14:40 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 3257
x-served-by: cache-hhn4042-HHN
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
x-timer: S1646918080.256291,VS0,VE0
content-length: 85
x-cache-hits: 1248

Redirect headers

pragma: no-cache
date: Thu, 10 Mar 2022 13:14:40 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1646918080.148245,VS0,VE89
x-served-by: cache-hhn4042-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://rtd-tm.everesttech.net/ct/upi/?sid=PbfkjWGwpPgsEfjhQvOD&cs=0&_test=Yin5wAAALwKbCQBj
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 10ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1011260005918146&ev=Microdata&dl=https%3A%2F%2Fmarieclairearabia.com%2Fpreview%2Fcontent%2F13365%2F2efa7bcdd5041f88b8c28d2ebe46e377%2F1646862995&rl=&if=false&ts=1646918080174&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Marie%20Claire%20Arabia%20%7C%20%D9%86%D8%B8%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%B9%D8%B5%D8%B1%D9%8A%D8%A9%22%2C%22meta%3Adescription%22%3A%22%D9%86%D8%B8%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%B9%D8%B5%D8%B1%D9%8A%D8%A9%20%D9%84%D8%A7%20%D8%A8%D8%AF%20%D9%84%D9%83%20%D9%85%D9%86%20%D8%A7%D9%86%D8%AA%D9%82%D8%A7%D8%A6%D9%87%D8%A7%20%D9%87%D8%B0%D8%A7%20%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22marie%20claire%20arabia%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmarieclairearabia.com%2Fmedia%2Fcache%2Fresolve%2Fcontent_og_image%2Fuploads%2Fcms%2Fstandalone-content%2Fthumbnail%2F6229224fead1c363360722.jpg%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fmarieclairearabia.com%2Fpreview%2Fcontent%2F13365%2F2efa7bcdd5041f88b8c28d2ebe46e377%2F1646862995%22%2C%22og%3Atitle%22%3A%22%D9%86%D8%B8%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%B9%D8%B5%D8%B1%D9%8A%D8%A9%22%2C%22og%3Adescription%22%3A%22%D9%86%D8%B8%D8%A7%D8%B1%D8%A7%D8%AA%20%D8%B9%D8%B5%D8%B1%D9%8A%D8%A9%20%D9%84%D8%A7%20%D8%A8%D8%AF%20%D9%84%D9%83%20%D9%85%D9%86%20%D8%A7%D9%86%D8%AA%D9%82%D8%A7%D8%A6%D9%87%D8%A7%20%D9%87%D8%B0%D8%A7%20%D8%A7%D9%84%D9%85%D9%88%D8%B3%D9%85%22%2C%22og%3Aupdate_time%22%3A%222022-03-10T01%3A56%3A35%2B0400%22%2C%22og%3Atype%22%3A%22article%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.55&r=stable&ec=1&o=30&fbp=fb.1.1646918079510.1204473811&it=1646918079384&coo=false&es=automatic&tm=3&exp=p0&rqm=GET

Requested by

Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Thu, 10 Mar 2022 13:14:40 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 209ms
156ms Image
image/gif 52.37.64.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931094&asId=5be32356-74c9-1d10-3ab5-5633b061fcc1&tv=%7Bc:6sPNKf,pingTime:-10,time:408,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1646918080350%7C%7C8345ff549d0af665857a0634d0c3e4d8%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C980e6512e62ecf6726b6b668e5578a07%7C%7Ccb42a2902c90d714d989411b18c9b5f6%7C%7Cc85e1f0d0d62bc665988b10a89470832%7C%7Cc4414896a85e6a89175090890bcd8287%7C%7C6bccb27a81dbf588ff61545b9e5171f8%7C%7C1629390669%7D
Requested by: Host: marieclairearabia.com
URL: https://marieclairearabia.com/preview/content/13365/2efa7bcdd5041f88b8c28d2ebe46e377/1646862995
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.37.64.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-64-197.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 13:14:40 GMT
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6B39 42 B
174 B 54ms
28ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUB5QUC3w_8OWg0VWEKk7HYApZcec93EW8qoht_AJmqnZeHCLEcgQclGosJ285wEMZ9ecr1pKrsudC8qR52mxaPJVPmNlmfHMklAtCbpFfArlJ1QHm&sig=Cg0ArKJSzHVGSIyWIQdjEAE&id=lidar2&mcvt=1000&p=114,315,364,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220309&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3108735115&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646918079719&rpt=158&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 13:14:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rt=ifr Show response
bcp.crwdcntrl.net/5/ct=y/c=6381/rand=790706174/pv=y/int=%23OpR%2358067%23marieclairearabia%20%3A%20Site%20Section%20%3A%20preview%20%3A%20content/int=%23OpR%2358068%23marieclairearabia%20%3A%20Site... Frame 5B10
Redirect Chain

