brightsidebeauty.com Open in urlscan Pro
174.138.45.75 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://brightsidebeauty.com/
Effective URL:
https://brightsidebeauty.com/
Submission: On December 08 via manual (December 8th 2021, 9:50:21 pm UTC) from US — Scanned from DE

Summary HTTP 160 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 60 IPs in 9 countries across 51 domains to perform 160 HTTP transactions. The main IP is 174.138.45.75, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is brightsidebeauty.com.
TLS certificate: Issued by R3 on October 22nd 2021. Valid for: 3 months.

This is the only time brightsidebeauty.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	174.138.45.75 174.138.45.75	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:310... 2606:4700:3108::ac42:28be	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	151.101.2.217 151.101.2.217	54113 (FASTLY) (FASTLY)
2	2606:4700:303... 2606:4700:3037::6815:3471	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	45.133.44.3 45.133.44.3	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:45cd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
5	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 ^_^) (CDN77 ^_^)
3	87.230.98.74 87.230.98.74	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
1	185.33.221.13 185.33.221.13	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
1	147.75.61.140 147.75.61.140	54825 (PACKET) (PACKET)
1	34.107.161.123 34.107.161.123	15169 (GOOGLE) (GOOGLE)
5	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
2	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
22	63.250.56.141 63.250.56.141	41436 (CLOUDWEBM...) (CLOUDWEBMANAGE-EU)
1	130.211.34.132 130.211.34.132	15169 (GOOGLE) (GOOGLE)
1	37.18.16.23 37.18.16.23	205675 (HYBRID-AS) (HYBRID-AS)
2	13.32.29.201 13.32.29.201	16509 (AMAZON-02) (AMAZON-02)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2a0c:5c81:509... 2a0c:5c81:5095:0:225:90ff:fefa:245d	55081 (24SHELLS) (24SHELLS)
11	185.167.96.211 185.167.96.211	41436 (CLOUDWEBM...) (CLOUDWEBMANAGE-EU)
3 4	35.156.121.212 35.156.121.212	16509 (AMAZON-02) (AMAZON-02)
1 1	23.88.75.186 23.88.75.186	24940 (HETZNER-AS) (HETZNER-AS)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
2	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
1	35.158.25.241 35.158.25.241	16509 (AMAZON-02) (AMAZON-02)
1	104.89.29.100 104.89.29.100	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.86.138.121 185.86.138.121	201081 (SMARTADSE...) (SMARTADSERVER)
1	2600:1f18:612... 2600:1f18:612b:4264:d706:ca06:12eb:ef2b	14618 (AMAZON-AES) (AMAZON-AES)
1	18.193.57.131 18.193.57.131	16509 (AMAZON-02) (AMAZON-02)
2	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
1	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	5.178.65.245 5.178.65.245	50673 (SERVERIUS-AS) (SERVERIUS-AS)
3	2600:9000:224... 2600:9000:224a:6c00:f:4f64:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
2	89.187.169.47 89.187.169.47	60068 (CDN77 ^_^) (CDN77 ^_^)
1 12	3.126.247.238 3.126.247.238	16509 (AMAZON-02) (AMAZON-02)
1 4	188.132.147.227 188.132.147.227	42910 (PREMIERDC...) (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH)
2 2	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	185.33.221.157 185.33.221.157	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	72.251.244.142 72.251.244.142	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.195.5.231 51.195.5.231	16276 (OVH) (OVH)
1	63.35.242.195 63.35.242.195	16509 (AMAZON-02) (AMAZON-02)
4 6	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	104.17.119.107 104.17.119.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
3 4	18.158.154.136 18.158.154.136	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2 2	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	67.202.105.23 67.202.105.23	32748 (STEADFAST) (STEADFAST)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
160	60

13 174.138.45.75 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

brightsidebeauty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3108::ac42:28be (United States)

ASN13335 (CLOUDFLARENET, US)

api.adinplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.217 (United States)

ASN54113 (FASTLY, US)

fdyn.pubwise.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:3471 (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:45cd (United States)

ASN13335 (CLOUDFLARENET, US)

country.adinplay.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.consentmanager.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 87.230.98.74 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: ma5037422.psmanaged.com

consentmanager.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.13 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.61.140 (Ashburn, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.161.123 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 123.161.107.34.bc.googleusercontent.com

bid.pubwise.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

p.nodserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 63.250.56.141 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)

live.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.34.132 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 132.34.211.130.bc.googleusercontent.com

api.pubwise.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.23 (Netherlands)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.29.201 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-201.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
primis-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.167.96.211 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)

video.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.156.121.212 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-121-212.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.88.75.186 (Gunzenhausen, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.186.75.88.23.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.91 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.25.241 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-25-241.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.89.29.100 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-29-100.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:d706:ca06:12eb:ef2b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

mb9eo-7w62j.ads.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.57.131 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-57-131.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.178.65.245 (Woerden, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:224a:6c00:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.23 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com

cdn.admatic.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.126.247.238 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-247-238.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.132.147.227 (Turkey) 1 redirects

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
PTR: static-227-147-132-188.sadecehosting.net

ads3.admatic.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ads4.admatic.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.244 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.157 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 886.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

adscale-emea.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.244.142 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.5.231 (France)

ASN16276 (OVH, FR)
PTR: p35.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.35.242.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.71.131.137 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.119.107 (None, )

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.158.154.136 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-154-136.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	primis.tech live.primis.tech video.primis.tech	3 MB
15	adscale.de 1 redirects js.adscale.de ih.adscale.de	16 KB
13	brightsidebeauty.com 1 redirects brightsidebeauty.com	191 KB
8	consensu.org cdn.consentmanager.mgr.consensu.org consentmanager.mgr.consensu.org	114 KB
8	adtelligent.com player.adtelligent.com ghb.adtelligent.com sync.adtelligent.com Failed	50 KB
6	adsrvr.org 4 redirects match.adsrvr.org	3 KB
6	admatic.com.tr 1 redirects cdn.admatic.com.tr ads3.admatic.com.tr ads4.admatic.com.tr	22 KB
5	advertising.com 3 redirects ads.adaptv.advertising.com pixel.advertising.com	1 KB
5	adform.net 2 redirects adx.adform.net cm.adform.net track.adform.net	2 KB
5	casalemedia.com 3 redirects ssum-sec.casalemedia.com htlb.casalemedia.com ssum.casalemedia.com	3 KB
5	adnxs.com 3 redirects ib.adnxs.com secure.adnxs.com adscale-emea.adnxs.com acdn.adnxs.com	21 KB
5	doubleclick.net 2 redirects securepubads.g.doubleclick.net cm.g.doubleclick.net	144 KB
5	googleapis.com fonts.googleapis.com imasdk.googleapis.com	320 KB
4	yahoo.com 2 redirects ups.analytics.yahoo.com	956 B
4	bidswitch.net 3 redirects x.bidswitch.net	2 KB
4	gstatic.com fonts.gstatic.com	101 KB
4	pubwise.io fdyn.pubwise.io bid.pubwise.io api.pubwise.io	119 KB
3	criteo.com 1 redirects dis.criteo.com gum.criteo.com	876 B
3	openx.net u.openx.net primis-d.openx.net	574 B
3	pubmatic.com ads.pubmatic.com image6.pubmatic.com	11 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	785 B
2	m6r.eu 2 redirects tracking.m6r.eu	1 KB
2	googlesyndication.com pagead2.googlesyndication.com	13 KB
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	e-planning.net 1 redirects ads.us.e-planning.net	404 B
2	stickyadstv.com ads.stickyadstv.com	859 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	amazon-adsystem.com c.amazon-adsystem.com	39 KB
2	nodserving.com p.nodserving.com	12 KB
2	33across.com ssc.33across.com ssc-cms.33across.com	300 B
2	google-analytics.com www.google-analytics.com	20 KB
2	adtcdn.com player.adtcdn.com	103 KB
2	adinplay.com api.adinplay.com	122 KB
1	rlcdn.com api.rlcdn.com	331 B
1	indexww.com js-sec.indexww.com	1 KB
1	brealtime.com biddr.brealtime.com	1 KB
1	crwdcntrl.net id.crwdcntrl.net	340 B
1	id5-sync.com id5-sync.com	538 B
1	2mdn.net s0.2mdn.net	17 KB
1	adnxs-simple.com ib.adnxs-simple.com	836 B
1	tremorhub.com mb9eo-7w62j.ads.tremorhub.com	1 KB
1	smartadserver.com prg.smartadserver.com	548 B
1	emxdgt.com hb.emxdgt.com	162 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	loopme.me 1 redirects csync.loopme.me	210 B
1	adtarget.com.tr s.console.adtarget.com.tr sync.console.adtarget.com.tr Failed	1 KB
1	hybrid.ai dm.hybrid.ai	238 B
1	a-mo.net prebid.a-mo.net	380 B
1	workers.dev country.adinplay.workers.dev	660 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
160	51

	Domain	Requested by
22	live.primis.tech	brightsidebeauty.com live.primis.tech
13	brightsidebeauty.com	1 redirects brightsidebeauty.com
12	ih.adscale.de	1 redirects js.adscale.de ih.adscale.de
11	video.primis.tech	live.primis.tech brightsidebeauty.com
6	match.adsrvr.org	4 redirects live.primis.tech fdyn.pubwise.io
5	ghb.adtelligent.com	player.adtelligent.com p.nodserving.com
5	cdn.consentmanager.mgr.consensu.org	api.adinplay.com consentmanager.mgr.consensu.org brightsidebeauty.com
4	pixel.advertising.com	3 redirects brightsidebeauty.com
4	ups.analytics.yahoo.com	2 redirects brightsidebeauty.com
4	x.bidswitch.net	3 redirects brightsidebeauty.com
4	fonts.gstatic.com	fonts.googleapis.com
3	ads3.admatic.com.tr	cdn.admatic.com.tr s.console.adtarget.com.tr
3	js.adscale.de	s.console.adtarget.com.tr js.adscale.de ih.adscale.de
3	ssum-sec.casalemedia.com	2 redirects js-sec.indexww.com
3	consentmanager.mgr.consensu.org	api.adinplay.com brightsidebeauty.com
3	player.adtelligent.com	player.adtcdn.com player.adtelligent.com
3	securepubads.g.doubleclick.net	brightsidebeauty.com securepubads.g.doubleclick.net
3	fonts.googleapis.com	brightsidebeauty.com live.primis.tech
2	sync-tm.everesttech.net	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	gum.criteo.com	live.primis.tech
2	tracking.m6r.eu	2 redirects
2	pagead2.googlesyndication.com	srcdoc imasdk.googleapis.com
2	track.adform.net	2 redirects
2	imasdk.googleapis.com	live.primis.tech imasdk.googleapis.com
2	sync.mathtag.com	2 redirects
2	cdn.admatic.com.tr	s.console.adtarget.com.tr cdn.admatic.com.tr
2	ads.us.e-planning.net	1 redirects s.console.adtarget.com.tr
2	ads.stickyadstv.com	live.primis.tech brightsidebeauty.com
2	adx.adform.net	live.primis.tech
2	secure.adnxs.com	2 redirects
2	u.openx.net	live.primis.tech
2	sync.search.spotxchange.com	2 redirects
2	ads.pubmatic.com	live.primis.tech s.console.adtarget.com.tr
2	c.amazon-adsystem.com	live.primis.tech c.amazon-adsystem.com
2	p.nodserving.com	player.adtcdn.com p.nodserving.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	player.adtcdn.com	brightsidebeauty.com
2	fdyn.pubwise.io	brightsidebeauty.com
2	api.adinplay.com	brightsidebeauty.com api.adinplay.com
1	acdn.adnxs.com	fdyn.pubwise.io
1	ssc-cms.33across.com	fdyn.pubwise.io
1	api.rlcdn.com	fdyn.pubwise.io
1	ads4.admatic.com.tr	1 redirects
1	js-sec.indexww.com	live.primis.tech
1	biddr.brealtime.com	live.primis.tech
1	id.crwdcntrl.net	live.primis.tech
1	id5-sync.com	live.primis.tech
1	dis.criteo.com	1 redirects
1	s0.2mdn.net	imasdk.googleapis.com
1	ssum.casalemedia.com	1 redirects
1	adscale-emea.adnxs.com	1 redirects
1	cm.adform.net	s.console.adtarget.com.tr
1	image6.pubmatic.com	ads.pubmatic.com
1	ib.adnxs-simple.com	live.primis.tech
1	ads.adaptv.advertising.com	live.primis.tech
1	mb9eo-7w62j.ads.tremorhub.com	live.primis.tech
1	prg.smartadserver.com	live.primis.tech
1	htlb.casalemedia.com	live.primis.tech
1	primis-d.openx.net	live.primis.tech
1	hb.emxdgt.com	live.primis.tech
1	pixel.rubiconproject.com	brightsidebeauty.com
1	csync.loopme.me	1 redirects
1	s.console.adtarget.com.tr	live.primis.tech
1	dm.hybrid.ai	brightsidebeauty.com
1	api.pubwise.io	fdyn.pubwise.io
1	bid.pubwise.io	fdyn.pubwise.io
1	prebid.a-mo.net	fdyn.pubwise.io
1	ssc.33across.com	fdyn.pubwise.io
1	ib.adnxs.com	fdyn.pubwise.io
1	country.adinplay.workers.dev	api.adinplay.com
1	cdn.jsdelivr.net	api.adinplay.com
1	www.googletagmanager.com	brightsidebeauty.com
0	sync.console.adtarget.com.tr Failed	s.console.adtarget.com.tr js.adscale.de
0	sync.adtelligent.com Failed	player.adtelligent.com brightsidebeauty.com
160	75

This site contains links to these domains. Also see Links.

Domain
adinplay.com

Subject Issuer	Validity	Valid
brightsidebeauty.com R3	`2021-10-22` - `2022-01-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
adinplay.com Cloudflare Inc ECC CA-3	`2021-07-22` - `2022-07-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
fdyn.pubwise.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-03` - `2022-06-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-17` - `2022-07-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
player.adtelligent.com R3	`2021-11-19` - `2022-02-17`	3 months	crt.sh
1376624012.rsc.cdn77.org R3	`2021-12-02` - `2022-03-02`	3 months	crt.sh
consentmanager.mgr.consensu.org R3	`2021-11-01` - `2022-01-30`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2021-11-26` - `2022-02-24`	3 months	crt.sh
*.a-mo.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
bid.pubwise.io GTS CA 1D4	`2021-10-20` - `2022-01-18`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-10-09` - `2022-01-07`	3 months	crt.sh
p.nodserving.com R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
primis.tech Go Daddy Secure Certificate Authority - G2	`2021-10-29` - `2022-06-18`	8 months	crt.sh
*.pubwise.io Sectigo RSA Domain Validation Secure Server CA	`2020-02-11` - `2022-02-18`	2 years	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
s.console.adtarget.com.tr ZeroSSL ECC Domain Secure Site CA	`2021-11-29` - `2022-02-27`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.emxdgt.com Amazon	`2021-07-02` - `2022-07-31`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
*.adnxs-simple.com GeoTrust ECC CA 2018	`2021-03-17` - `2022-03-15`	a year	crt.sh
ads.us.e-planning.net R3	`2021-10-09` - `2022-01-07`	3 months	crt.sh
*.adscale.de Amazon	`2021-08-08` - `2022-09-06`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-15`	a year	crt.sh
cdn.admatic.com.tr R3	`2021-11-13` - `2022-02-11`	3 months	crt.sh
ads4.admatic.com.tr R3	`2021-12-04` - `2022-03-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2020-01-22` - `2022-03-22`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://brightsidebeauty.com/
Frame ID: 97465067D1574EEE4C38F7495BB928C9
Requests: 70 HTTP requests in this frame

Frame: https://p.nodserving.com/prebidlink/18969/j.html?i=11600
Frame ID: 55F23830B3503E6AC15BB9230E45EC7B
Requests: 4 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=35b9753f-b9f4-4a03-b524-2709efbee35a
Frame ID: 1A39685C4D50713E1BBE99FBB84945F5
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=108135&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&subId=[SUBID_ENCODED]&vp_content=plembed1e38pvqlxoum&vp_template=8166&subId=undefined&cbuster=1639000216&pubUrlAuto=https%3A%2F%2Fbrightsidebeauty.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: 1E435346C6F4A690316C4A0BDABD79B4
Requests: 37 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: F76C570CB6C81FC0C47EC25E0E650630
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61b128987dc74%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3DCPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA
Frame ID: 92EE4B981AC6462FB25E7DC5BDC1C53C
Requests: 2 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=61b128987dc74&pixel=&advId=94&advUuid=d490e8dc-5870-11ec-825b-1c5660560506
Frame ID: 6AE65C96A8732BC994D6208A53B1D458
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61b128987dc74%26pixel%3D%26advId%3D98%26advUuid%3D
Frame ID: 3348B892D785F511C08B37838F469E95
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: B395F0C2E7C6C1FA1D1259E9B743E320
Requests: 2 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: BEC0E300527A7298F9307274B4F484B0
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=ykbteRHR5uNccFxRUTdF&pi=admatic&tc=1
Frame ID: C37064CFFDE567D6D69F226039F3A2A3
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: A1705395CEF1D89E91C9E03DC54406BC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: A392BFB5F20A3E950B8CD98F2D1BE7A6
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: C159C293C741BAFE6D2AE84222D366ED
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: FD53E6F2ACCD383A772469C69F8DCA8B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: 4FE2BB69B05063DB297C1C0EDB6B965E
Requests: 6 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: 740AF890D406B474CBBE26F9A2E94001
Requests: 10 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html
Frame ID: E5875C5090AFDE4379C7276D55E260E7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D745179D98ECC2CC6DC1A6674C8DD9DA
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html?gdpr=1&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA
Frame ID: F29982CAF39B09EF19ACAF9AB732317B
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C2133CEF84A5FDB8A82704E664C57357
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA
Frame ID: E805D35463F76AD8CB900470D3FB17B5
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA&d=https://brightsidebeauty.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 65BFA27371071CBD31FD67322A74AC04
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dgJ9Gw4ler6OoEaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 30243EBF5EE4FF0FF4FB70CC1FA8C503
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 9BAA25C7B5B08A501E265015FD251385
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

BrightsideBeauty

Page URL History Show full URLs

http://brightsidebeauty.com/ HTTP 301
https://brightsidebeauty.com/ Page URL

Page Statistics

160
Requests

86 %
HTTPS

25 %
IPv6

51
Domains

75
Subdomains

60
IPs

9
Countries

4397 kB
Transfer

8918 kB
Size

50
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://adinplay.com/privacy-and-cookies-policy/#cmpnoscreen
Title: Learn more

Search URL Search Domain Scan URL

URL: https://adinplay.com/?utm_source=publishers&utm_medium=cmp

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://brightsidebeauty.com/ HTTP 301
https://brightsidebeauty.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=35b9753f-b9f4-4a03-b524-2709efbee35a

Request Chain 66

https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61b128987dc74%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61b128987dc74%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=d490e971-5870-11ec-825b-1c5660560506 HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61b128987dc74&pixel=&advId=94&advUuid=d490e8dc-5870-11ec-825b-1c5660560506

Request Chain 79

https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61b128987dc74%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61b128987dc74&pixel=&advId=93&advUuid=aba57fb6-a433-4933-a6ee-cba629a042eb

Request Chain 80

https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61b128987dc74%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61b128987dc74%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1 HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61b128987dc74&pixel=&advId=99&advUuid=YbEomC27KPxYSV6pP0QfuwAABKoAAAAB

Request Chain 82

https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61b128987dc74%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D61b128987dc74%2526pixel%253D%2526advId%253D105%2526advUuid%253D%2524UID HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61b128987dc74&pixel=&advId=105&advUuid=1265845017761304857

