brightsidebeauty.com Open in urlscan Pro
174.138.45.75 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://brightsidebeauty.com/
Effective URL:
http://brightsidebeauty.com/
Submission: On July 01 via manual (July 1st 2021, 1:36:09 pm UTC) from US

Summary HTTP 147 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 44 IPs in 8 countries across 43 domains to perform 147 HTTP transactions. The main IP is 174.138.45.75, located in North Bergen, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is brightsidebeauty.com.

This is the only time brightsidebeauty.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
11	174.138.45.75 174.138.45.75	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:f6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2	151.101.14.217 151.101.14.217	54113 (FASTLY) (FASTLY)
2	213.174.135.1 213.174.135.1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3033::6815:45cd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 ^_^) (CDN77 ^_^)
3	87.230.98.74 87.230.98.74	61157 (PLUSSERVE...) (PLUSSERVER-ASN1)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
29	194.146.38.205 194.146.38.205	41436 (CLOUDWEBM...) (CLOUDWEBMANAGE-EU)
3 4	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.6.70.212 52.6.70.212	14618 (AMAZON-AES) (AMAZON-AES)
6	136.144.59.88 136.144.59.88	54825 (PACKET) (PACKET)
1	34.107.161.123 34.107.161.123	15169 (GOOGLE) (GOOGLE)
1	130.211.34.132 130.211.34.132	15169 (GOOGLE) (GOOGLE)
2	65.9.86.127 65.9.86.127	16509 (AMAZON-02) (AMAZON-02)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2a0c:5c81:509... 2a0c:5c81:5095:0:225:90ff:fefa:245d	55081 (24SHELLS) (24SHELLS)
15	2600:9000:201... 2600:9000:2017:6000:1:6448:6d00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.121.79.35 3.121.79.35	16509 (AMAZON-02) (AMAZON-02)
1 1	162.55.6.211 162.55.6.211	24940 (HETZNER-AS) (HETZNER-AS)
5 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	185.33.221.14 185.33.221.14	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3 3	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 8	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1 2	46.249.52.249 46.249.52.249	50673 (SERVERIUS-AS) (SERVERIUS-AS)
3	2600:9000:20f... 2600:9000:20fc:5200:f:4f64:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
2	185.59.220.198 185.59.220.198	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a0c:5c81:513... 2a0c:5c81:5139::2	55081 (24SHELLS) (24SHELLS)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
3	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1 13	52.58.198.108 52.58.198.108	16509 (AMAZON-02) (AMAZON-02)
1 1	62.209.227.211 62.209.227.211	5588 (GTSCE GTS...) (GTSCE GTS Central Europe Antel Germany)
2 2	185.29.135.234 185.29.135.234	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 1	185.33.223.212 185.33.223.212	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	72.251.244.142 72.251.244.142	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1	67.202.110.21 67.202.110.21	32748 (STEADFAST) (STEADFAST)
2 2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	18.184.153.186 18.184.153.186	16509 (AMAZON-02) (AMAZON-02)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	216.52.2.19 216.52.2.19	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	2600:9000:205... 2600:9000:2057:a600:1:6448:6d00:93a1	16509 (AMAZON-02) (AMAZON-02)
147	44

11 174.138.45.75 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

brightsidebeauty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:f6b (United States)

ASN13335 (CLOUDFLARENET, US)

api.adinplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.212.162 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

fdyn.pubwise.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.174.135.1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:45cd (United States)

ASN13335 (CLOUDFLARENET, US)

country.adinplay.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.consentmanager.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 87.230.98.74 (Germany)

ASN61157 (PLUSSERVER-ASN1, DE)
PTR: ma5037422.psmanaged.com

consentmanager.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 194.146.38.205 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)

live.sekindo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
live.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.145 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.6.70.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-70-212.compute-1.amazonaws.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.161.123 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 123.161.107.34.bc.googleusercontent.com

bid.pubwise.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.34.132 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 132.34.211.130.bc.googleusercontent.com

api.pubwise.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.86.127 (United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (United States) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:2017:6000:1:6448:6d00:93a1 (United States)

ASN16509 (AMAZON-02, US)

video.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.79.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-79-35.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.6.211 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.211.6.55.162.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.14 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.65 (Amsterdam, Netherlands) 3 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 62.149.0.72 (Ukraine) 2 redirects

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.249.52.249 (Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20fc:5200:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.4.24 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.59.220.198 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-723.bunnyinfra.net

cdn.admatic.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

s.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.58.198.108 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-198-108.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.209.227.211 (Prague, Czech Republic) 1 redirects