https://bcp.crwdcntrl.net/5/c=6381/rand=790706174/pv=y/int=%23OpR%2358067%23marieclairearabia%20%3A%20Site%20Section%20%3A%20preview%20%3A%20content/int=%23OpR%2358068%23marieclairearabia%20%3A%20S...
https://bcp.crwdcntrl.net/5/ct=y/c=6381/rand=790706174/pv=y/int=%23OpR%2358067%23marieclairearabia%20%3A%20Site%20Section%20%3A%20preview%20%3A%20content/int=%23OpR%2358068%23marieclairearabia%20%3...

163 B
404 B

37ms
37ms

Document
text/html

54.229.233.249
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=6381/rand=790706174/pv=y/int=%23OpR%2358067%23marieclairearabia%20%3A%20Site%20Section%20%3A%20preview%20%3A%20content/int=%23OpR%2358068%23marieclairearabia%20%3A%20Site%20Section%20%3A%20preview/int=%23OpR%2371517%23Total%20Site%20Traffic%20%3A%20marieclairearabia.com/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/6381/cc_af.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.233.249 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-233-249.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/

Response headers

date: Thu, 10 Mar 2022 13:14:40 GMT
content-type: text/html;charset=utf-8
content-length: 163
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.19.218
x-consent: absent
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)

Redirect headers

date: Thu, 10 Mar 2022 13:14:40 GMT
content-length: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=6381/rand=790706174/pv=y/int=%23OpR%2358067%23marieclairearabia%20%3A%20Site%20Section%20%3A%20preview%20%3A%20content/int=%23OpR%2358068%23marieclairearabia%20%3A%20Site%20Section%20%3A%20preview/int=%23OpR%2371517%23Total%20Site%20Traffic%20%3A%20marieclairearabia.com/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.26.88
server: Jetty(9.4.38.v20210224)

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
11 KB 35ms
21ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065570

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

124f145c32b56efb2098e758c42fa67fff97b04f2ec48818e5edc20b90d98902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 10 Mar 2022 13:14:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10433
x-xss-protection: 0

GET
H2 200 ppg.js Show response
platform-api.sharethis.com/ 19 KB
7 KB 8ms
7ms Script
application/javascript 143.204.98.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/ppg.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-21.fra50.r.cloudfront.net

Software

Resource Hash

551c9e5d06b0d4c8b044c0a6713fcd8a1380cc45c5aaa7aeff4ce9bbf9245d96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 12:30:49 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 02:28:17 GMT
age: 2631
x-frame-options: SAMEORIGIN
etag: W/"4aaf-17f71a7ceee"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
accept-ranges: bytes
x-amz-cf-pop: FRA50-C1
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-id: s9afgHN28ScvP63-HlRXPXStfC8tMNoc-sZa-o42yLg9fCfZI3usqg==

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 41ms
23ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030301.js?cb=31065570

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 10 Mar 2022 13:14:40 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2DD0 13 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 10 Mar 2022 11:00:24 GMT
expires: Fri, 10 Mar 2023 11:00:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 8056
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 195F 783 B
536 B 19ms
18ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c0f09bb491d15c02fc371fadf9c51ee28a67906e602f418fe1d6f572c5ab1f06