Request Chain 104

https://creativecdn.com/cm-notify?pi=admatic HTTP 302
https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=ykbteRHR5uNccFxRUTdF&pi=admatic&tc=1

Request Chain 105

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID HTTP 302
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID

Request Chain 112

https://ih.adscale.de/uu?cbfn=receive&t=1639000217 HTTP 302
https://ih.adscale.de/uu?cbfn=receive&t=1639000217&nut&uu=90531d837b284e6193005823f7b5b425

Request Chain 122

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=720b06df2c94f3ac53421545698f38da8157cd25d985858e6e7f04642e8dfb21&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3114d99d1da446c08aae6ae34b48c60d%2F1639000217118%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=f4e461b1-2899-4700-95fc-71dd7a7edd45&gdpr=0&gdpr_consent=

Request Chain 124

https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F3114d99d1da446c08aae6ae34b48c60d%2F1639000217118%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
https://ih.adscale.de/sium/3114d99d1da446c08aae6ae34b48c60d/1639000217118/0/img?tpid=75&tpuid=1265845017761304857&gdpr=0

Request Chain 126

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=81e5984722a047686cfb849744f46c48b82d53b7fc2ad636dca175deea7ef02d&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3114d99d1da446c08aae6ae34b48c60d%2F1639000217118%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YbEomC27KPxYSV6pP0QfuwAA%261194

Request Chain 129

https://track.adform.net/serving/cookie/match/?party=9&uid=a38e9232fa73d5d4726f01eaade37265ea8ac09bfc5656a050123368dbcdb8fd&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3114d99d1da446c08aae6ae34b48c60d%2F1639000217118%2F0%2Fimg&gdpr=0 HTTP 302
https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=a38e9232fa73d5d4726f01eaade37265ea8ac09bfc5656a050123368dbcdb8fd&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3114d99d1da446c08aae6ae34b48c60d%2F1639000217118%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/3114d99d1da446c08aae6ae34b48c60d/1639000217118/0/img?tpid=42&gdpr=0&tpuid=8769971563696598714

Request Chain 134

https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=88c43fdf8c2ca305c075b46f9d042dec738afa680fc613d73c8c4235502f383e&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3114d99d1da446c08aae6ae34b48c60d%2F1639000217118%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=43137b86-318a-4c54-9588-bdf263335661&gdpr=0

Request Chain 135

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=8a0d84d920e865b800a57ea5e119e247d29bd423a00dc27afae1f7f965021aad&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3114d99d1da446c08aae6ae34b48c60d%2F1639000217118%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=f4e461b1-2899-4700-95fc-71dd7a7edd45&gdpr=0&gdpr_consent=

Request Chain 136

https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=37a6c47a7e0a2828cb469f2c8e2b0b35725015165b8c320101cf3e2999c20117&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3114d99d1da446c08aae6ae34b48c60d%2F1639000217118%2F0%2Fjs&gdpr=0 HTTP 302
https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=37a6c47a7e0a2828cb469f2c8e2b0b35725015165b8c320101cf3e2999c20117&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3114d99d1da446c08aae6ae34b48c60d%2F1639000217118%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
https://ih.adscale.de/sium/3114d99d1da446c08aae6ae34b48c60d/1639000217118/0/js?tpid=48&tpuid=589c720d9fe662a657f07d9f58b86549

Request Chain 148

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=54065f06-30a1-4c42-9769-4afcb8034244&_origin=1&gdpr=1&gdpr_consent=

Request Chain 149

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPd59955c5-5870-11ec-9396-064437addbfa HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPd59955c5-5870-11ec-9396-064437addbfa&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBkNTk5NTVjNS01ODcwLTExZWMtOTM5Ni0wNjQ0MzdhZGRiZmE%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm=&google_hm=VVBkNTk5NTVjNS01ODcwLTExZWMtOTM5Ni0wNjQ0MzdhZGRiZmE%3D&google_tc= HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEJqerh8zGt2aj3nf-PfvvlU&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEJqerh8zGt2aj3nf-PfvvlU&google_cver=1&apid=UPd59955c5-5870-11ec-9396-064437addbfa

Request Chain 150

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA&_test=YbEomgAKmMyiPQBG HTTP 302
https://pixel.advertising.com/ups/55986/sync?uid=YbEomgAKmMyiPQBG&_origin=0&gdpr=1&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA&_test=YbEomgAKmMyiPQBG

Request Chain 151

https://x.bidswitch.net/sync?ssp=admatic HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=admatic HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=admatic&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=admatic&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=93&user_id=54065f06-30a1-4c42-9769-4afcb8034244&expires=30&ssp=admatic&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=4b4db9b1-9dbf-45da-99b6-b41f5614bb79&dsp_uuid=&dsp_id= HTTP 302
https://ads3.admatic.com.tr/user?bsw_uuid=4b4db9b1-9dbf-45da-99b6-b41f5614bb79&dsp_uuid=&dsp_id=

160 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
brightsidebeauty.com/
Redirect Chain

http://brightsidebeauty.com/
https://brightsidebeauty.com/

125 KB
26 KB

485ms
184ms

Document
text/html

174.138.45.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://brightsidebeauty.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

174.138.45.75 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

1ded402aaa511b7551d5656f8c002570513926f884443e3d0e72354a6f574049

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx-rc
date: Wed, 08 Dec 2021 21:50:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-ua-compatible: IE=edge
link: <https://brightsidebeauty.com/wp-json/>; rel="https://api.w.org/"
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15768000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-runcloud-cache: HIT
content-encoding: br

Redirect headers

Server: nginx-rc
Date: Wed, 08 Dec 2021 21:50:15 GMT
Content-Type: text/html
Content-Length: 174
Connection: keep-alive
Location: https://brightsidebeauty.com/

GET
H2 200 autoptimize_f3c81fcc7b364966d2ee3fc18cb1d9c7.css
brightsidebeauty.com/wp-content/cache/autoptimize/css/ 134 KB
20 KB 109ms
108ms Stylesheet
text/css 174.138.45.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://brightsidebeauty.com/wp-content/cache/autoptimize/css/autoptimize_f3c81fcc7b364966d2ee3fc18cb1d9c7.css

Requested by

Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

174.138.45.75 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

d80e6ea9df9424538204a28acac644f0b4e0344d9e3285ef60c1da169372f931

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:15 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 17 Nov 2021 11:24:57 GMT
server: nginx-rc
etag: W/"6194e689-218a6"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Fri, 07 Jan 2022 21:50:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 49ms
16ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans:100,200,300,regular,500,600,700,800,900|Satisfy:regular

Requested by

Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

65ad0a9fa9357a67a46f44e695703696c9fec4fbbb03c1cfd052cbedb697172c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Dec 2021 21:35:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Dec 2021 21:50:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Dec 2021 21:50:15 GMT

GET
H2 200 jquery.min.js Show response
brightsidebeauty.com/wp-includes/js/jquery/ 87 KB
30 KB 109ms
108ms Script
application/javascript 174.138.45.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://brightsidebeauty.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

174.138.45.75 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:15 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 02 Aug 2021 07:07:23 GMT
server: nginx-rc
etag: W/"610799ab-15db1"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Fri, 07 Jan 2022 21:50:15 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 86ms
53ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-136605546-5

Requested by

Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b0130bbc5f16f9c110a863c1f75cf2088d12c2f22aee181b3d3f5e0c9483924f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36183
x-xss-protection: 0
last-modified: Wed, 08 Dec 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 08 Dec 2021 21:50:15 GMT

GET
H2 200 tracking.php Show response
brightsidebeauty.com/wp-content/plugins/fuser-master/res/js/ 480 B
560 B 225ms
224ms Script
application/javascript 174.138.45.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://brightsidebeauty.com/wp-content/plugins/fuser-master/res/js/tracking.php?ts=1639000165&ver=5.8.2

Requested by

Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

174.138.45.75 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

279cecab26033b84088f240a1957648fdd6f3e5d11603fcaa90e44c568eb54ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:15 GMT
content-encoding: br
x-content-type-options: nosniff
expires: Mon, 2 Sep 1945 13:37:00 GMT
server: nginx-rc
x-frame-options: SAMEORIGIN
content-type: application/javascript
x-runcloud-cache: BYPASS
cache-control: no-cache, no-store, max-age=0, must-revalidate
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge

GET
H2 200 tag.min.js Show response
api.adinplay.com/libs/aiptag/pub/ICW/brightsidebeauty.com/ 396 KB
122 KB 65ms
30ms Script
application/javascript 2606:4700:3108::ac42:28be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/pub/ICW/brightsidebeauty.com/tag.min.js
Requested by: Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6543c3a0306b9b80fd7b8d1cc3660b4b63f324e1f3c484262701c9145ebb1b97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1858371
x-host: adinplay-1
last-modified: Wed, 17 Nov 2021 09:32:02 GMT
server: cloudflare
etag: W/"6194cc12-62fc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2KNGUy4Gc9kCXOYpoEm6pLt6%2BOzD0AyG8PL9v%2FxFPNooKBMXZwXne67P9zWXchL6Sh95Txo9zJI2xuMVWdo9uUAZ4DMHp4uwS%2BiZ2H8ACGHmbtq7OMG7ewKEIyTM0ZmU%2B4VHs4rX6afqlI%2F6ylo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
cf-ray: 6ba93555ea804e61-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 42ms
16ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

sffe /

Resource Hash

3f29550b363950a26ec1b1c7faab15c15736d233b0fc1b404c9cc443c120beec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1066 / 998 of 1000 / last-modified: 1638965328"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27037
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Dec 2021 21:50:16 GMT

GET
H2 200 pre_pws.js Show response
fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/ 3 KB
2 KB 50ms
9ms Script
text/javascript 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pre_pws.js?type=default
Requested by: Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6e5ddcf6cf93482d7bf25de103974b2637c2234396dfe94c240e4ebb3d5521f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:15 GMT
content-encoding: gzip
age: 18562
x-guploader-uploadid: ADPycdvkzo4Lz2UELmlLZ8KYNopUFkqhARfsBqyrpRRnqeWkFNIfSBpoNRlAj7j2J7rKNBWwcjFdkx6Pi65w7kIpzpI
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-restarts: 0
x-verify-21-url: /prod/sites/4/b/d/4bd9c890-824a-45e9-8426-2ac566772981/default/pre_pws.js
content-length: 1329
x-served-by: cache-mdw17374-MDW, cache-fra19151-FRA
last-modified: Tue, 31 Aug 2021 06:43:19 GMT
server: UploadServer
x-file-loc: primary0
x-timer: S1639000216.791305,VS0,VE1
etag: "1ab57a693e9bb0d64c66e31c97bc2e74"
x-orig-url: /script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pre_pws.js?type=default
vary: Accept-Encoding
x-goog-hash: crc32c=fwf7ow==, md5=GrV6aT6bsNZMZuMcl7wudA==
x-goog-generation: 1630392199758447
via: 1.1 varnish, 1.1 varnish
expires: Fri, 03 Dec 2021 18:35:54 GMT
cache-control: public, max-age=43200
x-goog-stored-content-length: 2671
accept-ranges: bytes
content-type: text/javascript
x-cache-hits: 2, 1

GET
H2 200 pws.js Show response
fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/ 388 KB
116 KB 14ms
13ms Script
text/javascript 151.101.2.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default
Requested by: Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 40107500993134dc3e3da0221a1feff40fd4164d09760db3c4414146b2ad2550

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:15 GMT
content-encoding: gzip
age: 29506
x-guploader-uploadid: ADPycduNzV5xQUmBSjzj1S0g7SWaBAwJGLUZMLByWfhK7vLEqVz_SKAekz5cRI1432xBJJbLgyr88ppcHWjIQtHrEWkWobMEDQ
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-split-fraction: 10
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-restarts: 0
x-verify-21-url: /prod/sites/4/b/d/4bd9c890-824a-45e9-8426-2ac566772981/default/d/pws.js
content-length: 118766
x-served-by: cache-mdw17381-MDW, cache-fra19151-FRA
last-modified: Tue, 31 Aug 2021 06:55:28 GMT
server: UploadServer
x-timer: S1639000216.981419,VS0,VE1
etag: "88fca4eddf968b559048b9426ed76000"
x-orig-url: /script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default
vary: Accept-Encoding
x-goog-hash: crc32c=+lTPgA==, md5=iPyk7d+Wi1WQSLlCbtdgAA==
x-goog-generation: 1630392928941826
via: 1.1 varnish, 1.1 varnish
expires: Sun, 05 Dec 2021 08:57:39 GMT
cache-control: public, max-age=43200
x-goog-stored-content-length: 397577
accept-ranges: bytes
content-type: text/javascript
x-c-host: D
x-cache-hits: 1, 1

GET
H2 200 regenerator-runtime.min.js Show response
brightsidebeauty.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 106ms
105ms Script
application/javascript 174.138.45.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://brightsidebeauty.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7

Requested by

Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

174.138.45.75 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:15 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 02 Aug 2021 07:07:23 GMT
server: nginx-rc
etag: W/"610799ab-1906"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Fri, 07 Jan 2022 21:50:15 GMT

GET
H2 200 wp-polyfill.min.js Show response
brightsidebeauty.com/wp-includes/js/dist/vendor/ 16 KB
6 KB 106ms
106ms Script
application/javascript 174.138.45.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://brightsidebeauty.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

174.138.45.75 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:15 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 02 Aug 2021 07:07:23 GMT
server: nginx-rc
etag: W/"610799ab-4056"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Fri, 07 Jan 2022 21:50:15 GMT

GET
H2 200 autoptimize_21159e7ac50743b8691f7feb0f175d88.js Show response
brightsidebeauty.com/wp-content/cache/autoptimize/js/ 44 KB
13 KB 98ms
97ms Script
application/javascript 174.138.45.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://brightsidebeauty.com/wp-content/cache/autoptimize/js/autoptimize_21159e7ac50743b8691f7feb0f175d88.js

Requested by

Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

174.138.45.75 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

45fd8955c00c33097f377b7247062e4c683b11ba7ae0a72ddd3ccb1ef8b0195b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Sat, 23 Oct 2021 20:50:15 GMT
server: nginx-rc
etag: W/"61747587-b18f"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Fri, 07 Jan 2022 21:50:16 GMT

GET
H2 200 wp-emoji-release.min.js Show response
brightsidebeauty.com/wp-includes/js/ 18 KB
5 KB 98ms
97ms Script
application/javascript 174.138.45.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://brightsidebeauty.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.2

Requested by

Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

174.138.45.75 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 02 Aug 2021 07:07:23 GMT
server: nginx-rc
etag: W/"610799ab-4705"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Fri, 07 Jan 2022 21:50:16 GMT

GET
H2 200 ga.js Show response
brightsidebeauty.com/wp-content/plugins/fuser-master/res/js/addon-ga/ 156 B
388 B 101ms
100ms Script
application/javascript 174.138.45.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://brightsidebeauty.com/wp-content/plugins/fuser-master/res/js/addon-ga/ga.js?ts=1639000215

Requested by

Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/wp-content/plugins/fuser-master/res/js/tracking.php?ts=1639000165&ver=5.8.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

174.138.45.75 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

6a3a08e8e60a695d82656345a101f730276cf06852de6203ee09e95037cd1254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 09:32:36 GMT
server: nginx-rc
etag: W/"616e90b4-9c"
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Fri, 07 Jan 2022 21:50:16 GMT

GET
H2 200 hb_323303_10647.js Show response
player.adtcdn.com/prebidlink/455277/ 345 KB
102 KB 64ms
33ms Script
application/javascript 2606:4700:3037::6815:3471
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/455277/hb_323303_10647.js
Requested by: Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3471 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bc61c6531f8a60ea9358cc4427063649b404652d816eb816a873b046fbafaa9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 356
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 12 Nov 2021 12:48:42 GMT
server: cloudflare
etag: W/"618e62aa-56540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OMEO%2FXDjjBznsOzMc9%2BQ8tIxsuB4Oca5%2FAJLHhOb42Woumbpx7eOAqUaVqOW6gdbTLzNhUSqgwJFUCiBY36KB8CdlQwkFGMtlnJMCuZcf%2Bn%2BGWPbSEVpjbXndtETW%2FI3MRaolPAuws%2FCptEQK7BJKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 6ba935560f717028-FRA
expires: Wed, 08 Dec 2021 21:59:19 GMT

GET
H2 200 wrapper_hb_323303_10647.js Show response
player.adtcdn.com/prebidlink/455277/ 737 B
1 KB 53ms
23ms Script
application/javascript 2606:4700:3037::6815:3471
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/455277/wrapper_hb_323303_10647.js
Requested by: Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3471 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22257df5a3c00ec946612dab5f895acb7846bb120146076a284848d2d8cdd24b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 312
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 19 Nov 2021 11:21:47 GMT
server: cloudflare
etag: W/"619788cb-2e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSxcbmao4DJhg4r0cludp8fskESxgIEJGWwfKsjkub4xALBiRD2kNEYso66U%2FguewLVhnJaBMl7rnxx%2FyAWWhnlkTMEayDb%2B6KgwWwvJV8sJ9bp5Wj5XpUHAA7o%2B%2BhPxwYUGhddL0RH%2BQTKxcFuiEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 6ba935560f727028-FRA
expires: Wed, 08 Dec 2021 22:00:04 GMT

GET
H2 200 loading.gif
brightsidebeauty.com/wp-content/plugins/a3-lazy-load/assets/css/ 2 KB
2 KB 97ms
97ms Image
image/gif 174.138.45.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://brightsidebeauty.com/wp-content/plugins/a3-lazy-load/assets/css/loading.gif

Requested by

Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/wp-content/cache/autoptimize/css/autoptimize_f3c81fcc7b364966d2ee3fc18cb1d9c7.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

174.138.45.75 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/wp-content/cache/autoptimize/css/autoptimize_f3c81fcc7b364966d2ee3fc18cb1d9c7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Fri, 30 Jul 2021 11:52:04 GMT
server: nginx-rc
etag: W/"6103e7e4-69a"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Fri, 07 Jan 2022 21:50:16 GMT

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v13/ 47 KB
47 KB 44ms
20ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v13/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:100,200,300,regular,500,600,700,800,900|Satisfy:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://brightsidebeauty.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 13:26:13 GMT
x-content-type-options: nosniff
age: 462243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48480
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:05:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 03 Dec 2022 13:26:13 GMT

GET
H2 200 rP2Hp2yn6lkG50LoCZOIHQ.woff2
fonts.gstatic.com/s/satisfy/v11/ 22 KB
23 KB 34ms
9ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/satisfy/v11/rP2Hp2yn6lkG50LoCZOIHQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans:100,200,300,regular,500,600,700,800,900|Satisfy:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a02009d2f95d79b62b95c6de12d6614bdb36bffa6d4e756db81ec1c51c5acc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://brightsidebeauty.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 04:35:11 GMT
x-content-type-options: nosniff
age: 494105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22652
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:25:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 03 Dec 2022 04:35:11 GMT

GET
H2 200 lazy_placeholder.gif
brightsidebeauty.com/wp-content/plugins/a3-lazy-load/assets/images/ 42 B
304 B 95ms
95ms Image
image/gif 174.138.45.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://brightsidebeauty.com/wp-content/plugins/a3-lazy-load/assets/images/lazy_placeholder.gif

Requested by

Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

174.138.45.75 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
x-content-type-options: nosniff
last-modified: Fri, 30 Jul 2021 11:52:04 GMT
server: nginx-rc
etag: "6103e7e4-2a"
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 07 Jan 2022 21:50:16 GMT