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GGV4H3nwwbhJsxOO7GnKxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 10 Mar 2022 13:14:40 GMT
date: Thu, 10 Mar 2022 13:14:40 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-GGV4H3nwwbhJsxOO7GnKxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js Show response
pagead2.googlesyndication.com/bg/ Frame 2DD0 35 KB
13 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hbjI8xylHpjavQyfdphvo41Bfdkh_RgUM1b0sbpcRZI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Mar 2022 10:11:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 97381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13728
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Mar 2023 10:11:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 195F 0
0 61ms
60ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030301&jk=4458432515264128&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 157ms
156ms Image
image/gif 52.37.64.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931094&asId=5be32356-74c9-1d10-3ab5-5633b061fcc1&tv=%7Bc:6sPNVH,pingTime:1,time:1118,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:93%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1118,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:92,wc:0.0.1600.1200,ac:315.114.970.250,am:i,cc:315.114.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1035~100%5D,as:%5B1035~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:659,fm:sZGsqpN+11%7C12%7C13*.931094%7C131%7C14,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs,ctpl:5.5.3%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.37.64.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-64-197.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 13:14:41 GMT
x-server-name: dt22.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 156ms
156ms Image
image/gif 52.37.64.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931094&asId=5be32356-74c9-1d10-3ab5-5633b061fcc1&tv=%7Bc:6sPNVH,pingTime:1,time:1118,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:93%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1118,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:92,wc:0.0.1600.1200,ac:315.114.970.250,am:i,cc:315.114.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1035~100%5D,as:%5B1035~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:659,fm:sZGsqpN+11%7C12%7C13*.931094%7C131%7C14,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs,ctpl:5.5.3,metricId:publ1,cmr:t%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.37.64.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-64-197.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 13:14:41 GMT
x-server-name: dt03.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 157ms
157ms Image
image/gif 52.37.64.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931094&asId=5be32356-74c9-1d10-3ab5-5633b061fcc1&tv=%7Bc:6sPNVI,pingTime:1,time:1119,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:93%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1119,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:92,wc:0.0.1600.1200,ac:315.114.970.250,am:i,cc:315.114.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1036~100%5D,as:%5B1036~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:659,fm:sZGsqpN+11%7C12%7C13*.931094%7C131%7C14,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs,ctpl:5.5.3,metricId:grpm1,cmr:t%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.37.64.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-64-197.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 13:14:41 GMT
x-server-name: dt02.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2DD0 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kJ_buw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 10 Mar 2022 13:14:41 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 30ms
29ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030301&jk=4458432515264128&bg=!29il2JzNAAb7UztL-1M7ACkAdvg8WrfLNmcHAuF4-HTHq4eLf_Uxzr-lmvQL9_2iDN1ytPGVpmu_dgIAAABQUgAAAAJoAQcKAB906subqx_-5YMt63L6w7XlGzvBggaFeF09sExAKnFmmQLlJ0OAV4ZCnN7u3eHlTkZJKM5xmvWvhnulvc7MAqBKPMMd9qMOlcu5OVR-S2YWnuNaj5AMna3Q_aj-XUKvQoe1hQ1H1eTGEMVlmXlJb-ALe3VW5gDyEkdyv6oqLcA9KzSZmGVAfa8ts_9Y6DSyoWtH7h5QJ1OHnrQKDq0iGRdsh_wZAzQPNZwRJc_TzsNtFm3tKvwSgjoL2Utb02gR9QoSjdW3PAnDg51H7G9D7ZT6AYmnJzrhl10ZuXM2H0u4NFQeEbIUf-LsrAYNnkAJCnHgPaRWa3I39CeBoxoqNC4VrpxWl87nb7hQEbMjbvaOJA9qtucTZnVDPPJQ9i5bcrFWpI3YK4tfVj4HQyYTTdTlLq4op8aoAoSsoiqT03dY4PAxYSvmrWuz67tvOrFruyh4gSeg4idRzKwby_LfRA8f_4FJ6xa-C7sT8jqSEvJqpeBXacHExxiFzx2KOPV_ToJgcFzznje6l5iaTQkuRf4nmh-srvChmPRlFtg854BqdJ2D6XNa6N9bRmocoAHjUA0KpCrQM6rBolyPkKR_lHBAN1w5XKdSNbbGajJCIzHaWFgWV43bumbMaKPS_JC8fTLbqkESCjoHd1MI_jz1AUYweskLemEOjrTHI7wbF2FG6HZHVmuNtUcJ-_2PJtBDTV8Pc5n7fT8IVn5sobE09k4rs5N_zWhaGZGTN4vpLM5ayWO9LF50YQ5QVFSdYb0okjBUrW0dcLtcI9f35dxBoHW9pSYzW89CC-oqkgtU0RQwwTVIDn3L6quxzX8gV39hcZbL48jGd-74beJW2QyG5D84Y4Glv5Cn51M9VVJsIZq1WTlZZv16X6IxzI1UETa6VJevs0JSZOr2vdJiLoh_tsMeRjG1vqwZC2HY56SM4n9Ene6IHdAucGOJr-fbgPQySrJrsSUArZHv44M3MzPvJwq74fxUY12Ki8bpQ9RqoYzkxtAau-aoIejSm_z3k4d5U6tydiczw9rq

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 13:14:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ 43 B
215 B 156ms
156ms Image
image/gif 52.37.64.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=931094&asId=5be32356-74c9-1d10-3ab5-5633b061fcc1&tv=%7Bc:6sPOY8,pingTime:5,time:5113,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:93%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5113,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:92,wc:0.0.1600.1200,ac:315.114.970.250,am:i,cc:315.114.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5030~100%5D,as:%5B5030~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:160,fm:sZGsqpN+11%7C12%7C13*.931094%7C131%7C14,idMap:13*,rmeas:1,rend:1,renddet:IMG.qs,ctpl:5.5.3%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.37.64.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-37-64-197.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://marieclairearabia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 10 Mar 2022 13:14:45 GMT
x-server-name: dt17.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: segs.btrll.com
URL: https://segs.btrll.com/v1/tpix/-/-/-/-/-/sid.6586276

Verdicts & Comments Add Verdict or Comment

231 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
marieclairearabia.com/	1970-01-20 01:28:39	Name: DT64Enabled Value: 0
.marieclairearabia.com/	1970-01-20 18:59:50	Name: _ga Value: GA1.2.200358391.1646918079
.marieclairearabia.com/	1970-01-20 01:30:04	Name: _gid Value: GA1.2.327395246.1646918079
.marieclairearabia.com/	1970-01-20 01:28:38	Name: _gat Value: 1
.marieclairearabia.com/	1970-01-20 01:28:38	Name: _gat_kratos Value: 1
.marieclairearabia.com/	1970-01-20 03:38:14	Name: _fbp Value: fb.1.1646918079510.1204473811
.facebook.com/	1970-01-20 03:38:14	Name: fr Value: 0eBX6SXP635J2e8QK..BiKfm_...1.0.BiKfm_.
.marieclairearabia.com/	1970-01-20 10:50:14	Name: __gads Value: ID=7ca587c5853777d2-22917d8959cd00fc:T=1646918079:S=ALNI_MbzIPPkV064Eko0jjHk7lZD5pZHeQ
.doubleclick.net/	1970-01-20 10:50:14	Name: IDE Value: AHWqTUm29gEf4-eju69UZvhzFS9aqDorD36pWH47u_aitqrZT-kxafWlRgTgjMHQjSI
.izooto.com/	1970-02-04 01:28:38	Name: IZCID Value: fd0a6d50-e203-4eb6-a8e9-5c8aed389f88
.everesttech.net/	1970-01-20 10:14:14	Name: everest_g_v2 Value: g_surferid~Yin5wAAAHu5wwQBd
.everesttech.net/	1970-01-20 10:14:14	Name: ev_sync_enc Value: MjAyMjAzMTA_Mzo6MzA
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://segs.btrll.com/v1/tpix/-/-/-/-/-/sid.6586276 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5bab7fc2360eff3ab5718412f9f91999.safeframe.googlesyndication.com
a.teads.tv
adservice.google.com
adservice.google.de
bcp.crwdcntrl.net
buttons-config.sharethis.com
cdn.izooto.com
cm.g.doubleclick.net
connect.facebook.net
dt.adsafeprotected.com
insight.adsrvr.org
l.sharethis.com
marieclairearabia.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
platform-api.sharethis.com
platform.twitter.com
rs.gwallet.com
rtd-tm.everesttech.net
s8t.teads.tv