GET
H2 200 wrapper_hb_323303_10647.es6.js Show response
player.adtelligent.com/prebidlink/455277/ 232 KB
32 KB 44ms
12ms Script
application/javascript 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/455277/wrapper_hb_323303_10647.es6.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/455277/wrapper_hb_323303_10647.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: d9ebb10628834281e863f10ef4d4a45d90e5b2fa2b42eab47b801cb161f60132

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 11:21:47 GMT
server: nginx
etag: W/"619788cb-3a12d"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Wed, 08 Dec 2021 22:50:16 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 62ms
44ms XHR
application/json 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20211208

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/ICW/brightsidebeauty.com/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff0f30edfe7d5ae575620ed9e5a0081d355694dee00a0e5b80bd0bd1df1b57f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://brightsidebeauty.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 24555
x-jsd-version: 1.0.1185
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19180-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"69e-STJoOXLbi8j/ZomWzZjzcKDCUJ8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6ba93556beee1762-FRA

GET
H2 200 adsbygoogle.js Show response
api.adinplay.com/libs/aiptag/assets/ 16 B
352 B 14ms
14ms Script
application/javascript 2606:4700:3108::ac42:28be
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/ICW/brightsidebeauty.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:28be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1858506
x-host: adinplay-1
content-length: 16
last-modified: Wed, 04 Apr 2018 16:13:25 GMT
server: cloudflare
etag: "5ac4f9a5-10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2YF8E5M5o2NjWM%2BgNj99WZBJcgi18yxx%2B6AQN2qXFfZXF2754%2BwqTsubENrvExEc5%2BrGeDBfW1gc6WTPH9w5S8InGFB3d5Ur0gFNOauEdG2GvnMfn27YLJk0xAfPTJ0yNcfsSiq91gXBT4wqcc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6ba935569bf74e61-FRA

GET
H2 200 / Show response
country.adinplay.workers.dev/ 2 B
660 B 69ms
37ms XHR
text/plain 2606:4700:3033::6815:45cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://country.adinplay.workers.dev/
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/ICW/brightsidebeauty.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4043b0b8297e379bc559ab33b6ae9c7a9b4ef6519d3baee53270f0c0dd3d960

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uk7BlcksRjqumhbJKVhVzahX8OESGMk%2B%2BKt3x%2FQBmvB9NqQIKSKPJwm9em8gwGSXB3NAZxi%2FVfRaV4z0Jc0IxwIsW4iB0mQRUeqeyD5lQjS%2FO07KqbbcjwzihGVYgP0ghweUFaHy07xH7xVNqTk0LkLNCmUDKPPNzOhF"}],"group":"cf-nel","max_age":604800}
cf-ray: 6ba93556ca3f2b1a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2

GET
H2 200 pubads_impl_2021120201.js Show response
securepubads.g.doubleclick.net/gpt/ 347 KB
117 KB 19ms
19ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021120201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

sffe /

Resource Hash

947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119206
x-xss-protection: 0
last-modified: Thu, 02 Dec 2021 15:41:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 08 Dec 2021 21:50:16 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 132 B
127 B 32ms
18ms XHR
application/json 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=brightsidebeauty.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

554fea166a32002bacd88805756cd2bb3b94cac7cc50df464561265750a0bc26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102
x-xss-protection: 0
expires: Wed, 08 Dec 2021 21:50:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
10ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-136605546-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 917
date: Wed, 08 Dec 2021 21:34:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 08 Dec 2021 23:34:59 GMT

GET
H2 200 Skin_Pigmentation-898x1024.jpg
brightsidebeauty.com/wp-content/uploads/2020/05/ 85 KB
85 KB 100ms
100ms Image
image/jpeg 174.138.45.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://brightsidebeauty.com/wp-content/uploads/2020/05/Skin_Pigmentation-898x1024.jpg

Requested by

Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

174.138.45.75 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

79c477880c3be27ed502f8465f505068363b8fa24f0ebc9a9f458ee2f789331c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 06 May 2020 05:12:27 GMT
server: nginx-rc
etag: W/"5eb2473b-1543d"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000, public
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Fri, 07 Jan 2022 21:50:16 GMT

GET
H2 200 cmp.min.css
cdn.consentmanager.mgr.consensu.org/delivery/ 23 KB
5 KB 56ms
14ms Stylesheet
text/css 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.consentmanager.mgr.consensu.org/delivery/cmp.min.css
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/ICW/brightsidebeauty.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PleskLin
Resource Hash: d8a15dbd39c7bc437a54784e7083619b6f4c0c09f9360e65c6ccdc717c8741f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
x-77-nzt-ray: K/I2tBxkrpc=
x-powered-by: PleskLin
x-77-cache: HIT
x-cache: HIT
x-age: 629
x-77-nzt: AcO1ry9/OzP/dQIAAA==
x-accel-expires: @1639001387
last-modified: Tue, 16 Nov 2021 15:10:19 GMT
server: CDN77-Turbo
etag: W/"5b22-5d0e952d1ecc0"
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=1800, public

GET
H/1.1 200
OK cmp.php Show response
consentmanager.mgr.consensu.org/delivery/ 5 KB
2 KB 78ms
18ms Script
application/javascript 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://consentmanager.mgr.consensu.org/delivery/cmp.php?id=13566&h=https%3A%2F%2Fbrightsidebeauty.com%2F&undefined&__cmpfcc=1&l=en&o=1639000216176

Requested by

Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/ICW/brightsidebeauty.com/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

71bde14adc417d6b42bb2602ac88479e355e122bae2c30c99247262e7a1f52af

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Dec 2021 21:50:16 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 21:50:16 GMT
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
X-XSS-Protection: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 cmp_en.min.js Show response
cdn.consentmanager.mgr.consensu.org/delivery/ 332 KB
63 KB 70ms
29ms Script
application/javascript 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.consentmanager.mgr.consensu.org/delivery/cmp_en.min.js
Requested by: Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/ICW/brightsidebeauty.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PleskLin
Resource Hash: 174516643e80a949d5a4dc2796dd95745dfa284cb7d5a7333ad441ec898072aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
x-77-nzt-ray: ElGv2d3v8U4=
x-powered-by: PleskLin
x-77-cache: HIT
x-cache: HIT
x-age: 621
x-77-nzt: AcO1ry+iBjb/bQIAAA==
x-accel-expires: @1639001395
last-modified: Tue, 30 Nov 2021 11:32:34 GMT
server: CDN77-Turbo
etag: W/"53163-5d1ffe9dd1880"
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1800, public

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/313490/ 9 KB
4 KB 26ms
10ms XHR
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fbrightsidebeauty.com%2F
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/455277/hb_323303_10647.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 418087feaa68e5be402fa18168cd35e77cceffc8b87e1831bda4168ddf4dd801

Request headers

Referer: https://brightsidebeauty.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 12:01:28 GMT
server: nginx
etag: W/"61b09e98-2260"
content-type: application/json
access-control-allow-origin: https://brightsidebeauty.com
expires: Wed, 08 Dec 2021 22:50:16 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
822 B 43ms
14ms XHR
application/json 185.33.221.13
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: fdyn.pubwise.io
URL: https://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.13 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

729.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

465460b23794cfb08c58a4efa6b053c7a20c60e904131021f57bb540fd1bd3c7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://brightsidebeauty.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 08 Dec 2021 21:50:16 GMT
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 729.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ec8b199c-89b6-4966-abd7-b6cd8ad950fd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://brightsidebeauty.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 65 B
300 B 129ms
96ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dgJ9Gw4ler6OoEaKkv7mNO
Requested by: Host: fdyn.pubwise.io
URL: https://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 607f04c54bd2e89beecff5d88be29477e69f3f31db3a0c4347a9c25fbfb0a1e7

Request headers

Referer: https://brightsidebeauty.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://brightsidebeauty.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
380 B 497ms
304ms XHR
text/plain 147.75.61.140
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: fdyn.pubwise.io
URL: https://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://brightsidebeauty.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://brightsidebeauty.com
date: Wed, 08 Dec 2021 21:50:16 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 210
vary: origin, Accept-Encoding

POST
H2 204 prebid Show response
bid.pubwise.io/ 0
182 B 147ms
113ms XHR
text/html 34.107.161.123
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.pubwise.io/prebid
Requested by: Host: fdyn.pubwise.io
URL: https://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.161.123 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 123.161.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://brightsidebeauty.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
via: 1.1 google
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: https://brightsidebeauty.com
x-cloud-trace-context: 16d93d46a6d1186f61e62e203cacf7bc
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 125 B
381 B 109ms
19ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/455277/wrapper_hb_323303_10647.es6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: d3fe97cb4bca37dce35a36b49b6b3b500a669b314a5c63aba860fd7cd624190d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://brightsidebeauty.com
Date: Wed, 08 Dec 2021 21:50:16 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 125
Content-Type: application/json

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
422 B 109ms
21ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=323303&site_id=10647&full_page_url=https%3A%2F%2Fbrightsidebeauty.com%2F&adid=y2eso6.gn&vpbv=N014&lifecycle_tte=1237
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/455277/wrapper_hb_323303_10647.es6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://brightsidebeauty.com
Date: Wed, 08 Dec 2021 21:50:16 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 30ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1846394040&t=pageview&_s=1&dl=https%3A%2F%2Fbrightsidebeauty.com%2F&ul=en-us&de=UTF-8&dt=BrightsideBeauty&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=580396050&gjid=1934835839&cid=2041026916.1639000216&tid=UA-136605546-5&_gid=1274239407.1639000216&_r=1&gtm=2ouc10&z=1131452739

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://brightsidebeauty.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://brightsidebeauty.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 j.html Show response
p.nodserving.com/prebidlink/18969/ Frame 55F2 1 KB
879 B 59ms
9ms Document
text/html 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.nodserving.com/prebidlink/18969/j.html?i=11600
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/455277/hb_323303_10647.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: cf35c9e8af47d8cd7233bebf1b785af16546782547f31501432cb7ad97d84714

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
content-type: text/html; charset=utf-8
server: nginx
last-modified: Wed, 16 Sep 2020 14:50:15 GMT
etag: W/"5f622627-434"
cache-control: max-age=3600
content-encoding: gzip
expires: Wed, 08 Dec 2021 22:50:16 GMT
access-control-allow-origin: *

GET
H2 200 bV8xLndfMTM1NjYuZF81MzI0LnhfMTAudi5w.js Show response
cdn.consentmanager.mgr.consensu.org/delivery/customdata/ 84 KB
14 KB 13ms
13ms Script
application/javascript 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.consentmanager.mgr.consensu.org/delivery/customdata/bV8xLndfMTM1NjYuZF81MzI0LnhfMTAudi5w.js

Requested by

Host: consentmanager.mgr.consensu.org
URL: https://consentmanager.mgr.consensu.org/delivery/cmp.php?id=13566&h=https%3A%2F%2Fbrightsidebeauty.com%2F&undefined&__cmpfcc=1&l=en&o=1639000216176

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo / PleskLin

Resource Hash

081d38bd994b40da0280fa746085aca05c6ed9f3dcb01a9ba464b92acb059593

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
x-powered-by: PleskLin
x-77-cache: HIT
x-cache: HIT
x-age: 195
x-xss-protection: 0
x-77-nzt: AcO1ry/C6Tz/wwAAAA==
x-accel-expires: @1639001821
last-modified: Wed, 08 Dec 2021 21:47:01 GMT
server: CDN77-Turbo
x-77-nzt-ray: cIkixn/BIIg=
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *, *
cache-control: public, max-age=1800
expires: Wed, 08 Dec 2021 22:17:01 GMT

GET
H2 200 liveView.php Show response
live.primis.tech/live/ 43 KB
12 KB 177ms
134ms Script
text/javascript 63.250.56.141
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?s=108135&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&subId=[SUBID_ENCODED]&vp_content=plembed1e38pvqlxoum&vp_template=8166&subId=undefined
Requested by: Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 8d1f9ef8fafbc796e5837a7b48e15b1e1de800b1ecd0c38843e508b734859ef2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:15 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/javascript; charset=utf-8

GET
H/1.1 200
OK /
consentmanager.mgr.consensu.org/delivery/info/ 43 B
353 B 20ms
19ms Image
image/gif 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consentmanager.mgr.consensu.org/delivery/info/?id=13566&did=1&cfdid=1&t=pv.d_ncs.d_ancs.d_bncs&h=https%3A%2F%2Fbrightsidebeauty.com%2F&o=1639000216355&l=EN&lv=0&d=1&ct=14&e=&e2=&e3=&i=&sv=31&dv=10&

Requested by

Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Dec 2021 21:50:16 GMT
Last-Modified: Wed, 08 Dec 2021 21:50:16 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 43
X-XSS-Protection: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK /
consentmanager.mgr.consensu.org/delivery/info/ 43 B
353 B 39ms
19ms Image
image/gif 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consentmanager.mgr.consensu.org/delivery/info/?id=13566&did=1&cfdid=1&t=cv&h=https%3A%2F%2Fbrightsidebeauty.com%2F&o=1639000216356&l=EN&lv=0&d=1&ct=14&e=&e2=&e3=&i=&sv=31&dv=10&

Requested by

Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Dec 2021 21:50:16 GMT
Last-Modified: Wed, 08 Dec 2021 21:50:16 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 43
X-XSS-Protection: 0
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 logo1592405744x390.gif
cdn.consentmanager.mgr.consensu.org/delivery/img/ 29 KB
29 KB 10ms
9ms Image
image/gif 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.consentmanager.mgr.consensu.org/delivery/img/logo1592405744x390.gif
Requested by: Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PleskLin
Resource Hash: 73e80796df0f325249f01776635aecedb926aaa6df8404c66aedb6941f95d918

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 08 Dec 2021 21:50:16 GMT
x-77-nzt-ray: 5bNMtSK55Ws=
x-powered-by: PleskLin
x-77-cache: HIT
x-cache: HIT
x-age: 24596
content-length: 29354
x-77-nzt: AcO1ry+goAr/FGAAAA==
x-accel-expires: @1639062020
last-modified: Wed, 17 Feb 2021 09:59:32 GMT
server: CDN77-Turbo
etag: "602ce904-72aa"
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=86400, public
accept-ranges: bytes

GET
H2 200 en.gif
cdn.consentmanager.mgr.consensu.org/delivery/flags/ 384 B
831 B 13ms
13ms Image
image/gif 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.consentmanager.mgr.consensu.org/delivery/flags/en.gif
Requested by: Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PleskLin
Resource Hash: eee4cf12a666b414c57a7f3ad86679b3f8d3baeb0914c5f2ec68243d9375d881

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Wed, 08 Dec 2021 21:50:16 GMT
vary: Accept-Encoding
x-77-nzt-ray: 1FZnQ9RADwg=
x-powered-by: PleskLin
x-77-cache: HIT
x-cache: HIT
x-age: 24652
content-length: 384
x-77-nzt: AcO1ry/yTxX/TGAAAA==
x-accel-expires: @1639061964
last-modified: Tue, 30 Mar 2021 19:22:21 GMT
server: CDN77-Turbo
etag: "180-5bec5ead1b540"
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: image/gif
access-control-allow-origin: *
x-accel-version: 0.01
cache-control: max-age=86400, public
accept-ranges: bytes

POST
H2 204 / Show response
api.pubwise.io/api/v8/event/add/ 0
147 B 137ms
105ms XHR
text/plain 130.211.34.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pubwise.io/api/v8/event/add/
Requested by: Host: fdyn.pubwise.io
URL: https://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.34.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 132.34.211.130.bc.googleusercontent.com
Software: nginx/1.19.8 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://brightsidebeauty.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
via: 1.1 google
server: nginx/1.19.8
vary: Origin
access-control-allow-origin: https://brightsidebeauty.com
access-control-allow-credentials: true
x-bes: pw-api-v8log-zm3c
alt-svc: clear

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 572 B
619 B 21ms
20ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=628405&aid2=628406&aid3=undefined
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/455277/wrapper_hb_323303_10647.es6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 5e33920d7f1fbf5fa6de9509acc0da78f9d6c63aa301c31e7246ce5650f24933

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 21:50:16 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://brightsidebeauty.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 324

GET
H2 200 pbm_307825_11600.js Show response
p.nodserving.com/prebidlink/18969/ Frame 55F2 28 KB
11 KB 10ms
10ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://p.nodserving.com/prebidlink/18969/pbm_307825_11600.js
Requested by: Host: p.nodserving.com
URL: https://p.nodserving.com/prebidlink/18969/j.html?i=11600
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 80e53c89e047a1e661eaefb8b9727490e3c9cb4e47e05e59c5cb5a90515b8f43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://p.nodserving.com/prebidlink/18969/j.html?i=11600
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 14:08:14 GMT
server: nginx
etag: W/"61b0bc4e-6f44"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600
expires: Wed, 08 Dec 2021 22:50:16 GMT

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ Frame 55F2 43 B
287 B 22ms
20ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?pubbid=0&event=11&full_page_url=https%3A%2F%2Fbrightsidebeauty.com&adid=19845da2278596&vpbv=M055&client_id=307825&site_id=11600&lifecycle_tte=150
Requested by: Host: p.nodserving.com
URL: https://p.nodserving.com/prebidlink/18969/pbm_307825_11600.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://p.nodserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://p.nodserving.com
Date: Wed, 08 Dec 2021 21:50:16 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ Frame 55F2 125 B
377 B 20ms
20ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: p.nodserving.com
URL: https://p.nodserving.com/prebidlink/18969/pbm_307825_11600.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: d3fe97cb4bca37dce35a36b49b6b3b500a669b314a5c63aba860fd7cd624190d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://p.nodserving.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://p.nodserving.com
Date: Wed, 08 Dec 2021 21:50:16 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 125
Content-Type: application/json

GET

csync
sync.adtelligent.com/ Frame 1A39
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=35b9753f-b9f4-4a03-b524-2709efbee35a

0
0

GET csync
sync.adtelligent.com/ 0
0

GET
H2 204 match
dm.hybrid.ai/ 0
238 B 159ms
51ms Image
text/plain 37.18.16.23
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=186&burl=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D324902%26extuid%3D%24%7BVID%7D

Requested by

Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.23 , Netherlands, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:16 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 111
x-xss-protection: 1; mode=block
expires: -1

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame 1E43 5 KB
2 KB 21ms
21ms Script
text/javascript 63.250.56.141
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?s=108135&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&subId=[SUBID_ENCODED]&vp_content=plembed1e38pvqlxoum&vp_template=8166&subId=undefined&cbuster=1639000216&pubUrlAuto=https%3A%2F%2Fbrightsidebeauty.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108135&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&subId=[SUBID_ENCODED]&vp_content=plembed1e38pvqlxoum&vp_template=8166&subId=undefined
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 3baf29b3c88d34a04bc84cb10de7d0ccd2ba7d19f591c44a8128869c221eb313

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/javascript; charset=utf-8

GET
H2 200 iab_consent_sdk.v1.0.js Show response
live.primis.tech/content/ClientDetections/ Frame 1E43 19 KB
6 KB 17ms
17ms Script
application/javascript 63.250.56.141
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108135&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&subId=[SUBID_ENCODED]&vp_content=plembed1e38pvqlxoum&vp_template=8166&subId=undefined&cbuster=1639000216&pubUrlAuto=https%3A%2F%2Fbrightsidebeauty.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:15 GMT
content-encoding: gzip
last-modified: Wed, 12 Feb 2020 15:01:36 GMT
server: nginx
etag: W/"5e441350-4be0"
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Thu, 08 Dec 2022 21:50:15 GMT

GET
H2 200 DetectGDPR2.v1.1.js Show response
live.primis.tech/content/ClientDetections/ Frame 1E43 9 KB
3 KB 15ms
15ms Script
application/javascript 63.250.56.141
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108135&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&subId=[SUBID_ENCODED]&vp_content=plembed1e38pvqlxoum&vp_template=8166&subId=undefined&cbuster=1639000216&pubUrlAuto=https%3A%2F%2Fbrightsidebeauty.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 09:45:48 GMT
server: nginx
etag: W/"6024fccc-228f"
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Thu, 08 Dec 2022 21:50:16 GMT