securepubads.g.doubleclick.net
segs.btrll.com
static.adsafeprotected.com
stats.g.doubleclick.net
syndication.twitter.com
t.teads.tv
tags.crwdcntrl.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.instagram.com
segs.btrll.com
104.244.42.72
142.250.181.226
143.204.98.21
151.101.130.49
172.217.18.98
18.66.248.77
199.127.207.180
2.18.232.7
2600:9000:2112:b600:c:abe:f440:93a1
2600:9000:2156:1800:8:48e:53c0:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700::6812:d941
2a00:1450:4001:808::2008
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2001
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a00:1450:400c:c09::9d
2a02:26f0:fb:199::26e5
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a03:2880:f21c:80e5:face:b00c:0:4420
2a06:98c1:3121::7
3.123.86.254
3.33.220.150
52.213.111.123
52.37.64.197
54.229.233.249
92.122.254.4
04cbe1a0453fe7c7789d40e110146cfa1c413c456dc62deb495e2dfe55408fd7
0620b208824b667b1328b0425aca6851ed3f3a9a65247e310824915b11cd60eb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ee3ba8d62688a5dcd8b12d596ab5256e567d0d314e79a12904ff428a666e27e
0f8d6804fb46eeca4b6fbaad1c54392042255049f85f21149c6c60d557ee7a60
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
119bf694411d0671552f6fd4afae48106f9949bb90adbed6627df93f51cd79cd
124f145c32b56efb2098e758c42fa67fff97b04f2ec48818e5edc20b90d98902
180fbfaedfdb61493a4d703090076262d00b421d6c66e22f55408b6db5dae359
1cfdd33073837cf0845b2c54ee1c95317516c696cc889b087b609e8c2bc3d286
1e2c6129bc50e4341956d1d22dfab5a29b193811d91e5e2af5a4a6bffa1b3d02
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
276079be1a8e9a8dd30c2898207bd683de7b4e34d63d7e1f26d1b4ee4b96c8f3
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
31c569d868268829ebaa21b3f4ce8a1a2e18dcfe8f6e66be63d89c3837234d9b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3499c2bfdc525e4672c8a2d78d7fb89e7cadd4b4c84a58daf8c30f3a2c7cee59
34c9338690a1cc1347f456db316bb68b078a75eb2cbed9cca4ab764c087cf75e
399d203fd1e14e73322d95810c14c952ad83d37a09991b219f4a9407838ce906
3b2a8248d53efa5d3a7ce1a6f1c62a5fa1e803e60b5bb6d4d4a6fe18bf495cab
4001174c440999da52865eb79413d022294cc455def636abc11fb56505da2f7b
4f19c7ec31ab46e50284e550b5166f6d3a767e9db8326ceaef1af7f4f5a2e7ad
545c262b5d3a34626a5a523bddcea70e5ec0456228b8b8433a554667a2659304
551c9e5d06b0d4c8b044c0a6713fcd8a1380cc45c5aaa7aeff4ce9bbf9245d96
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
599bfe0e54878ae6e20e73a8873630eee97139d3086449cab7fe36151f3d4103
5a64325b088419281b882cbf5eb477a50e4f0f664c20e5f1ae100cda5da46be3
5c5ab8ef03de9de0f2d2d08a379277fea1ab8f31f1e0f216c1601b82db9a960a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6b198a341d8cd60bb16fabe63877b3d994060b747ab97fdb6bc491761d521b33
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7c98207c511d6f9d814e2fa194321a065aeefcd73d7c5d39fb3480112b52a582
831c28a348c1542429a7543f06f3a935330c0a04c54e4e6f94e9f3e4aa5e7b64
8475a77ab79d7159686b3ceb50bf9846ca2311b0243e4f4457bf673ce7287224
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8535e0a595bc825a55473989a9f9f57160accee5f6d3023749841e6fcc24ab92
85b8c8f31ca51e98dabd0c9f76986fa38d417dd921fd18143356f4b1ba5c4592
86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a
86baeba76229e957b0eb488d6bce55712227736260e06df702e23ed07ff498ff
874a3e2841798e583f07e78f22c90f390da4d01b5b55802a3d7da8efcbf7af87
8e3197cac4c48207ed06fc11edcf04be458165518d678dc60a045113e4275867
92e62ed4b1792fbdb64faf2ec5507d26356b9e1bce54486fc130a2b1b68b7e89
95b3c343af0c8c8ef15d6e6a97488692e8ac3c6a61efdaf79127725111cba988
960ff8d02ab9b434d448d4094e5f1131c521a5eb0da0d68c6dc3e1515e3fca99
9e9b9fc248ce252861fc59cb2148ad2e3b2ccdb8891fb9c1e42944114af0c2f6
a02b477f7e73241ddfb8561655e4cb6ffa545fb5c62d02f01beb1fc489bab8b4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6f9c60d234abe80d89808ee3047394603f9e0b8f967f8fb15847598493f6620
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e4cfbb578b8df8afa7fe80912a94f1f39bfc983500115f7d328aa6fa032416
bde58a20bb026d18314b5250f490762cf3f46ac65b7531e5fe87d0d2705489fa
be4bbb723567baa72760e739edfd6b0ea5e0e2e3c368954f6cd422785b9e5e99
bfd8b14006f5a2beb1bccae47fa3beccafd6db251cbc8371de28380632fc848c
c01c4b3eac78caa4020bbe8b55f49cbb4f351dca9fcaf624076f1b637baeba5e
c0f09bb491d15c02fc371fadf9c51ee28a67906e602f418fe1d6f572c5ab1f06
c31a9b51bc1e4d611c36400332cc8fed8fa4fc80deb73b89727ef13cdbcbfa8c
c41896ee7b4524bd50de896a3e2ead44700fad37e563805235b76a6621751c3e
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0
caa0cbe9784e09d5cf93e2e9deace3ab52c31307eed5f8ac9a12e17713d3fe39
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
da3927b0c71175ddc564c59443595614c89a5d6058a27572268ce58d3159585d
dceaa5f127432440df6daa083321fa8a3c67d36cdbd59fa4f3b36d67f6c0f08f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45479585469591494695bacdb881ebcb19a3bfc2bb03f4fde441636ab5f7b72
e4a0d51675d80fac48fd40854194d505a313171c6b334955811d7009a9dee4b0
e4cabcdbf0ab3653020ba1cf0c146f60b6a32dec74d927046a143709efc64a20
e8b0bc7b237d0e6cf23bf1d6f6fdf4251388ace085dc3d691a03e1660e2dc0ea
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
eec56719e24c51a55b5212f89cbea14eb96a0af4a55f8b8a25a6eb6bc583a7df
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3
fa88ed6dcc00cf660ae6cb9c4bf4fa279d3ce55549ac439f18a87af2f03f1579
fc149d19903932f583c3a6ba29637ce3f0563de5f291144529d3a8f2c4e34cb7
fd2fe0813b343c513d49ae8f168c38510daff5e6ed61d5fff6d63616a042a439

marieclairearabia.com Open in urlscan Pro 2a06:98c1:3121::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

107 Requests

91 %HTTPS

59 %IPv6

21 Domains

35 Subdomains

35 IPs

5 Countries

1866 kBTransfer

4359 kBSize

13 Cookies

3 Outgoing links

Redirected requests

107 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

marieclairearabia.com Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Screenshot
Live screenshot

Full Image

107
Requests

91 %
HTTPS

59 %
IPv6

21
Domains

35
Subdomains

35
IPs

5
Countries

1866 kB
Transfer

4359 kB
Size

13
Cookies

107 HTTP transactions
1 data transactions