GET
H2 200 DetectGDPR.v1.1.js Show response
live.primis.tech/content/ClientDetections/ Frame 1E43 8 KB
3 KB 15ms
15ms Script
application/javascript 63.250.56.141
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108135&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&subId=[SUBID_ENCODED]&vp_content=plembed1e38pvqlxoum&vp_template=8166&subId=undefined&cbuster=1639000216&pubUrlAuto=https%3A%2F%2Fbrightsidebeauty.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 09:45:48 GMT
server: nginx
etag: W/"6024fccc-1ef8"
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Thu, 08 Dec 2022 21:50:16 GMT

GET
H2 200 hls.0.12.4_2.min.js Show response
live.primis.tech/content/video/hls/ Frame 1E43 256 KB
86 KB 24ms
24ms Script
application/javascript 63.250.56.141
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108135&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&subId=[SUBID_ENCODED]&vp_content=plembed1e38pvqlxoum&vp_template=8166&subId=undefined&cbuster=1639000216&pubUrlAuto=https%3A%2F%2Fbrightsidebeauty.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:15 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 08:36:05 GMT
server: nginx
etag: W/"5f34fb75-3ff27"
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Thu, 08 Dec 2022 21:50:15 GMT

GET
H2 200 prebidVid.5.18.0_6.min.js Show response
live.primis.tech/content/prebid/ Frame 1E43 482 KB
175 KB 37ms
36ms Script
application/javascript 63.250.56.141
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108135&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&subId=[SUBID_ENCODED]&vp_content=plembed1e38pvqlxoum&vp_template=8166&subId=undefined&cbuster=1639000216&pubUrlAuto=https%3A%2F%2Fbrightsidebeauty.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 6a6c28a2bae4339f212ecd19e178a40e02a8f5cc7e40203633d6981353a0c6af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 12:28:42 GMT
server: nginx
etag: W/"619b8cfa-7892b"
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Thu, 08 Dec 2022 21:50:16 GMT

GET
H2 200 liveVideo.php Show response
live.primis.tech/live/ Frame 1E43 610 KB
170 KB 54ms
54ms Script
text/html 63.250.56.141
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31322D30385F32337D7B7331363637313839357D7B4335377D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&userIpAddr=91.199.118.78&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61b128987dc74&debugInfo=16671895_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671895&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e38pvqlxoum&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fbrightsidebeauty.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=8166&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=undefined_brightsidebeauty.com
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108135&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&subId=[SUBID_ENCODED]&vp_content=plembed1e38pvqlxoum&vp_template=8166&subId=undefined&cbuster=1639000216&pubUrlAuto=https%3A%2F%2Fbrightsidebeauty.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 2af4c0c3d8ab0d34d430d5c07a6d99e74cd34ff88094060408373f604d7b6fc6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: gzip
server: nginx
content-type: text/html; charset=UTF-8

GET
H2 200 primisslate.css
live.primis.tech/content/video/css/ 17 KB
5 KB 14ms
13ms Stylesheet
text/css 63.250.56.141
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/video/css/primisslate.css
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31322D30385F32337D7B7331363637313839357D7B4335377D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&userIpAddr=91.199.118.78&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61b128987dc74&debugInfo=16671895_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671895&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e38pvqlxoum&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fbrightsidebeauty.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=8166&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=undefined_brightsidebeauty.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:15 GMT
content-encoding: gzip
last-modified: Tue, 18 Aug 2020 10:07:25 GMT
server: nginx
etag: W/"5f3ba85d-45c8"
content-type: text/css

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 1E43 134 KB
36 KB 33ms
9ms Script
application/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31322D30385F32337D7B7331363637313839357D7B4335377D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&userIpAddr=91.199.118.78&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61b128987dc74&debugInfo=16671895_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671895&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e38pvqlxoum&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fbrightsidebeauty.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=8166&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=undefined_brightsidebeauty.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
content-encoding: gzip
etag: 1e39d25f07f5619925357b752ab10d04
age: 694
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1B22VJG3TQXYDZ4GD591
date: Wed, 08 Dec 2021 21:38:42 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: o0ifHIN2dXlDNWkL97oXeLsJ8TnSCBpPuKVqzddzlh0YAxDm7coZJw==

GET
H3 200 css
fonts.googleapis.com/ Frame F76C 2 KB
549 B 30ms
16ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=swap

Requested by

Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Dec 2021 20:05:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Dec 2021 21:50:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Dec 2021 21:50:16 GMT

GET
H3 200 css
fonts.googleapis.com/ 2 KB
549 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=swap

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31322D30385F32337D7B7331363637313839357D7B4335377D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&userIpAddr=91.199.118.78&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61b128987dc74&debugInfo=16671895_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671895&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e38pvqlxoum&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fbrightsidebeauty.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=8166&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=undefined_brightsidebeauty.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Dec 2021 21:47:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 08 Dec 2021 21:50:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Dec 2021 21:50:16 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 92EE 14 KB
5 KB 41ms
8ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61b128987dc74%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3DCPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31322D30385F32337D7B7331363637313839357D7B4335377D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&userIpAddr=91.199.118.78&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61b128987dc74&debugInfo=16671895_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671895&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e38pvqlxoum&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fbrightsidebeauty.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=8166&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=undefined_brightsidebeauty.com
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=89109
expires: Thu, 09 Dec 2021 22:35:25 GMT
date: Wed, 08 Dec 2021 21:50:16 GMT
vary: Accept-Encoding

GET
H2

200

liveCS.php Show response
live.primis.tech/live/ Frame 6AE6
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61b128987dc74%26pixel%3D%26advId%3D94%26advUuid%3D%24...
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61b128987dc74%26pixel%3D%26advId%3D94%26advUuid%3D%24...
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61b128987dc74&pixel=&advId=94&advUuid=d490e8dc-5870-11ec-825b-1c5660560506

0
223 B

17ms
17ms

Document
text/html

63.250.56.141
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=61b128987dc74&pixel=&advId=94&advUuid=d490e8dc-5870-11ec-825b-1c5660560506
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31322D30385F32337D7B7331363637313839357D7B4335377D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&userIpAddr=91.199.118.78&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61b128987dc74&debugInfo=16671895_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671895&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e38pvqlxoum&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fbrightsidebeauty.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=8166&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=undefined_brightsidebeauty.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/

Response headers

server: nginx
date: Wed, 08 Dec 2021 21:50:15 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
pragma: no-cache
age: 0
content-encoding: gzip

Redirect headers

Server: nginx
Date: Wed, 08 Dec 2021 21:50:16 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=61b128987dc74&pixel=&advId=94&advUuid=d490e8dc-5870-11ec-825b-1c5660560506
X-fe: 102
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

GET
H2 200 cm Show response
u.openx.net/w/1.0/ Frame 3348 43 B
306 B 38ms
16ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61b128987dc74%26pixel%3D%26advId%3D98%26advUuid%3D
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31322D30385F32337D7B7331363637313839357D7B4335377D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&userIpAddr=91.199.118.78&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61b128987dc74&debugInfo=16671895_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671895&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e38pvqlxoum&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fbrightsidebeauty.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=8166&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=undefined_brightsidebeauty.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.221.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Wed, 08 Dec 2021 21:50:16 GMT
content-type: text/html
content-length: 56
content-encoding: gzip
cache-control: private, max-age=0, no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK sync.html Show response
s.console.adtarget.com.tr/ Frame B395 2 KB
1 KB 146ms
21ms Document
text/html 2a0c:5c81:5095:0:225:90ff:fefa:245d
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31322D30385F32337D7B7331363637313839357D7B4335377D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&userIpAddr=91.199.118.78&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61b128987dc74&debugInfo=16671895_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671895&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e38pvqlxoum&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fbrightsidebeauty.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=8166&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=undefined_brightsidebeauty.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 951390bcfaccee7d73d88621882776f7f0b55799217f47d1feb0f339acb8f41a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/

Response headers

Server: VertaMedia 1.0
Date: Wed, 08 Dec 2021 21:50:16 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 850
Access-Control-Allow-Origin: https://brightsidebeauty.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame 1E43 127 KB
10 KB 52ms
52ms XHR
application/json 63.250.56.141
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwMyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMmA3NwAyMxZ2nWRyo182MGJxZTE2OTA1ZWIkOTI3NmQ3MmxmJTJGqzyxNwFuZTI4NmE5NGI4MwImMmMjMwE5OC5gpDQzqzyxX2NioaRyoaRsnWQ9MTx5OTY1NSZ2nWRsY29hqGVhqF9xZXNwPVRbnXMeV2VynlgcovgInXN0o3J5KlUlODElJTJGNvfgKmElJTJGMTIyMwxzqzyxX2NioaRyoaRsqGy0oGU9VGucplgXZWVeK2yhK0ucp3RipaxeJTI4MTIyMxY2Kl0eMTIyMxYkMvUlOSZ2nWRsY29hqGVhqF9xqXJuqGyiow01NSZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTMmOSZ5PTE5MSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZvpzyanHRmnWRyYzVuqXR5LzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMkMxQmMTMlMxQmMDM4NUYmMwMmN0Q3QwpmMmEmNwM2MmpmMTM4MmxmNTqEN0I0MmM1Mmp3RDqCNTM2NDU3MmU2QwVBNTp1QTpjNwI2RDU2NxI1ODMlNEE3OTYkNTp2NDZGNwQ0ODRFNmA1QTQ3NTY2OTVBNTp0NwMkNwQ0ODZCNmU1OTMlMmx3NDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwM5MmA3RDqCNTxmMmM5MmA3RDqCNwYmMTqEN0I0QmM4MmEmNwM2N0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01MC4kMTt4Jzqyo0kiozp9OC42ODQmJaVmZXJJpEFxZHI9OTEhMTx5LwEkOC43OCZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGOTYhMC40NwY0LwQ1K1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD0zY3N1qWyxPTYkYwElODx4N2RwNmQzY2J1p3Rypw0kNwM5MDAjMwE2Nwx4JzqxpHI9MSZaZHBlQ29hp2VhqD1DUFE2NVu6UFE2NVu6QWZZZUJFTxI0Q2qBQUFBQUFBQUFBnWqBQUFHZzqBZ0qzQUEznXNXZVBup3NHZHBlPTA=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31322D30385F32337D7B7331363637313839357D7B4335377D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&userIpAddr=91.199.118.78&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61b128987dc74&debugInfo=16671895_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671895&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e38pvqlxoum&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fbrightsidebeauty.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=8166&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=undefined_brightsidebeauty.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: d2b8e7b79b49b513c33826b06ee25d973f856fc853c3db34edc020bcb4a34f67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://brightsidebeauty.com
cache-control: no-store
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 9982

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame 1E43 127 KB
10 KB 63ms
63ms XHR
application/json 63.250.56.141
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwMyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMmA3NwAyMxZ2nWRyo182MGJxZTE2OTA1ZWIkOTI3NmQ3MmxmJTJGqzyxNwFuZTI4NmE5NGI4MwImMmMjMwE5OC5gpDQzqzyxX2NioaRyoaRsnWQ9MTx5OTY1NSZ2nWRsY29hqGVhqF9xZXNwPVRbnXMeV2VynlgcovgInXN0o3J5KlUlODElJTJGNvfgKmElJTJGMTIyMwxzqzyxX2NioaRyoaRsqGy0oGU9VGucplgXZWVeK2yhK0ucp3RipaxeJTI4MTIyMxY2Kl0eMTIyMxYkMvUlOSZ2nWRsY29hqGVhqF9xqXJuqGyiow01NSZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTQjMCZ5PTIlNSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZvpzyanHRmnWRyYzVuqXR5LzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMkMxQmMTMlMxQmMDM4NUYmMwMmN0Q3QwpmMmEmNwM2MmpmMTM4MmxmNTqEN0I0MmM1Mmp3RDqCNTM2NDU3MmU2QwVBNTp1QTpjNwI2RDU2NxI1ODMlNEE3OTYkNTp2NDZGNwQ0ODRFNmA1QTQ3NTY2OTVBNTp0NwMkNwQ0ODZCNmU1OTMlMmx3NDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwM5MmA3RDqCNTxmMmM5MmA3RDqCNwYmMTqEN0I0QmM4MmEmNwM2N0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01MC4kMTt4Jzqyo0kiozp9OC42ODQmJaVmZXJJpEFxZHI9OTEhMTx5LwEkOC43OCZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGOTYhMC40NwY0LwQ1K1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD0zY3N1qWyxPTYkYwElODx4N2RwNmQzY2J1p3Rypw0kNwM5MDAjMwE2Nwx5JzqxpHI9MSZaZHBlQ29hp2VhqD1DUFE2NVu6UFE2NVu6QWZZZUJFTxI0Q2qBQUFBQUFBQUFBnWqBQUFHZzqBZ0qzQUEznXNXZVBup3NHZHBlPTA=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31322D30385F32337D7B7331363637313839357D7B4335377D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&userIpAddr=91.199.118.78&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61b128987dc74&debugInfo=16671895_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671895&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e38pvqlxoum&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fbrightsidebeauty.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=8166&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=undefined_brightsidebeauty.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e06f3a87d33fc03fea81993288073020a61ae273d364ed64536429b6432fb00a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:15 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://brightsidebeauty.com
cache-control: no-store
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 9982

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame 1E43 104 KB
9 KB 64ms
64ms XHR
application/json 63.250.56.141
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwMyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMmA3NwAyMxZ2nWRyo182MGJxZTE2OTA1ZWIkOTI3NmQ3MmxmJTJGqzyxNwFuZTI4NmE5NGI4MwImMmMjMwE5OC5gpDQzqzyxX2NioaRyoaRsnWQ9MTx5OTY1NSZ2nWRsY29hqGVhqF9xZXNwPVRbnXMeV2VynlgcovgInXN0o3J5KlUlODElJTJGNvfgKmElJTJGMTIyMwxzqzyxX2NioaRyoaRsqGy0oGU9VGucplgXZWVeK2yhK0ucp3RipaxeJTI4MTIyMxY2Kl0eMTIyMxYkMvUlOSZ2nWRsY29hqGVhqF9xqXJuqGyiow01NSZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTMmOSZ5PTE5MSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZvpzyanHRmnWRyYzVuqXR5LzNioSUlRvZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMkMxQmMTMlMxQmMDM4NUYmMwMmN0Q3QwpmMmEmNwM2MmpmMTM4MmxmNTqEN0I0MmM1Mmp3RDqCNTM2NDU3MmU2QwVBNTp1QTpjNwI2RDU2NxI1ODMlNEE3OTYkNTp2NDZGNwQ0ODRFNmA1QTQ3NTY2OTVBNTp0NwMkNwQ0ODZCNmU1OTMlMmx3NDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNwM5MmA3RDqCNTxmMmM5MmA3RDqCNwYmMTqEN0I0QmM4MmEmNwM2N0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01MC4kMTt4Jzqyo0kiozp9OC42ODQmJaVmZXJJpEFxZHI9OTEhMTx5LwEkOC43OCZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGOTYhMC40NwY0LwQ1K1NuZzFlnSUlRwUmNl4mNvZjoGF5ZXJBpGyJZD0zY3N1qWyxPTYkYwElODx4N2RwNmQzY2J1p3Rypw0kNwM5MDAjMwE2NmA4JzqxpHI9MSZaZHBlQ29hp2VhqD1DUFE2NVu6UFE2NVu6QWZZZUJFTxI0Q2qBQUFBQUFBQUFBnWqBQUFHZzqBZ0qzQUEznXNXZVBup3NHZHBlPTA=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31322D30385F32337D7B7331363637313839357D7B4335377D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&userIpAddr=91.199.118.78&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F96.0.4664.45+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61b128987dc74&debugInfo=16671895_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16671895&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e38pvqlxoum&secondaryContent=&x=690&y=390&pubUrl=https%3A%2F%2Fbrightsidebeauty.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1188&geoLong=8.6843&vpTemplate=8166&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=undefined_brightsidebeauty.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: b02df6382da0493eaa1fb066a95520716ffffa71104de56540534cae66db176c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://brightsidebeauty.com
cache-control: no-store
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 9119

GET
H2 200 chunklist_480.m3u8 Show response
video.primis.tech/uploads/cn23/video/users/hls/30760/video_60bde16905eb1927747393/vid61ae287194b82233302198.mp4/ 443 B
879 B 77ms
12ms XHR
application/vnd.apple.mpegurl 185.167.96.211
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn23/video/users/hls/30760/video_60bde16905eb1927747393/vid61ae287194b82233302198.mp4/chunklist_480.m3u8
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 5d3ad858c11899b9f15d6a3a58875bea048d669c3b8d9cb87d34484d926610ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
via: 1.1 bcfde77e1326fd9531586693834730c1.cloudfront.net (CloudFront)
x-amz-cf-pop: WAW50-C1
content-length: 443
last-modified: Mon, 06 Dec 2021 15:13:41 GMT
server: Tengine
etag: "1c540648331eaaa6b7bb476c35559901"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: max-age=1209600
x-proxy-cache: HIT
accept-ranges: bytes
x-amz-cf-id: _BIXKEC8vQHGxjFbC0q4ID4gRv-7kAs896LtADaoY-lFq7I504itzg==
expires: Wed, 22 Dec 2021 21:50:16 GMT

GET
H2 200 vid61ae287194b82233302198_thumb.jpg
video.primis.tech/uploads/cn23/video/users/converted/30760/video_60bde16905eb1927747393/ Frame F76C 958 B
1 KB 73ms
15ms Image
image/jpeg 185.167.96.211
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn23/video/users/converted/30760/video_60bde16905eb1927747393/vid61ae287194b82233302198_thumb.jpg?cbuster=1638803628
Requested by: Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 8ee6e3fb0938946ff531932eb1d316a967c0a1cfdec8c9873e949ab24a1867ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
via: 1.1 e75adcd0df674e7b66e6fe6c2c768b08.cloudfront.net (CloudFront)
last-modified: Mon, 06 Dec 2021 15:13:08 GMT
server: Tengine
x-amz-cf-pop: WAW50-C1
etag: "921f12f51653d41aa37b295f030bed06"
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 22 Dec 2021 21:50:16 GMT
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 958
x-amz-cf-id: T-H_f24hBfTV47rAZ9aMHMMSWZzsKWzBoJ6q8aUCgiw49iN7kpf1fg==
x-proxy-cache: HIT

GET
H2 200 vid61a4e3ffc4001888720775_thumb.jpg
video.primis.tech/uploads/cn16/video/users/converted/30760/video_60bde16905eb1927747393/ Frame F76C 961 B
1 KB 73ms
15ms Image
image/jpeg 185.167.96.211
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn16/video/users/converted/30760/video_60bde16905eb1927747393/vid61a4e3ffc4001888720775_thumb.jpg?cbuster=1638196288
Requested by: Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 156d0c25094a12d21b461b81bccff84a8edc7f50e3ccace638ab0973bf2a44a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified: Mon, 29 Nov 2021 14:30:42 GMT
server: Tengine
x-amz-cf-pop: FRA60-P4
etag: "1cc6cc84d7f02a952a7608ef00ba7ebd"
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 22 Dec 2021 21:50:16 GMT
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 961
x-amz-cf-id: eM6kKX6G-2u6s0mhhpmyWhHqH3uKG6HzvjGjlDQ1eJU1EZnWT4qQUA==
x-proxy-cache: HIT

GET
H2 200 vid5f0d24e8e1640085172147_thumb.jpg
video.primis.tech/uploads/cn25/video/users/converted/28743/video_5de3954e0895a499415686/ Frame F76C 2 KB
2 KB 75ms
18ms Image
image/jpeg 185.167.96.211
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn25/video/users/converted/28743/video_5de3954e0895a499415686/vid5f0d24e8e1640085172147_thumb.jpg?cbuster=1614090882
Requested by: Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 879053bd98fddbf00b4ef53fe5c2bc41226572b60cf92738ff7017db110c05b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
via: 1.1 6f44cdfb15fbc531a6e5744b23d2e9e2.cloudfront.net (CloudFront)
last-modified: Tue, 17 Aug 2021 18:28:34 GMT
server: Tengine
x-amz-cf-pop: WAW50-C1
etag: "e42c966cac834a60d178377a6f41caf7"
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 22 Dec 2021 21:50:16 GMT
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 1932
x-amz-cf-id: C8r-F30B74Ozm09WZjBiNc43DHhBT4kEhIOf-SyD0Yfk_qubJWt1qw==
x-proxy-cache: HIT

GET
H2 200 liveView.php
live.primis.tech/live/ 0
226 B 22ms
19ms Image
text/html 63.250.56.141
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTYmOTAjMDIkNvZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA4MTM1JaN0YT0jJat9NwxjJax9MmxjJaZcZF9jYXNmRG9gYWyhPWJlnWqbqHNcZGVvZWF1qHxhY29gJaN1YxyxPXVhZGVznW5yZF9vpzyanHRmnWRyYzVuqXR5LzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmElRDMkMmIlRDMjMmt1RwMlMmM3RDqCNmMmMTM2MmYmNmMkMmtmOTM1N0Q3QwQmMmUmNmqEN0I1MmY0NTpmNTZCNUE1NmVBNmA2MwZENTY2QwU4MmI0QTp5NwE1NmY0NxY2NDQ4NEU3MDVBNDp1NwY5NUE1NmQ2MmE2NDQ4NxI3NTU5MmImOTp0N0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmxmMDqEN0I1OTMmMmxmMDqEN0I2NwMkN0Q3QwRDMmtmMTM2MmY3REZFRxUzZGyunWQ9JaVmZXJJpEFxZHI9OTEhMTx5LwEkOC43OCZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5Nv4jLwQ2NwQhNDUyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYkYwElODx4N2RwNmQzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PUNQUTY1WHcQUTY1WHcBZyyyQxVOQwRDZ0FBQUFBQUFBQUFcZ0FBQUqzZ0FaR2ZBQSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTYmOTAjMDIkNwY5MvZ1nWQ9U2VenW5xo1NQoGF5ZXI2MWIkMwt5ODt3OWMmJaB1YyVloD1bqHRjplUmQSUlRvUlRzJlnWqbqHNcZGVvZWF1qHxhY29gJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Requested by: Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H2 200 liveView.php
live.primis.tech/live/ 0
226 B 22ms
20ms Image
text/html 63.250.56.141
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTQmJaNypaZypyRcoWU9MTYmOTAjMDIkNvZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA4MTM1JaN0YT0jJat9NwxjJax9MmxjJaZcZF9jYXNmRG9gYWyhPWJlnWqbqHNcZGVvZWF1qHxhY29gJaN1YxyxPXVhZGVznW5yZF9vpzyanHRmnWRyYzVuqXR5LzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaVmZXJJpEFxZHI9OTEhMTx5LwEkOC43OCZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5Nv4jLwQ2NwQhNDUyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYkYwElODx4N2RwNmQzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PUNQUTY1WHcQUTY1WHcBZyyyQxVOQwRDZ0FBQUFBQUFBQUFcZ0FBQUqzZ0FaR2ZBQSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTYmOTAjMDIkNwY5MlZ1nWQ9U2VenW5xo1NQoGF5ZXI2MWIkMwt5ODt3OWMmJaB1YyVloD1bqHRjplUmQSUlRvUlRzJlnWqbqHNcZGVvZWF1qHxhY29gJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Requested by: Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:15 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 1E43 43 B
220 B 36ms
9ms Image
image/gif 35.156.121.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=sekindo&gdpr=1&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA
Requested by: Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.121.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-121-212.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 08 Dec 2021 21:50:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame 1E43
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61b128987dc74%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61b128987dc74&pixel=&advId=93&advUuid=aba57fb6-a433-4933-a6ee-cba629a042eb

0
223 B

17ms
16ms

Image
text/html

63.250.56.141
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=61b128987dc74&pixel=&advId=93&advUuid=aba57fb6-a433-4933-a6ee-cba629a042eb
Requested by: Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/
Protocol: H2
Server: 63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
content-type: text/html; charset=utf-8

Redirect headers

location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=61b128987dc74&pixel=&advId=93&advUuid=aba57fb6-a433-4933-a6ee-cba629a042eb
date: Wed, 08 Dec 2021 21:50:16 GMT
server: _
content-length: 0

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame 1E43
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61b128987dc74%26pixel%3D%26advId%3D99%26advUuid%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61b128987dc74%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61b128987dc74&pixel=&advId=99&advUuid=YbEomC27KPxYSV6pP0QfuwAABKoAAAAB

0
223 B

36ms
35ms

Image
text/html

63.250.56.141
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=61b128987dc74&pixel=&advId=99&advUuid=YbEomC27KPxYSV6pP0QfuwAABKoAAAAB
Requested by: Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/
Protocol: H2
Server: 63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:15 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
content-type: text/html; charset=utf-8

Redirect headers

Pragma: no-cache
Date: Wed, 08 Dec 2021 21:50:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=61b128987dc74&pixel=&advId=99&advUuid=YbEomC27KPxYSV6pP0QfuwAABKoAAAAB
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 334
Expires: Wed, 08 Dec 2021 21:50:16 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 1E43 0
239 B 35ms
9ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=primis
Requested by: Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame 1E43
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61b128987dc74%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D61b128987dc74%2526pixel%253D%2526advId%253D105%2526ad...
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61b128987dc74&pixel=&advId=105&advUuid=1265845017761304857

0
223 B

22ms
22ms

Image
text/html

63.250.56.141
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=61b128987dc74&pixel=&advId=105&advUuid=1265845017761304857
Requested by: Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/
Protocol: H2
Server: 63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
content-type: text/html; charset=utf-8

Redirect headers

Pragma: no-cache
Date: Wed, 08 Dec 2021 21:50:16 GMT
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 031aa992-7403-404a-ab59-26ba3cfc9c25
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=61b128987dc74&pixel=&advId=105&advUuid=1265845017761304857
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 vid61ae287194b82233302198.jpg
video.primis.tech/uploads/cn23/video/users/converted/30760/video_60bde16905eb1927747393/ 7 KB
8 KB 76ms
19ms Image
image/jpeg 185.167.96.211
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn23/video/users/converted/30760/video_60bde16905eb1927747393/vid61ae287194b82233302198.jpg?cbuster=1638803628
Requested by: Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 55919a9d14c9cdd997faa1522ce99130c64058f42ff241d763fb31eb5fef3afc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
via: 1.1 544049d1dc4d534822b40b9f9c7529db.cloudfront.net (CloudFront)
last-modified: Mon, 06 Dec 2021 15:13:08 GMT
server: Tengine
x-amz-cf-pop: FRA60-P4
etag: "67806f25d947e7521fad927c31b62ef6"
content-type: image/jpeg
access-control-allow-origin: *
expires: Wed, 22 Dec 2021 21:50:16 GMT
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 7363
x-amz-cf-id: QrMsAqADPEl5vPWLEDPkS8ixSH_eYZguMltxgh6FJOowICZkQA1n3g==
x-proxy-cache: HIT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 22ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://brightsidebeauty.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 461428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 03 Dec 2022 13:39:48 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame F76C 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://brightsidebeauty.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 03 Dec 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 461428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 03 Dec 2022 13:39:48 GMT

GET
H2 200 w_480_00000.ts Show response
video.primis.tech/uploads/cn23/video/users/hls/30760/video_60bde16905eb1927747393/vid61ae287194b82233302198.mp4/ 340 KB
341 KB 24ms
24ms XHR
video/mp2t 185.167.96.211
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn23/video/users/hls/30760/video_60bde16905eb1927747393/vid61ae287194b82233302198.mp4/w_480_00000.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: b62d26bd3c54945e7b9b6caf97daf251df89a6b3bb44764c69eb5a47390dbc22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
via: 1.1 e65c822edea04e16936bdb4537763dd5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
content-length: 348176
last-modified: Mon, 06 Dec 2021 15:13:41 GMT
server: Tengine
etag: "81a6bd065199ebee3739600ce600da72"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
x-proxy-cache: HIT
accept-ranges: bytes
x-amz-cf-id: jepb-0vd8iX9PYpz6yGrrRoxpx7ce783an6k1CzFmOWuDSuTcB_-KQ==
expires: Wed, 22 Dec 2021 21:50:16 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 1E43 6 KB
3 KB 30ms
12ms XHR
application/javascript 13.32.29.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-201.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 63340
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 22:55:20 GMT
server: AmazonS3
date: Wed, 08 Dec 2021 19:37:30 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 a23dafbbb9a61c77bda1d66d97f24e2e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 0huFwO3I_WfKCfCYWp4av3l4DSValarogUUudJURdVhC_p1ZiInRfg==

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 122ms
30ms Preflight 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://brightsidebeauty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 08 Dec 2021 21:50:16 GMT
content-length: 0
cache-control: private
access-control-allow-origin: https://brightsidebeauty.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
access-control-max-age: 86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 / Show response
hb.emxdgt.com/ Frame 1E43 0
162 B 49ms
15ms XHR
text/plain 35.158.25.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1639000216884&src=pbjs
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.25.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-25-241.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://brightsidebeauty.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://brightsidebeauty.com
date: Wed, 08 Dec 2021 21:50:16 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

GET
H2 200 avjp Show response
primis-d.openx.net/v/1.0/ Frame 1E43 106 B
233 B 69ms
44ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://primis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fbrightsidebeauty.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=5e2061d8-9014-4093-94e8-3f865e2d9afb&nocache=1639000216887&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA&gdpr=1&schain=1.0%2C1!primis.tech%2C28128%2C1%2C%2C%2C&skip=1&auid=540289187&vwd=339&vht=191&aumfs=1500
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: https://brightsidebeauty.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:16 GMT
via: 1.1 google
server: OXGW/16.221.0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://brightsidebeauty.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ Frame 1E43 36 B
333 B 71ms
44ms XHR
application/json 104.89.29.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=491831&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%225c937fbee6aedf%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fbrightsidebeauty.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.18.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226b4de6f3840906%22%2C%22ext%22%3A%7B%22siteID%22%3A%22491831%22%2C%22sid%22%3A%22339x191%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B339%2C191%5D%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22placement%22%3A1%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22w%22%3A339%2C%22h%22%3A191%7D%2C%22bidfloor%22%3A1.5%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22primis.tech%22%2C%22sid%22%3A%2228128%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA%22%7D%7D%7D
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.89.29.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-29-100.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2799f3d0c27beed5ed6b3979d0da1514210583b1364d61357f2c62e95271301a

Request headers

Referer: https://brightsidebeauty.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:16 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.78], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://brightsidebeauty.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 36
x-ak-client-geo: 12
expires: Wed, 08 Dec 2021 21:50:16 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 1E43 171 B
548 B 560ms
81ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://brightsidebeauty.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://brightsidebeauty.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

GET
H2 403 tag Show response
mb9eo-7w62j.ads.tremorhub.com/ad/ Frame 1E43 949 B
1 KB 367ms
125ms XHR
text/html 2600:1f18:612b:4264:d706:ca06:12eb:ef2b
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mb9eo-7w62j.ads.tremorhub.com/ad/tag?adCode=mb9eo-1uemv&playerWidth=339&playerHeight=191&srcPageUrl=https://brightsidebeauty.com/&supplyCode=mb9eo-7w62j&floor=USD:1.59&schain=1.0,1!primis.tech,28128,1,,,&transactionId=9ec06eb9-fc12-4660-a905-3c3f63d6c892&gdpr=1&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA&referrer=https%3A%2F%2Fbrightsidebeauty.com%2F&hb=1&fmt=json
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:d706:ca06:12eb:ef2b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401

Request headers

Referer: https://brightsidebeauty.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Dec 2021 21:50:17 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-language: en
access-control-allow-origin: https://brightsidebeauty.com
access-control-allow-credentials: true
x-tremorvideo-status: REJECTED_BY_REGULATION
content-type: text/html;charset=utf-8
content-length: 949

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 1E43 0
221 B 403ms
328ms XHR
application/json 18.193.57.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.57.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-57-131.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://brightsidebeauty.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://brightsidebeauty.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

GET
H/1.1 200
OK swfIndex.php Show response
ads.stickyadstv.com/www/delivery/ Frame 1E43 67 B
465 B 206ms
133ms XHR
application/xml 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=18603231&componentId=prebid&componentSubId=mustang&timestamp=1639000216891&pKey=1933881472&_fw_gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA&_fw_gdpr=true&loc=https%3A%2F%2Fbrightsidebeauty.com%2F&playerSize=339x191&schain=1.0%2C1!primis.tech%2C28128%2C1%2C%2C%2C
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer: https://brightsidebeauty.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 08 Dec 2021 21:50:17 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://brightsidebeauty.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1639000216888049-371
Expires: Wed, 08 Dec 2021 21:50:17 GMT

GET
H2 200 liveInternalSsp.php Show response
live.primis.tech/live/ Frame 1E43 25 B
317 B 320ms
320ms XHR
text/html 63.250.56.141
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22data%22%3A%22%5C%22JTqCJTIlqzVlJTIlJTNBJTIlqzVlXmEhNSUlMvUlQlUlMz1coxJcZCUlMvUmQTAyMxMyMwJvqXc6ZXIyMwIyM0EyN0IyMwJwo3VhqCUlMvUmQTAyMxMyMwJ0nXRfZUkyovUlMvUmQTEjMCUlQlUlMapyMwIyM0ElMDAyMxMyMwJbJTIlJTNBMTYjJTqEJTJDJTIlq2yxqGtyMwIyM0EmMmxyMxMyMwJbZWyanHQyMwIyM0EkOTEyMxMyMwJmpGFwZUyxJTIlJTNBJTIlNTtjNTpyMwIyMxMyMwJmpGFwZVR5pGUyMwIyM0EyMwJ2YXN0JTIlJTJDJTIlqzyxZW9QoGFwZW1yoaRUrXByJTIlJTNBMSUlQlUlMzyjJTIlJTNBJTIlOTEhMTx5LwEkOC43OCUlMvUlQlUlMzqyo0yxJTIlJTNBNTpyMxMyMwJuoHBbYTJHZW8yMwIyM0EyMwJERSUlMvUlQlUlMzRyqzywZXR5pGUyMwIyM0ElJTJDJTIlqHu0RGV2nWNyqHyjZSUlMvUmQSUlMzRyp2g0o3AyMwIyMxMyMwJvpz93p2VlJTIlJTNBJTIlY2ulo21yJTIlJTJDJTIlo3MyMwIyM0EyMwJXnW5xo3qmJTIlJTJDJTIlqHu0T3MyMwIyM0EyMwJ3nW5xo3qmJTIlJTJDJTIlZGV2nWNyTW9xZWjyMwIyM0EyMwIyMwIyMxMyMwJip1ZypaNco24yMwIyM0EyMwIkMC4jJTIlJTJDJTIlZGV2nWNyTWFhqWZuY3R1pzVlJTIlJTNBJTIlJTIlJTJDJTIlZGV2nWNyQ29xZU5uoWUyMwIyM0EyMwIyMwIyMxMyMwJ1p2VlQWqyoaQyMwIyM0EyMwJNo3ccoGkuJTJGNS4jJTIjKFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolxyMwBDnHJioWUyMxY5Nv4jLwQ2NwQhNDUyMwBTYWZupzxyMxY1MmphMmYyMwIyMxMyMwJfYXQyMwIyM0EyMwI1MC4kMTt4JTIlJTJDJTIloG9hJTIlJTNBJTIlOC42ODQmJTIlJTJDJTIlYXBjTzFgZSUlMvUmQSUlMvUlMvUlQlUlMzFjpEyxJTIlJTNBJTIlJTIlJTJDJTIlnXNBpHAyMwIyM0EjJTJDJTIlYXBjQaVhZGkySWQyMwIyM0EyMwJbqHRjplUmQSUlRvUlRzJlnWqbqHNcZGVvZWF1qHxhY29gJTJGJTIlJTJDJTIlYXBjU3RipzVVpzjyMwIyM0EyMwIyMwIyMxMyMwJupHBQpzy2YWN5UG9fnWN5JTIlJTNBJTIlJTIlJTJDJTIlYXBjSXNQYWyxJTIlJTNBJTIlJTIlJTJDJTIlYXBjRGV2ZWkipGVlJTIlJTNBJTIlJTIlJTJDJTIlnWZuJTIlJTNBJTIlJTIlJTJDJTIlnWZ2JTIlJTNBJTIlJTIlJTJDJTIlYXR0plUlMvUmQSUlMvUlMvUlQlUlMzFjpFZypaNco24yMwIyM0EyMwIyMwIyMxMyMwJlZWZypaJypvUlMvUmQSUlMzu0qHBmJTNBJTJGJTJGYaJcZ2u0p2yxZWJyYXV0rS5wo20yMxYyMwIyMxMyMwJjYWqyJTIlJTNBJTIlnHR0pHMyM0EyMxYyMxZvpzyanHRmnWRyYzVuqXR5LzNioSUlRvUlMvUlQlUlMzqxpHIyMwIyM0EkJTJDJTIlZ2RjpxNioaNyoaQyMwIyM0EyMwJDUFE2NVu6UFE2NVu6QWZZZUJFTxI0Q2qBQUFBQUFBQUFBnWqBQUFHZzqBZ0qzQUEyMwIyMxMyMwJcp1qyUGFmp0qxpHIyMwIyM0EjJTJDJTIlY2NjYSUlMvUmQTAyMxMyMwJwY3BuQ29hp2VhqCUlMvUmQSUlMvUlMvUlQlUlMzRioWFcovUlMvUmQSUlMzJlnWqbqHNcZGVvZWF1qHxhY29gJTIlJTJDJTIlq2Vvp2y0ZSUlMvUmQSUlMaq3ql5mZWgcozRiLzNioSUlMvUlQlUlMaNyY3VlZSUlMvUmQTEyMxMyMwJaZW9To3VlY2UyMwIyM0EyMwJJUCUlMvUlQlUlMzNipHBuJTIlJTNBMCUlQlUlMaV1nWQyMwIyM0EyMwI2MWIkMwt5ODqxYmp0JTIlJTJDJTIlYzkiY2gCpzFhZHMyMwIyM0EyNUIyNUQyMxMyMwJyrHRVp2VlSWRmJTIlJTNBJTVCJTVEJTJDJTIloXJunWRBoGkiq2VxJTIlJTNBMCUlQlUlMzRyYaVaSW5zo3JgYXRco24yMwIyM0EyMwIyMwIyMxMyMwJmnXRySWQyMwIyM0EkMDtkMmUyMxMyMwJjqWJfnXNbZXJJZCUlMvUmQTI4MTI4JTJDJTIlp2NbYWyhJTIlJTNBJTqCJTIlqzVlJTIlJTNBJTIlMS4jJTIlJTJDJTIlY29gpGkyqGUyMwIyM0EkJTJDJTIloz9xZXMyMwIyM0EyNUIyN0IyMwJup2xyMwIyM0EyMwJjpzygnXMhqGVwnCUlMvUlQlUlMaNcZCUlMvUmQSUlMwI4MTI4JTIlJTJDJTIlnHAyMwIyM0EkJTqEJTVEJTqEJTJDJTIlpzVanW9hJTIlJTNBJTIlRVUyMwIyMxMyMwJwYW1jYWyaoaMyMwIyM0EyN0IyMwI3MmY5MvUlMvUmQSU3QvUlMaRlYWNeZXIyMwIyM0EyMwJwYW1jYWyaoxZlZXFDYXAyM0QjJTI1MxYjJTI2Y2FgpGFcZ25JZCUmRDpmNwxlJTI2p3BuY2UlQWRJZCUmRDE2MDtjNTx2JTIlJTJDJTIlpHJyYzyxTaNmpEyhZGV4JTIlJTNBMCUlQlUlMaNjYWNyMxFxSWQyMwIyM0EyMwIkNwA4MDU5NvUlMvUlQlUlMzRyYWjyMwIyM0EyN0IyMwJcp1J0YxRyYWjyMwIyM0EjJTJDJTIlpaRvRGVuoEyxJTIlJTNBJTIlJTIlJTJDJTIlpaRvU2VuqEyxJTIlJTNBJTIlJTIlJTqEJTJDJTIlpaRvV1NyYXQyMwIyM0EyMwIyMwIyMxMyMwJwYW1jYWyaoxyxJTIlJTNBNmM2OTIyMxMyMwJwYW1jYWyaoyNwo3ByJTIlJTNBJTIlpHVvoGywJTIlJTJDJTIlYaV5ZXJVnWQyMwIyM0EyMwIyMwIyMxMyMwJuZFVmZXJJZCUlMvUmQTI5NDp1JTJDJTIlYzNuqCUlMvUmQSUlMvUlMvUlQlUlMzJup2VGoG9ipvUlMvUmQTEhNSUlQlUlMzV4qCUlMvUmQSU3QvUlMaBupaRhZXIyMwIyM0EyMwI5MvUlMvUlQlUlMaJyqyNbYXJyJTIlJTNBJTIlMS4jMCUlMvU3RCUlQlUlMaJyZzVlZW5wZUyxJTIlJTNBNSUlQlUlMzJcZGZfo29lJTIlJTNBMS41JTqEJTqEJTJDJTIlpGFaZWNuqCUlMvUmQSU1QvUlMxyBQwE4JTIlJTJDJTIlSUFCMTMgMlUlMvUlQlUlMxyBQwImJTIlJTJDJTIlSUFCMTUyMwIyNUQyMxMyMwJjoGFwZW1yoaRDYXQyMwIyM0EyNUIyMwJJQUIkOCUlMvU1RCUlQlUlMzNioaRyoaRwYXQyMwIyM0EyNUIyNUQyN0Q%3D%5C%22%22%7D
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7

Request headers

Referer: https://brightsidebeauty.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:16 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://brightsidebeauty.com
cache-control: no-store
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs-simple.com/ut/v3/ Frame 1E43 145 B
836 B 198ms
132ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs-simple.com/ut/v3/prebid

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

eb359f1a05f0e6ba96b5f7f7dacefee911c962811e2c4fc4cf66d77c31bf6297

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://brightsidebeauty.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 08 Dec 2021 21:50:17 GMT
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs-simple.com
AN-X-Request-Uuid: 672539c2-9442-421d-9ccf-0307a0037ff3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://brightsidebeauty.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 1E43 0
411 B 92ms
50ms XHR
text/plain 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://brightsidebeauty.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:17 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://brightsidebeauty.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 liveView.php
live.primis.tech/live/ 43 B
298 B 21ms
21ms Image
image/gif 63.250.56.141
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNwM5MDAjMwE2JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTY3MmE4NmIzrD0mMmxzrT0kOTEzoXN0YT0kNwY3MTt5NSZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPWJlnWqbqHNcZGVvZWF1qHxhY29gJaN1YxyxPWJlnWqbqHNcZGVvZWF1qHxhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqXNypxyjQWRxpw05MS4kOTxhMTE4Lwp4JaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwx2LwAhNDY2NC40NSUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwFvMTI4OTt3ZGM3NCZlqz49JHgWUF9SVx5sTUFDUx99JzF0qGVgpHRNqWk0nXBfnWVlPTIjJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD1DUFE2NVu6UFE2NVu6QWZZZUJFTxI0Q2qBQUFBQUFBQUFBnWqBQUFHZzqBZ0qzQUEznXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2MmxjMDAlMTY4NwpzqWyxPVNyn2yhZG9TUGkurWVlNwFvMTI4OTt4NmywMlZjqWJVpzj9nHR0pHMyM0EyMxYyMxZvpzyanHRmnWRyYzVuqXR5LzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Requested by: Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:16 GMT
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="pixel.gif"
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 liveView.php
live.primis.tech/live/ 43 B
298 B 18ms
18ms Image
image/gif 63.250.56.141
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTYzp2VlqzVlVGygZT0kNwM5MDAjMwE2JaZcZF9joGF5ZXJWZXI9Ml4kLwAzpm01ODA1NlZmqGE9MTYjODA1OTYzrD0mMmxzrT0kOTEzoXN0YT0kNwY3MTt5NSZ2nWRsqzFmqFR5pGU9MlZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9jYXNmRG9gYWyhPWJlnWqbqHNcZGVvZWF1qHxhY29gJaN1YxyxPWJlnWqbqHNcZGVvZWF1qHxhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzqXNypxyjQWRxpw05MS4kOTxhMTE4Lwp4JaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwx2LwAhNDY2NC40NSUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwFvMTI4OTt3ZGM3NCZlqz49JHgWUF9SVx5sTUFDUx99JzF0qGVgpHRNqWk0nXBfnWVlPTIjJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD1DUFE2NVu6UFE2NVu6QWZZZUJFTxI0Q2qBQUFBQUFBQUFBnWqBQUFHZzqBZ0qzQUEznXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2MmxjMDAlMTY4NwpzqWyxPVNyn2yhZG9TUGkurWVlNwFvMTI4OTt4NmywMlZjqWJVpzj9nHR0pHMyM0EyMxYyMxZvpzyanHRmnWRyYzVuqXR5LzNioSUlRvZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Requested by: Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:16 GMT
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="pixel.gif"
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
BLOB 200
OK 9b83e9eb-e346-4947-94c5-44b2c716b149
https://brightsidebeauty.com/ 65 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://brightsidebeauty.com/9b83e9eb-e346-4947-94c5-44b2c716b149
Requested by: Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 66258
Content-Type: text/javascript

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 92EE 0
42 B 62ms
12ms Script
text/plain 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=50735764&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61b128987dc74%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3DCPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:14 GMT
content-length: 0

GET csync
sync.console.adtarget.com.tr/ Frame BEC0 0
0

GET

csync
sync.console.adtarget.com.tr/ Frame C370
Redirect Chain

https://creativecdn.com/cm-notify?pi=admatic
https://creativecdn.com/cm-notify?pi=admatic&tc=1
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=ykbteRHR5uNccFxRUTdF&pi=admatic&tc=1

0
0

GET
H2

200

/ Show response
ads.us.e-planning.net/uspd/1/ Frame A170
Redirect Chain

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID

13 B
91 B

22ms
22ms

Document
text/html

5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.console.adtarget.com.tr/

Response headers

server: openresty
date: Wed, 08 Dec 2021 21:50:17 GMT
content-type: text/html
content-length: 13
x-sid: AMS-610

Redirect headers

server: openresty
date: Wed, 08 Dec 2021 21:50:16 GMT
content-type: text/html; charset=iso-8859-1
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
x-sid: AMS-610

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame A392 14 KB
5 KB 9ms
9ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.console.adtarget.com.tr/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=89109
expires: Thu, 09 Dec 2021 22:35:25 GMT
date: Wed, 08 Dec 2021 21:50:16 GMT
vary: Accept-Encoding

GET
H2 200 pbsync.html Show response
js.adscale.de/ Frame C159 3 KB
2 KB 74ms
25ms Document
text/html 2600:9000:224a:6c00:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:6c00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.console.adtarget.com.tr/

Response headers

content-type: text/html
last-modified: Mon, 06 Dec 2021 15:37:56 GMT
x-amz-version-id: 6Aq591PsFKZg.nhWoLRNYsxuGl0lv087
server: AmazonS3
content-encoding: br
date: Wed, 08 Dec 2021 21:38:02 GMT
cache-control: max-age=7200
etag: W/"5550fca00caf055568d6ced373f2721f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1f16598f51b4c33e5f56e49ea72a6155.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: QOBjljzeXZUxwXE3yXHP_pVyhM3wyakJSeMl2zLn2cW_OLtXuNEpcw==
age: 735

GET
H2 200 cookie Show response
cm.adform.net/ Frame FD53 43 B
106 B 260ms
50ms Document
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.console.adtarget.com.tr/

Response headers

server: nginx
date: Wed, 08 Dec 2021 21:50:17 GMT
content-type: image/gif
content-length: 43

GET
H2 200 user Show response
cdn.admatic.com.tr/ Frame 4FE2 251 B
643 B 106ms
9ms Document
text/html 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admatic.com.tr/user
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://s.console.adtarget.com.tr/

Response headers

date: Wed, 08 Dec 2021 21:50:17 GMT
content-type: text/html
vary: Accept-Encoding
server: BunnyCDN-DE1-756
cdn-pullzone: 266102
cdn-uid: bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode: GB
cdn-edgestorageid: 756
cdn-storageserver: DE-169
cache-control: public, max-age=3600
cdn-fileserver: 141
last-modified: Thu, 11 Feb 2021 13:30:42 GMT
cdn-cachedat: 2021-12-07 16:45:31
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-requestid: 50ecce9679c6e900fac2fe1d4da20139
cdn-status: 200
cdn-cache: HIT
content-encoding: gzip

GET csync
sync.console.adtarget.com.tr/ Frame B395 0
0

GET
H2 200 w_480_00001.ts Show response
video.primis.tech/uploads/cn23/video/users/hls/30760/video_60bde16905eb1927747393/vid61ae287194b82233302198.mp4/ 418 KB
419 KB 19ms
18ms XHR
video/mp2t 185.167.96.211
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn23/video/users/hls/30760/video_60bde16905eb1927747393/vid61ae287194b82233302198.mp4/w_480_00001.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 25e6ff57a01d815ad98556adafca728d61167696921c80dbcd295822e18faef4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:16 GMT
via: 1.1 033b4b0cfe185be090def702a6a129aa.cloudfront.net (CloudFront)
x-amz-cf-pop: WAW50-C1
content-length: 428264
last-modified: Mon, 06 Dec 2021 15:13:41 GMT
server: Tengine
etag: "e7ee63bb92625919b4de1d81f436961b"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
x-proxy-cache: HIT
accept-ranges: bytes
x-amz-cf-id: Nhb_RJGmb2MXhdpf5LJiPT3_Uga6wJTkV9poU13jrykBZ7eICHfhYQ==
expires: Wed, 22 Dec 2021 21:50:16 GMT

GET
H2

200

uu Show response
ih.adscale.de/ Frame C159
Redirect Chain

https://ih.adscale.de/uu?cbfn=receive&t=1639000217
https://ih.adscale.de/uu?cbfn=receive&t=1639000217&nut&uu=90531d837b284e6193005823f7b5b425

44 B
214 B

15ms
15ms

Script
text/javascript

3.126.247.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/uu?cbfn=receive&t=1639000217&nut&uu=90531d837b284e6193005823f7b5b425
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol: H2
Server: 3.126.247.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-247-238.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 77dd27942ef0f7cd04690df7ebe49646d63898e0eab477f029d0167742994600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:17 GMT
content-length: 44
content-type: text/javascript;charset=ISO-8859-1

Redirect headers

location: https://ih.adscale.de/uu?cbfn=receive&t=1639000217&nut&uu=90531d837b284e6193005823f7b5b425
date: Wed, 08 Dec 2021 21:50:17 GMT
content-length: 0

GET
H2 200 w_480_00002.ts Show response
video.primis.tech/uploads/cn23/video/users/hls/30760/video_60bde16905eb1927747393/vid61ae287194b82233302198.mp4/ 495 KB
496 KB 18ms
18ms XHR
video/mp2t 185.167.96.211
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn23/video/users/hls/30760/video_60bde16905eb1927747393/vid61ae287194b82233302198.mp4/w_480_00002.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 7d24f8b769f1cf9a9c28fa99f8c71ca3d23263a248dd967508a7ce184a268e0d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:17 GMT
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
content-length: 506660
last-modified: Mon, 06 Dec 2021 15:13:41 GMT
server: Tengine
etag: "1cfa70b9621f5b16deaade768a1e33d0"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
x-proxy-cache: HIT
accept-ranges: bytes
x-amz-cf-id: -m5Bu7tDsAJkr0aR8a5m-EoElgEgyCyhPEKLfbbRJ0_UauMV1P-UmQ==
expires: Wed, 22 Dec 2021 21:50:17 GMT

GET
H2 200 bundle.js Show response
cdn.admatic.com.tr/user/ Frame 4FE2 54 KB
20 KB 53ms
53ms Script
application/javascript 89.187.169.47
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admatic.com.tr/user/bundle.js
Requested by: Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-89-187-169-47.cdn77.com
Software: BunnyCDN-DE1-756 /
Resource Hash: 8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.admatic.com.tr/user
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:17 GMT
content-encoding: br
cdn-edgestorageid: 756
cdn-fileserver: 141
cdn-storageserver: DE-51
cdn-cachedat: 2021-08-12 13:48:34
cdn-pullzone: 266102
last-modified: Fri, 12 Mar 2021 04:24:48 GMT
server: BunnyCDN-DE1-756
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control: public, max-age=3600
cdn-requestid: ac26a5651030b6bc675f3f09dcadbaa3
cdn-requestcountrycode: GB
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 userconnect.js Show response
js.adscale.de/ Frame C159 14 KB
5 KB 23ms
23ms Script
application/javascript 2600:9000:224a:6c00:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/userconnect.js
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:6c00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: .aJwg_KmjGd9NAOcsIdaU7E4wOJILkbc
content-encoding: br
last-modified: Mon, 06 Dec 2021 15:37:56 GMT
server: AmazonS3
age: 2055
etag: W/"98f37b242862929d9aef4bde91abc8ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f16598f51b4c33e5f56e49ea72a6155.cloudfront.net (CloudFront)
cache-control: max-age=7200
date: Wed, 08 Dec 2021 21:16:03 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: Gygx5SW1lqrkqrXvccWxrurCRuiY9LaN_UsHZpSKyR5nWl4sR9Pnlw==

GET csync
sync.console.adtarget.com.tr/ Frame C159 0
0

GET
H2 200 userconnect Show response
ih.adscale.de/ Frame C159 149 B
224 B 8ms
8ms Script
application/javascript 3.126.247.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1639000217097&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.247.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-247-238.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://js.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:17 GMT
content-length: 149
content-type: application/javascript

GET
H2 200 map Show response
ih.adscale.de/ Frame 740A 2 KB
3 KB 11ms
11ms Document
text/html 3.126.247.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.247.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-247-238.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 94c773d5860e7fb2b2ba958522c0a24b2110ba5bc556a56d5670e000638cad5f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js.adscale.de/

Response headers

date: Wed, 08 Dec 2021 21:50:17 GMT
content-type: text/html;charset=ISO-8859-1
content-length: 2442

GET
H2 200 user Show response
ads3.admatic.com.tr/ Frame 4FE2 75 B
442 B 344ms
51ms XHR
application/json 188.132.147.227
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ads3.admatic.com.tr/user
Requested by: Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.132.147.227 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS: static-227-147-132-188.sadecehosting.net
Software: AdMatic / AdMatic
Resource Hash: 43e1b27a116aa5c93523f27220430d2d6d3b96df63e4b0a562cec39ed6ed5535

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.admatic.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 21:50:17 GMT
content-encoding: br
server: AdMatic
x-powered-by: AdMatic
vary: Origin,Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://cdn.admatic.com.tr
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 79

GET
H2 200 w_480_00003.ts Show response
video.primis.tech/uploads/cn23/video/users/hls/30760/video_60bde16905eb1927747393/vid61ae287194b82233302198.mp4/ 469 KB
470 KB 22ms
22ms XHR
video/mp2t 185.167.96.211
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn23/video/users/hls/30760/video_60bde16905eb1927747393/vid61ae287194b82233302198.mp4/w_480_00003.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 210a2692d84ad74b15153cd476d738cda15232a820ef4d1df2c8f8ffe509ec81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:17 GMT
via: 1.1 5d40d4ac7c3a1e18748166636540091f.cloudfront.net (CloudFront)
x-amz-cf-pop: WAW50-C1
content-length: 479964
last-modified: Mon, 06 Dec 2021 15:13:41 GMT
server: Tengine
etag: "db5760dc9e7fe77a7e0e874c98cda9f3"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
x-proxy-cache: HIT
accept-ranges: bytes
x-amz-cf-id: 4au_U3SS7nT9i3Nq0ONcvqThoAWiu9RxzIqbxFuuaLaIyZlEfk6Amw==
expires: Wed, 22 Dec 2021 21:50:17 GMT

GET
H2 200 match.js Show response
js.adscale.de/ Frame 740A 4 KB
2 KB 10ms
9ms Script
application/javascript 2600:9000:224a:6c00:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/match.js
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:6c00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: fd5SxP75_inNwuwuiiECHv1D808VkMYU
content-encoding: gzip
last-modified: Mon, 06 Dec 2021 15:37:56 GMT
server: AmazonS3
age: 736
etag: W/"b75124846aec28a28b7a3441813682d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1f16598f51b4c33e5f56e49ea72a6155.cloudfront.net (CloudFront)
cache-control: max-age=7200
date: Wed, 08 Dec 2021 21:38:02 GMT
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: 7vKRaY7Igm-KeU7vfAmq3ZNtXj4vYBKHmhIR3EInLy49eoisVN6Uwg==

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 740A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=720b06df2c94f3ac5342154...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=f4e461b1-2899-4700-95fc-71dd7a7edd45&gdpr=0&gdpr_consent=

49 B
539 B

25ms
25ms

Image
image/gif

3.126.247.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=f4e461b1-2899-4700-95fc-71dd7a7edd45&gdpr=0&gdpr_consent=
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 3.126.247.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-247-238.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:17 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Date: Wed, 08 Dec 2021 21:50:17 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x29 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=f4e461b1-2899-4700-95fc-71dd7a7edd45&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 08 Dec 2021 21:50:16 GMT

GET
H2 200 w_480_00004.ts Show response
video.primis.tech/uploads/cn23/video/users/hls/30760/video_60bde16905eb1927747393/vid61ae287194b82233302198.mp4/ 304 KB
305 KB 14ms
14ms XHR
video/mp2t 185.167.96.211
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn23/video/users/hls/30760/video_60bde16905eb1927747393/vid61ae287194b82233302198.mp4/w_480_00004.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 88834cc64e6fc467066c2d59fc25aa3a7b94f6a595ed8124a7f7a310f1456112

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:17 GMT
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfb.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
content-length: 311704
last-modified: Mon, 06 Dec 2021 15:13:41 GMT
server: Tengine
etag: "16e36074594da3326c72fe304ec0e79f"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
x-proxy-cache: HIT
accept-ranges: bytes
x-amz-cf-id: HNuGWRpX1L4gXCIiegqQE_u3iEvDE6iudHqgwHjHcO_T8ilh1rP7Wg==
expires: Wed, 22 Dec 2021 21:50:17 GMT

GET
H2

200

img
ih.adscale.de/sium/3114d99d1da446c08aae6ae34b48c60d/1639000217118/0/ Frame 740A
Redirect Chain

https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F3114d99d1da446c08aae6ae34b48c60d%2F1639000217118%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
https://ih.adscale.de/sium/3114d99d1da446c08aae6ae34b48c60d/1639000217118/0/img?tpid=75&tpuid=1265845017761304857&gdpr=0

49 B
549 B

14ms
14ms

Image
image/gif

3.126.247.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/3114d99d1da446c08aae6ae34b48c60d/1639000217118/0/img?tpid=75&tpuid=1265845017761304857&gdpr=0
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 3.126.247.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-247-238.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:17 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 08 Dec 2021 21:50:17 GMT
X-Proxy-Origin: 91.199.118.78; 91.199.118.78; 886.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 551e2628-5d8c-40e3-af94-ec64fbb36a7a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ih.adscale.de/sium/3114d99d1da446c08aae6ae34b48c60d/1639000217118/0/img?tpid=75&tpuid=1265845017761304857&gdpr=0
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 w_480_00005.ts Show response
video.primis.tech/uploads/cn23/video/users/hls/30760/video_60bde16905eb1927747393/vid61ae287194b82233302198.mp4/ 378 KB
379 KB 26ms
26ms XHR
video/mp2t 185.167.96.211
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn23/video/users/hls/30760/video_60bde16905eb1927747393/vid61ae287194b82233302198.mp4/w_480_00005.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.167.96.211 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 15b7e255ff24ff3583dd150fb5ec0f70434ddd2965c4e596dfc8c0d12360a138

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:17 GMT
via: 1.1 af49d962d25539f633834af35e0ac9d1.cloudfront.net (CloudFront)
x-amz-cf-pop: WAW50-C1
content-length: 387468
last-modified: Mon, 06 Dec 2021 15:13:41 GMT
server: Tengine
etag: "1940d7cc9278fe3c8153fe585b7df28c"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=1209600
x-proxy-cache: HIT
accept-ranges: bytes
x-amz-cf-id: ia-uPGlx3yy31RWsLxpz6AP_kFVZTGBTsA658qgIoI9iRQZpIzY3Gg==
expires: Wed, 22 Dec 2021 21:50:17 GMT

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 740A
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=81e5984722a047686cfb84974...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YbEomC27KPxYSV6pP0QfuwAA%261194

49 B
568 B

9ms
9ms

Image
image/gif

3.126.247.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YbEomC27KPxYSV6pP0QfuwAA%261194
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 3.126.247.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-247-238.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:17 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 08 Dec 2021 21:50:17 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YbEomC27KPxYSV6pP0QfuwAA%261194
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 310
Expires: Wed, 08 Dec 2021 21:50:17 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 1E43 375 KB
124 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b666cd4fde0554c6dbd946339abca10c1aba4fd4ebebc434e7fe38aa32b301e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126530
x-xss-protection: 0
expires: Wed, 08 Dec 2021 21:50:17 GMT

GET
H2 200 new Show response
ads3.admatic.com.tr/user/ Frame 4FE2 169 B
313 B 52ms
52ms XHR
application/json 188.132.147.227
SH

General

Check archive.org

Show headers Download Go to

Full URL: https://ads3.admatic.com.tr/user/new
Requested by: Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.132.147.227 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS: static-227-147-132-188.sadecehosting.net
Software: AdMatic / AdMatic
Resource Hash: c320d3837ff62814b17e9448d440f7e47ffb88dce34af4526f3d91ab45ddaf29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.admatic.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 21:50:17 GMT
content-encoding: br
etag: TgYFb5pNImk02XjMufMF4j0qvT575Oafm5bQ-7JTdThX8fgtTHxT6cuxIT6r3W20ZHZ8HUvCiuLl7QQlmfQv7Q
last-modified: Wed, 08 Dec 2021 22:50:17 GMT
server: AdMatic
x-powered-by: AdMatic
vary: Origin,Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://cdn.admatic.com.tr
cache-control: no-cache
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 173

GET
H2

200

img
ih.adscale.de/sium/3114d99d1da446c08aae6ae34b48c60d/1639000217118/0/ Frame 740A
Redirect Chain

https://track.adform.net/serving/cookie/match/?party=9&uid=a38e9232fa73d5d4726f01eaade37265ea8ac09bfc5656a050123368dbcdb8fd&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3114d99d1da446c08aae6a...
https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=a38e9232fa73d5d4726f01eaade37265ea8ac09bfc5656a050123368dbcdb8fd&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3114d99d1da446c08...
https://ih.adscale.de/sium/3114d99d1da446c08aae6ae34b48c60d/1639000217118/0/img?tpid=42&gdpr=0&tpuid=8769971563696598714

49 B
579 B

12ms
11ms

Image
image/gif

3.126.247.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/3114d99d1da446c08aae6ae34b48c60d/1639000217118/0/img?tpid=42&gdpr=0&tpuid=8769971563696598714
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 3.126.247.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-247-238.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:17 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:17 GMT
server: nginx
location: https://ih.adscale.de/sium/3114d99d1da446c08aae6ae34b48c60d/1639000217118/0/img?tpid=42&gdpr=0&tpuid=8769971563696598714
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET csync
sync.console.adtarget.com.tr/ Frame 4FE2 0
0

GET
H3 200 bridge3.491.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame E587 596 KB
194 KB 28ms
12ms Document
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1edd14d473b4324cdc826ba38954236bc9ae02440f0a87a8406fb1cb0f8272a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 198240
date: Wed, 08 Dec 2021 06:43:36 GMT
expires: Thu, 08 Dec 2022 06:43:36 GMT
last-modified: Wed, 08 Dec 2021 06:40:51 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 54401
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 1E43 44 KB
17 KB 41ms
18ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 Dec 2021 21:50:17 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D745 37 KB
13 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:35:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 08 Dec 2021 22:35:06 GMT

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 740A
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=43137b86-318a-4c54-9588-bdf263335661&gdpr=0

49 B
602 B

10ms
9ms

Image
image/gif

3.126.247.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=43137b86-318a-4c54-9588-bdf263335661&gdpr=0
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 3.126.247.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-247-238.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:17 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:16 GMT
server: Kestrel
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=43137b86-318a-4c54-9588-bdf263335661&gdpr=0
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1083655
content-length: 0
expires: Wed, 08 Dec 2021 00:00:00 GMT

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 740A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=8a0d84d920e865b800a57ea5...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=f4e461b1-2899-4700-95fc-71dd7a7edd45&gdpr=0&gdpr_consent=

49 B
624 B

19ms
19ms

Image
image/gif

3.126.247.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=f4e461b1-2899-4700-95fc-71dd7a7edd45&gdpr=0&gdpr_consent=
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 3.126.247.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-247-238.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:17 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Date: Wed, 08 Dec 2021 21:50:17 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x26 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=f4e461b1-2899-4700-95fc-71dd7a7edd45&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 08 Dec 2021 21:50:16 GMT

GET
H2

200

js Show response
ih.adscale.de/sium/3114d99d1da446c08aae6ae34b48c60d/1639000217118/0/ Frame 740A
Redirect Chain

https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=37a6c47a7e0a2828cb469f2c8e2b0b35725015165b8c320101cf3e2999c20117&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3114d99d1da446...
https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=37a6c47a7e0a2828cb469f2c8e2b0b35725015165b8c320101cf3e2999c20117&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F3114d99d1da446...
https://ih.adscale.de/sium/3114d99d1da446c08aae6ae34b48c60d/1639000217118/0/js?tpid=48&tpuid=589c720d9fe662a657f07d9f58b86549

44 B
571 B

9ms
9ms

Script
text/javascript

3.126.247.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/sium/3114d99d1da446c08aae6ae34b48c60d/1639000217118/0/js?tpid=48&tpuid=589c720d9fe662a657f07d9f58b86549
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Server: 3.126.247.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-247-238.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: c69b7abf7b4259dd856dc326ff2012eb8b2288340a0021f4d1eb0192392612d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:17 GMT
p3p: CP=NOI PSA OUR
content-length: 44
content-type: text/javascript

Redirect headers

Date: Wed, 08 Dec 2021 21:50:17 GMT
Server: nginx
Vary: Accept
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://ih.adscale.de/sium/3114d99d1da446c08aae6ae34b48c60d/1639000217118/0/js?tpid=48&tpuid=589c720d9fe662a657f07d9f58b86549
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 147

POST
H2 200 sium Show response
ih.adscale.de/ Frame 740A 0
190 B 14ms
14ms XHR
application/json 3.126.247.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/sium
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.247.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-247-238.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ih.adscale.de
date: Wed, 08 Dec 2021 21:50:17 GMT
access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H3 303 ads Show response
pagead2.googlesyndication.com/gampad/ Frame E587 136 B
125 B 35ms
20ms XHR
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F21734706084%2C22379458505%2Fbajaca&description_url=https%3A%2F%2Fbrightsidebeauty.com%2F&env=vp&correlator=1239438834121037&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1&unviewed_position_start=1&cust_params=prmsig%3Dvbzacw&sdkv=h.3.491.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&addtl_consent=1~&sdki=44d&adk=2572659616&sdk_apis=2%2C8&sid=EFAB00B0-0ED4-4CB2-9B68-656C1897AA19&nel=1&eid=44750603&url=https%3A%2F%2Fbrightsidebeauty.com%2F&dlt=1639000216496&idt=1166&dt=1639000218066&scor=1210701045217779&ged=ve4_td2_tt0_pd2_la2000_er215.-2785.368.-2485_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.491.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 47ms
16ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbrightsidebeauty.com%2F&domain=brightsidebeauty.com&gdprString=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://brightsidebeauty.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://brightsidebeauty.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1503
date: Wed, 08 Dec 2021 21:50:17 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 1E43 2 B
348 B 45ms
16ms XHR
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbrightsidebeauty.com%2F&domain=brightsidebeauty.com&gdprString=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA&cw=1&lsw=1

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://brightsidebeauty.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 08 Dec 2021 21:50:18 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://brightsidebeauty.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1602
expires: 0

POST
H/1.1 200 212.json Show response
id5-sync.com/g/v2/ Frame 1E43 213 B
538 B 89ms
20ms XHR
application/json 51.195.5.231
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/212.json

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.195.5.231 , France, ASN16276 (OVH, FR),

Reverse DNS

p35.id5-sync.com

Software

Resource Hash

e07ead14b992d7b50211618b9077fc07c72d2fa77439f128c3b6f392a312f642

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://brightsidebeauty.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://brightsidebeauty.com
Date: Wed, 08 Dec 2021 21:50:10 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame 1E43 63 B
340 B 106ms
35ms XHR
application/json 63.35.242.195
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id?gdpr_applies=true&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.242.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-242-195.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 69a318adb9f79ec0074f41fe715a2cb236f30e80ad8fa8e73ca9c01f47313e71

Request headers

Referer: https://brightsidebeauty.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:18 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://brightsidebeauty.com
cache-control: no-cache
x-server: 10.45.2.98
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 1E43 109 B
546 B 100ms
32ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 7f125ec7b304ca78c4c90f4fc55a900a4dcb0c0e104ff003013214dec6269688

Request headers

Referer: https://brightsidebeauty.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Dec 2021 21:50:18 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://brightsidebeauty.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Fri, 07 Jan 2022 21:50:18 GMT

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame F299 926 B
1 KB 258ms
210ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html?gdpr=1&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/

Response headers

Date: Wed, 08 Dec 2021 21:50:18 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: iPstGbJhlxgMCe7lsVXtLEypYyOKkDn2mqeXjP2FnLddNwvtGutGb/0PmdZd22hle83e446WAmU=
x-amz-request-id: V80325JMP1JPC6YC
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: MISS
Expires: Wed, 08 Dec 2021 21:51:18 GMT
Cache-Control: public, max-age=60
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6ba93565ac766903-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame C213 2 KB
1 KB 131ms
7ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Wed, 08 Dec 2021 21:50:18 GMT
Connection: keep-alive

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame E805 0
35 B 27ms
18ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_6.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.221.0
date: Wed, 08 Dec 2021 21:50:18 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK auto-user-sync
ads.stickyadstv.com/ Frame 1E43 43 B
394 B 15ms
14ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA
Requested by: Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Dec 2021 21:50:18 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1639000218406023-560
Expires: Wed, 08 Dec 2021 21:50:18 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55953/ Frame 1E43
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
https://ups.analytics.yahoo.com/ups/55953/sync?uid=54065f06-30a1-4c42-9769-4afcb8034244&_origin=1&gdpr=1&gdpr_consent=

0
15 B

11ms
10ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55953/sync?uid=54065f06-30a1-4c42-9769-4afcb8034244&_origin=1&gdpr=1&gdpr_consent=

Requested by

Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:18 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ups.analytics.yahoo.com/ups/55953/sync?uid=54065f06-30a1-4c42-9769-4afcb8034244&_origin=1&gdpr=1&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 267

GET
H2

204

sync
ups.analytics.yahoo.com/ups/57304/ Frame 1E43
Redirect Chain

https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPd59955c5-5870-11ec-9396-064437addbfa
https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPd59955c5-5870-11ec-9396-064437addbfa&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBkNTk5NTVjNS01ODcwLTExZWMtOTM5Ni0wNjQ0MzdhZGRiZmE%3D
https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm=&google_hm=VVBkNTk5NTVjNS01ODcwLTExZWMtOTM5Ni0wNjQ0MzdhZGRiZmE%3D&google_tc=
https://pixel.advertising.com/ups/57304/sync?uid=CAESEJqerh8zGt2aj3nf-PfvvlU&google_cver=1
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEJqerh8zGt2aj3nf-PfvvlU&google_cver=1&apid=UPd59955c5-5870-11ec-9396-064437addbfa

0
20 B

10ms
10ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEJqerh8zGt2aj3nf-PfvvlU&google_cver=1&apid=UPd59955c5-5870-11ec-9396-064437addbfa

Requested by

Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/

Protocol

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:18 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEJqerh8zGt2aj3nf-PfvvlU&google_cver=1&apid=UPd59955c5-5870-11ec-9396-064437addbfa
date: Wed, 08 Dec 2021 21:50:18 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

204

sync
pixel.advertising.com/ups/55986/ Frame 1E43
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUS...
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7...
https://pixel.advertising.com/ups/55986/sync?uid=YbEomgAKmMyiPQBG&_origin=0&gdpr=1&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA&_test=YbEomgAKmMyiPQBG

0
124 B

9ms
9ms

Image
text/plain

18.158.154.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55986/sync?uid=YbEomgAKmMyiPQBG&_origin=0&gdpr=1&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA&_test=YbEomgAKmMyiPQBG

Requested by

Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/

Protocol

Server

18.158.154.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-154-136.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:18 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:18 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1639000219.576203,VS0,VE0
x-served-by: cache-fra19136-FRA
x-cache: HIT
location: https://pixel.advertising.com/ups/55986/sync?uid=YbEomgAKmMyiPQBG&_origin=0&gdpr=1&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA&_test=YbEomgAKmMyiPQBG
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

user
ads3.admatic.com.tr/ Frame 4FE2
Redirect Chain

https://x.bidswitch.net/sync?ssp=admatic
https://x.bidswitch.net/ul_cb/sync?ssp=admatic
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=admatic&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=admatic&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=93&user_id=54065f06-30a1-4c42-9769-4afcb8034244&expires=30&ssp=admatic&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=4b4db9b1-9dbf-45da-99b6-b41f5614bb79&dsp_uuid=&dsp_id=
https://ads3.admatic.com.tr/user?bsw_uuid=4b4db9b1-9dbf-45da-99b6-b41f5614bb79&dsp_uuid=&dsp_id=

35 B
82 B

48ms
48ms

Image
image/gif

188.132.147.227
SH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads3.admatic.com.tr/user?bsw_uuid=4b4db9b1-9dbf-45da-99b6-b41f5614bb79&dsp_uuid=&dsp_id=
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Server: 188.132.147.227 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS: static-227-147-132-188.sadecehosting.net
Software: AdMatic / AdMatic
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.admatic.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:18 GMT
server: AdMatic
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by: AdMatic
content-type: image/gif
cache-control: no-cache
timing-allow-origin: *
content-length: 35

Redirect headers

timing-allow-origin: *
date: Wed, 08 Dec 2021 21:50:18 GMT
location: https://ads3.admatic.com.tr/user?bsw_uuid=4b4db9b1-9dbf-45da-99b6-b41f5614bb79&dsp_uuid=&dsp_id=
x-powered-by: AdMatic
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://cdn.admatic.com.tr
cache-control: no-cache
access-control-allow-credentials: true
content-type: text/html; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 221

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 65BF 54 B
326 B 13ms
13ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA&d=https://brightsidebeauty.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Vary: Is-Traffic-Usersync
Content-Length: 54
Expires: Wed, 08 Dec 2021 21:50:18 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 08 Dec 2021 21:50:18 GMT
Connection: keep-alive

GET
H2 200 liveView.php
live.primis.tech/live/ 0
226 B 16ms
16ms Image
text/html 63.250.56.141
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTM2JaNypaZypyRcoWU9MTYmOTAjMDIkNvZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA4MTM1JaN0YT0jJat9NwxjJax9MmxjJaZcZF9jYXNmRG9gYWyhPWJlnWqbqHNcZGVvZWF1qHxhY29gJaN1YxyxPXVhZGVznW5yZF9vpzyanHRmnWRyYzVuqXR5LzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaVmZXJJpEFxZHI9OTEhMTx5LwEkOC43OCZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5Nv4jLwQ2NwQhNDUyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYkYwElODx4N2RwNmQzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PUNQUTY1WHcQUTY1WHcBZyyyQxVOQwRDZ0FBQUFBQUFBQUFcZ0FBQUqzZ0FaR2ZBQSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTYmOTAjMDIkODp3OSZ1nWQ9U2VenW5xo1NQoGF5ZXI2MWIkMwt5ODt3OWMmJaB1YyVloD1bqHRjplUmQSUlRvUlRzJlnWqbqHNcZGVvZWF1qHxhY29gJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Requested by: Host: brightsidebeauty.com
URL: https://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 63.250.56.141 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Dec 2021 21:50:18 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H2 200 v4_323303_10647.json Show response
player.adtelligent.com/prebidlink/2731667/ 196 KB
11 KB 10ms
10ms XHR
application/json 45.133.44.3
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/2731667/v4_323303_10647.json?cb=brightsidebeauty.com
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/455277/wrapper_hb_323303_10647.es6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: cffef6ab3b85b80364527dc7827817ee2f257b3cda68a348bd0599d78be7d303

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 08 Dec 2021 21:50:19 GMT
content-encoding: gzip
last-modified: Fri, 19 Nov 2021 11:21:45 GMT
server: nginx
etag: W/"619788c9-311d4"
content-type: application/json
access-control-allow-origin: https://brightsidebeauty.com
expires: Wed, 08 Dec 2021 22:50:19 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 44 B
331 B 39ms
15ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=109

Requested by

Host: fdyn.pubwise.io
URL: https://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://brightsidebeauty.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Dec 2021 21:50:19 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://brightsidebeauty.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 rid Show response
match.adsrvr.org/track/ 108 B
680 B 31ms
31ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=z9q9llu&fmt=json
Requested by: Host: fdyn.pubwise.io
URL: https://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e13380eedd0e475122a26a31c5528c65e77502f590638bd8dff9c475af325c50

Request headers

Referer: https://brightsidebeauty.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 08 Dec 2021 21:50:19 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://brightsidebeauty.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 108
expires: Fri, 07 Jan 2022 21:50:19 GMT

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 3024 0
0 348ms
113ms Document
text/plain 67.202.105.23
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dgJ9Gw4ler6OoEaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: fdyn.pubwise.io
URL: https://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip23.67-202-105.static.steadfastdns.net
Software: 33XP005 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/

Response headers

x-33x-status: 2000208
server: 33XP005
date: Wed, 08 Dec 2021 21:50:19 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 9BAA 52 KB
17 KB 38ms
6ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: fdyn.pubwise.io
URL: https://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://brightsidebeauty.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Sun, 05 Dec 2021 05:05:47 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 08 Dec 2021 21:50:19 GMT
Age: 69525
X-Served-By: cache-lga21939-LGA, cache-fra19147-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 1, 558490
X-Timer: S1639000220.842887,VS0,VE0
Vary: Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.adtelligent.com
URL: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=35b9753f-b9f4-4a03-b524-2709efbee35a

Domain: sync.adtelligent.com
URL: https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D

Domain: sync.console.adtarget.com.tr
URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}

Domain: sync.console.adtarget.com.tr
URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=ykbteRHR5uNccFxRUTdF&pi=admatic&tc=1

Domain: sync.console.adtarget.com.tr
URL: https://sync.console.adtarget.com.tr/csync?redir=

Domain: sync.console.adtarget.com.tr
URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=90531d837b284e6193005823f7b5b425

Domain: sync.console.adtarget.com.tr
URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=314221&extuid=Ty2oHcMi2L1FbL6Dah1S5pZoG6ij0jt639Mzv8F2yozCBEfHG9HyIdOxah0lWq2wTb1_YZ6Iu6RtXXOQDGq6GA

Verdicts & Comments Add Verdict or Comment

254 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.brightsidebeauty.com/	1970-01-20 01:28:09	Name: CountryCode Value: GB
.brightsidebeauty.com/	1970-01-20 01:28:09	Name: userFromEEA Value: true
.brightsidebeauty.com/	1970-01-20 08:02:16	Name: _pubcid Value: 9fd8e3db-f747-4887-af07-47a8af30fd5d
.brightsidebeauty.com/	1970-01-20 16:47:52	Name: _ga Value: GA1.2.2041026916.1639000216
.brightsidebeauty.com/	1970-01-19 23:18:06	Name: _gid Value: GA1.2.1274239407.1639000216
.brightsidebeauty.com/	1970-01-19 23:16:40	Name: _gat_gtag_UA_136605546_5 Value: 1
.brightsidebeauty.com/	1970-01-19 23:18:06	Name: __cmpconsentx13566 Value: CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA
.brightsidebeauty.com/	1970-01-19 23:18:06	Name: __cmpcccx13566 Value: aBPQ65XzAAACQAXABgAEIARQHAAAAA
.adtelligent.com/	1970-01-20 01:30:35	Name: vmuid Value: 2b255f8434f69bcf
.casalemedia.com/	1970-01-20 08:02:16	Name: CMID Value: YbEomC27KPxYSV6pP0QfuwAA
.casalemedia.com/	1970-01-20 01:26:16	Name: CMPS Value: 5229
.spotxchange.com/	1970-01-20 08:02:20	Name: audience Value: d490e8dc-5870-11ec-825b-1c5660560506
prebid.a-mo.net/	1970-01-20 08:02:16	Name: __amc Value: 1_1639000216_1639000216
.a-mo.net/	1970-01-20 08:02:16	Name: amuid2 Value: c82d3a73-b6b5-4da3-962a-1e6cc5131746
.adnxs.com/	1970-01-20 01:26:16	Name: uuid2 Value: 1265845017761304857
.casalemedia.com/	1970-01-20 01:26:16	Name: CMPRO Value: 1194
brightsidebeauty.com/	1970-01-19 23:59:52	Name: _pbjs_userid_consent_data Value: 2094461698618411
.creativecdn.com/	1970-01-20 08:02:16	Name: u Value: ykbteRHR5uNccFxRUTdF
.creativecdn.com/	1970-01-20 08:02:16	Name: ts Value: 1639000216
ads.us.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.adscale.de/	1970-01-20 07:58:56	Name: uu Value: 90531d837b284e6193005823f7b5b425
.mathtag.com/	1970-01-20 08:42:35	Name: uuid Value: f4e461b1-2899-4700-95fc-71dd7a7edd45
.ads3.admatic.com.tr/	1969-12-31 23:59:59	Name: ARRAffinity Value: a3afa4c7d8a1717c24f9e5c055497ba8e77c70734474352b729f4d8ad64748ce
.casalemedia.com/	1970-01-19 23:18:06	Name: CMST Value: YbEomGGxKJkA
.adform.net/	1970-01-20 00:01:18	Name: C Value: 1
.adform.net/	1970-01-20 00:43:04	Name: uid Value: 8769971563696598714
.criteo.com/	1970-01-20 08:38:16	Name: uid Value: 43137b86-318a-4c54-9588-bdf263335661
.adscale.de/	1970-01-20 07:58:56	Name: cct Value: 1639000217814
.m6r.eu/	1970-01-19 23:16:43	Name: test Value: true
.m6r.eu/	1970-01-20 01:26:16	Name: cct Value: 1639000217922
.m6r.eu/	1970-01-20 01:26:16	Name: id Value: 589c720d9fe662a657f07d9f58b86549
.ih.adscale.de/	1970-01-20 07:58:56	Name: tu Value: 4#3574702872#48~589c720d9fe662a657f07d9f58b86549~455277~0~0#101~~455277~455277~1#39~f4e461b1-2899-4700-95fc-71dd7a7edd45~455277~0~0#40~43137b86-318a-4c54-9588-bdf263335661~455277~0~0#42~8769971563696598714~455277~0~0#75~1265845017761304857~455277~0~0#108~f4e461b1-2899-4700-95fc-71dd7a7edd45~455277~0~0#63~YbEomC27KPxYSV6pP0QfuwAA&1194~455277~0~0
.bidswitch.net/	1970-01-20 08:02:16	Name: tuuid Value: 4b4db9b1-9dbf-45da-99b6-b41f5614bb79
.bidswitch.net/	1970-01-20 08:02:16	Name: c Value: 1639000218
.bidswitch.net/	1970-01-20 08:02:16	Name: tuuid_lu Value: 1639000218
.advertising.com/	1970-01-20 08:03:42	Name: APID Value: UPd59955c5-5870-11ec-9396-064437addbfa
.yahoo.com/	1970-01-20 08:02:37	Name: A3 Value: d=AQABBJoosWECEGw25-wXYriji385wREkeWIFEgEBAQF6smG7YQAAAAAA_eMAAA&S=AQAAAvMMAy40pbLc0ADD2VbloFE
.analytics.yahoo.com/	1970-01-20 08:03:42	Name: IDSYNC Value: 187s~21z9
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UPd59955c5-5870-11ec-9396-064437addbfa
.yahoo.com/	1970-01-19 23:18:06	Name: APIDTS Value: 1639000218
.adsrvr.org/	1970-01-20 08:02:16	Name: TDID Value: 54065f06-30a1-4c42-9769-4afcb8034244
brightsidebeauty.com/	1970-01-20 00:43:04	Name: pbjs-unifiedid_last Value: Wed%2C%2008%20Dec%202021%2021%3A50%3A18%20GMT
.brightsidebeauty.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1639086618539
.everesttech.net/	1970-01-20 08:02:16	Name: everest_g_v2 Value: g_surferid~YbEomgAKmMyiPQBG
.adsrvr.org/	1970-01-20 08:02:16	Name: TDCPM Value: CAESGAoJYmlkc3dpdGNoEgsI4JO1otinnToQBRgFIAEoAjILCJzj_s7up506EAU4AQ..
.doubleclick.net/	1970-01-20 08:38:16	Name: IDE Value: AHWqTUn0S_1xLFDVtKu0kHbjUTUT01z9ZfOtReg-GIa7cJd2ORxp1LfsntVJauSvCns
.ads4.admatic.com.tr/	1969-12-31 23:59:59	Name: ARRAffinity Value: 63f3e4fec5e4d982b9f6241478f6dc3d25eb506b9e7a317df6aa520374ebff30
brightsidebeauty.com/	1970-01-19 23:16:43	Name: _lr_retry_request Value: true
brightsidebeauty.com/	1970-01-19 23:59:52	Name: _lr_env_src_ats Value: false
brightsidebeauty.com/	1970-01-20 00:43:04	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%2254065f06-30a1-4c42-9769-4afcb8034244%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-11-08T21%3A50%3A19%22%7D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mb9eo-7w62j.ads.tremorhub.com/ad/tag?adCode=mb9eo-1uemv&playerWidth=339&playerHeight=191&srcPageUrl=https://brightsidebeauty.com/&supplyCode=mb9eo-7w62j&floor=USD:1.59&schain=1.0,1!primis.tech,28128,1,,,&transactionId=9ec06eb9-fc12-4660-a905-3c3f63d6c892&gdpr=1&gdpr_consent=CPQ65XzPQ65XzAfYeBENB4CgAAAAAAAAAAigAAAGfgAgGfAA&referrer=https%3A%2F%2Fbrightsidebeauty.com%2F&hb=1&fmt=json Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=109 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.console.adtarget.com.tr/csync?redir= Message: Failed to load resource: net::ERR_CONNECTION_RESET

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ads.adaptv.advertising.com
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
ads3.admatic.com.tr
ads4.admatic.com.tr
adscale-emea.adnxs.com
adx.adform.net
api.adinplay.com
api.pubwise.io
api.rlcdn.com
bid.pubwise.io
biddr.brealtime.com
brightsidebeauty.com
c.amazon-adsystem.com
cdn.admatic.com.tr
cdn.consentmanager.mgr.consensu.org
cdn.jsdelivr.net
cm.adform.net
cm.g.doubleclick.net
consentmanager.mgr.consensu.org
country.adinplay.workers.dev
csync.loopme.me
dis.criteo.com
dm.hybrid.ai
fdyn.pubwise.io
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
gum.criteo.com
hb.emxdgt.com
htlb.casalemedia.com
ib.adnxs-simple.com
ib.adnxs.com
id.crwdcntrl.net
id5-sync.com
ih.adscale.de
image6.pubmatic.com
imasdk.googleapis.com
js-sec.indexww.com
js.adscale.de
live.primis.tech
match.adsrvr.org
mb9eo-7w62j.ads.tremorhub.com
p.nodserving.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.rubiconproject.com
player.adtcdn.com
player.adtelligent.com
prebid.a-mo.net
prg.smartadserver.com
primis-d.openx.net
s.console.adtarget.com.tr
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
sync-tm.everesttech.net
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.mathtag.com
sync.search.spotxchange.com
track.adform.net
tracking.m6r.eu
u.openx.net
ups.analytics.yahoo.com
video.primis.tech
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
sync.adtelligent.com
sync.console.adtarget.com.tr
104.17.119.107
104.89.29.100
13.32.29.201
130.211.34.132
142.250.181.226
147.75.61.140
151.101.2.217
151.101.2.49
151.101.65.108
174.138.45.75
178.250.2.151
18.156.0.31
18.158.154.136
18.193.57.131
185.167.96.211
185.29.134.244
185.33.221.13
185.33.221.157
185.33.221.91
185.86.138.121
185.94.180.126
188.132.147.227
198.47.127.19
2.18.233.180
2.18.234.21
2.18.234.233
216.58.212.130
23.88.75.186
2600:1f18:612b:4264:d706:ca06:12eb:ef2b
2600:9000:224a:6c00:f:4f64:8940:93a1
2606:4700:3033::6815:45cd
2606:4700:3037::6815:3471
2606:4700:3108::ac42:28be
2606:4700::6810:5814
2a00:1450:4001:801::2002
2a00:1450:4001:801::2008
2a00:1450:4001:803::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2006
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2003
2a02:2638::1c
2a02:6ea0:c700::2
2a0c:5c81:5095:0:225:90ff:fefa:245d
2a0c:5c81:5142::2
3.126.247.238
34.107.161.123
34.120.133.55
34.149.20.76
35.156.121.212
35.158.25.241
35.244.159.8
35.71.131.137
37.157.4.23
37.157.4.25
37.18.16.23
37.252.172.123
45.133.44.3
45.133.44.4
5.178.65.245
51.195.5.231
63.250.56.141
63.35.242.195
67.202.105.23
69.173.144.139
72.251.244.142
87.230.98.74
89.187.169.47
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
081d38bd994b40da0280fa746085aca05c6ed9f3dcb01a9ba464b92acb059593
106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
156d0c25094a12d21b461b81bccff84a8edc7f50e3ccace638ab0973bf2a44a7
15b7e255ff24ff3583dd150fb5ec0f70434ddd2965c4e596dfc8c0d12360a138
174516643e80a949d5a4dc2796dd95745dfa284cb7d5a7333ad441ec898072aa
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7
1ded402aaa511b7551d5656f8c002570513926f884443e3d0e72354a6f574049
1edd14d473b4324cdc826ba38954236bc9ae02440f0a87a8406fb1cb0f8272a9
210a2692d84ad74b15153cd476d738cda15232a820ef4d1df2c8f8ffe509ec81
22257df5a3c00ec946612dab5f895acb7846bb120146076a284848d2d8cdd24b
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
25e6ff57a01d815ad98556adafca728d61167696921c80dbcd295822e18faef4
2799f3d0c27beed5ed6b3979d0da1514210583b1364d61357f2c62e95271301a
279cecab26033b84088f240a1957648fdd6f3e5d11603fcaa90e44c568eb54ea
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2af4c0c3d8ab0d34d430d5c07a6d99e74cd34ff88094060408373f604d7b6fc6
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a
3baf29b3c88d34a04bc84cb10de7d0ccd2ba7d19f591c44a8128869c221eb313
3bc61c6531f8a60ea9358cc4427063649b404652d816eb816a873b046fbafaa9
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f29550b363950a26ec1b1c7faab15c15736d233b0fc1b404c9cc443c120beec
40107500993134dc3e3da0221a1feff40fd4164d09760db3c4414146b2ad2550
418087feaa68e5be402fa18168cd35e77cceffc8b87e1831bda4168ddf4dd801
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43e1b27a116aa5c93523f27220430d2d6d3b96df63e4b0a562cec39ed6ed5535
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45fd8955c00c33097f377b7247062e4c683b11ba7ae0a72ddd3ccb1ef8b0195b
465460b23794cfb08c58a4efa6b053c7a20c60e904131021f57bb540fd1bd3c7
481b2fb6ea4f714f9b58e143ddb63f973e0fc1b14a4d8213517b4451644c9fae
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
554fea166a32002bacd88805756cd2bb3b94cac7cc50df464561265750a0bc26
55919a9d14c9cdd997faa1522ce99130c64058f42ff241d763fb31eb5fef3afc
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5d3ad858c11899b9f15d6a3a58875bea048d669c3b8d9cb87d34484d926610ec
5e33920d7f1fbf5fa6de9509acc0da78f9d6c63aa301c31e7246ce5650f24933
607f04c54bd2e89beecff5d88be29477e69f3f31db3a0c4347a9c25fbfb0a1e7
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd
6543c3a0306b9b80fd7b8d1cc3660b4b63f324e1f3c484262701c9145ebb1b97
65ad0a9fa9357a67a46f44e695703696c9fec4fbbb03c1cfd052cbedb697172c
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
69a318adb9f79ec0074f41fe715a2cb236f30e80ad8fa8e73ca9c01f47313e71
6a3a08e8e60a695d82656345a101f730276cf06852de6203ee09e95037cd1254
6a6c28a2bae4339f212ecd19e178a40e02a8f5cc7e40203633d6981353a0c6af
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e5ddcf6cf93482d7bf25de103974b2637c2234396dfe94c240e4ebb3d5521f6
71bde14adc417d6b42bb2602ac88479e355e122bae2c30c99247262e7a1f52af
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
73e80796df0f325249f01776635aecedb926aaa6df8404c66aedb6941f95d918
77dd27942ef0f7cd04690df7ebe49646d63898e0eab477f029d0167742994600
79c477880c3be27ed502f8465f505068363b8fa24f0ebc9a9f458ee2f789331c
7d24f8b769f1cf9a9c28fa99f8c71ca3d23263a248dd967508a7ce184a268e0d
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f125ec7b304ca78c4c90f4fc55a900a4dcb0c0e104ff003013214dec6269688
80e53c89e047a1e661eaefb8b9727490e3c9cb4e47e05e59c5cb5a90515b8f43
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
879053bd98fddbf00b4ef53fe5c2bc41226572b60cf92738ff7017db110c05b5
88834cc64e6fc467066c2d59fc25aa3a7b94f6a595ed8124a7f7a310f1456112
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8d1f9ef8fafbc796e5837a7b48e15b1e1de800b1ecd0c38843e508b734859ef2
8ee6e3fb0938946ff531932eb1d316a967c0a1cfdec8c9873e949ab24a1867ba
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
947dd8624842a892adc7ecc70ec3270e5792bb3cc509dd1ff5720f2f8fe66419
94c773d5860e7fb2b2ba958522c0a24b2110ba5bc556a56d5670e000638cad5f
951390bcfaccee7d73d88621882776f7f0b55799217f47d1feb0f339acb8f41a
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9d60ac0d334c77a039cad6f125f940635ff0043a610271fc0729d61cc9546401
a02009d2f95d79b62b95c6de12d6614bdb36bffa6d4e756db81ec1c51c5acc34
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
b0130bbc5f16f9c110a863c1f75cf2088d12c2f22aee181b3d3f5e0c9483924f
b02df6382da0493eaa1fb066a95520716ffffa71104de56540534cae66db176c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4043b0b8297e379bc559ab33b6ae9c7a9b4ef6519d3baee53270f0c0dd3d960
b62d26bd3c54945e7b9b6caf97daf251df89a6b3bb44764c69eb5a47390dbc22
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b666cd4fde0554c6dbd946339abca10c1aba4fd4ebebc434e7fe38aa32b301e6
b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c320d3837ff62814b17e9448d440f7e47ffb88dce34af4526f3d91ab45ddaf29
c69b7abf7b4259dd856dc326ff2012eb8b2288340a0021f4d1eb0192392612d1
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf35c9e8af47d8cd7233bebf1b785af16546782547f31501432cb7ad97d84714
cffef6ab3b85b80364527dc7827817ee2f257b3cda68a348bd0599d78be7d303
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2b8e7b79b49b513c33826b06ee25d973f856fc853c3db34edc020bcb4a34f67
d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af
d3fe97cb4bca37dce35a36b49b6b3b500a669b314a5c63aba860fd7cd624190d
d80e6ea9df9424538204a28acac644f0b4e0344d9e3285ef60c1da169372f931
d8a15dbd39c7bc437a54784e7083619b6f4c0c09f9360e65c6ccdc717c8741f0
d9ebb10628834281e863f10ef4d4a45d90e5b2fa2b42eab47b801cb161f60132
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e06f3a87d33fc03fea81993288073020a61ae273d364ed64536429b6432fb00a
e07ead14b992d7b50211618b9077fc07c72d2fa77439f128c3b6f392a312f642
e13380eedd0e475122a26a31c5528c65e77502f590638bd8dff9c475af325c50
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
eb359f1a05f0e6ba96b5f7f7dacefee911c962811e2c4fc4cf66d77c31bf6297
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
eee4cf12a666b414c57a7f3ad86679b3f8d3baeb0914c5f2ec68243d9375d881
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff0f30edfe7d5ae575620ed9e5a0081d355694dee00a0e5b80bd0bd1df1b57f4

brightsidebeauty.com Open in urlscan Pro 174.138.45.75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

160 Requests

86 %HTTPS

25 %IPv6

51 Domains

75 Subdomains

60 IPs

9 Countries

4397 kBTransfer

8918 kBSize

50 Cookies

2 Outgoing links

Page URL History

Redirected requests

160 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

brightsidebeauty.com Open in urlscan Pro
174.138.45.75 Public Scan

Screenshot
Live screenshot

Full Image

160
Requests

86 %
HTTPS

25 %
IPv6

51
Domains

75
Subdomains

60
IPs

9
Countries

4397 kB
Transfer

8918 kB
Size

50
Cookies

160 HTTP transactions
0 data transactions