ASN5588 (GTSCE GTS Central Europe Antel Germany, CZ)
PTR: bbnautid2.ibillboard.com

bbnaut.ibillboard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.135.234 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.212 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 819.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

adscale-emea.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.244.142 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)
PTR: tracking-failover-03.ams2.m6r.eu

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.110.21 (Crown Point, United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-110.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.153.186 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.19 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:a600:1:6448:6d00:93a1 (United States)

ASN16509 (AMAZON-02, US)

video.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	primis.tech live.primis.tech video.primis.tech	4 MB
16	adscale.de 1 redirects js.adscale.de ih.adscale.de	17 KB
11	brightsidebeauty.com brightsidebeauty.com	190 KB
8	consensu.org cdn.consentmanager.mgr.consensu.org consentmanager.mgr.consensu.org	102 KB
7	adnxs.com 5 redirects ib.adnxs.com secure.adnxs.com adscale-emea.adnxs.com acdn.adnxs.com	23 KB
7	adtelligent.com 2 redirects player.adtelligent.com s.adtelligent.com sync.adtelligent.com	3 KB
7	googleapis.com fonts.googleapis.com imasdk.googleapis.com	686 KB
6	googlesyndication.com pagead2.googlesyndication.com	37 KB
6	a-mo.net prebid.a-mo.net	1 KB
5	casalemedia.com 5 redirects ssum-sec.casalemedia.com ssum.casalemedia.com	4 KB
5	adtarget.com.tr s.console.adtarget.com.tr sync.console.adtarget.com.tr	3 KB
5	pubmatic.com 2 redirects ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com	11 KB
5	doubleclick.net 1 redirects securepubads.g.doubleclick.net	164 KB
4	gstatic.com fonts.gstatic.com	108 KB
4	pubwise.io fdyn.pubwise.io bid.pubwise.io api.pubwise.io	120 KB
3	adform.net 2 redirects cm.adform.net track.adform.net	1 KB
3	creativecdn.com 3 redirects creativecdn.com	998 B
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com	2 KB
2	advertising.com 2 redirects pixel.advertising.com	735 B
2	m6r.eu 2 redirects tracking.m6r.eu	1 KB
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	admatic.com.tr cdn.admatic.com.tr	21 KB
2	e-planning.net 1 redirects ads.us.e-planning.net	404 B
2	openx.net 2 redirects u.openx.net	694 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com	1 KB
2	amazon-adsystem.com c.amazon-adsystem.com	36 KB
2	33across.com ssc.33across.com ssc-cms.33across.com	645 B
2	google-analytics.com www.google-analytics.com	19 KB
2	adinplay.com api.adinplay.com	121 KB
1	rlcdn.com api.rlcdn.com	223 B
1	criteo.com 1 redirects dis.criteo.com	579 B
1	ibillboard.com 1 redirects bbnaut.ibillboard.com	550 B
1	trafmag.com t.trafmag.com	232 B
1	onetag-sys.com onetag-sys.com	818 B
1	2mdn.net s0.2mdn.net	17 KB
1	loopme.me 1 redirects csync.loopme.me	243 B
1	bidswitch.net x.bidswitch.net	146 B
1	sekindo.com live.sekindo.com	10 KB
1	workers.dev country.adinplay.workers.dev	679 B
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	googletagmanager.com www.googletagmanager.com	36 KB
0	adsrvr.org Failed match.adsrvr.org Failed
147	43

	Domain	Requested by
28	live.primis.tech	live.sekindo.com live.primis.tech brightsidebeauty.com
16	video.primis.tech	live.primis.tech brightsidebeauty.com
13	ih.adscale.de	1 redirects js.adscale.de ih.adscale.de
11	brightsidebeauty.com	brightsidebeauty.com
6	pagead2.googlesyndication.com	srcdoc imasdk.googleapis.com
6	prebid.a-mo.net	fdyn.pubwise.io
5	cdn.consentmanager.mgr.consensu.org	api.adinplay.com consentmanager.mgr.consensu.org brightsidebeauty.com
5	securepubads.g.doubleclick.net	1 redirects brightsidebeauty.com securepubads.g.doubleclick.net
4	sync.adtelligent.com	2 redirects s.adtelligent.com
4	imasdk.googleapis.com	live.primis.tech imasdk.googleapis.com
4	sync.console.adtarget.com.tr	s.console.adtarget.com.tr s.adtelligent.com js.adscale.de
4	ib.adnxs.com	3 redirects fdyn.pubwise.io
4	fonts.gstatic.com	fonts.googleapis.com
3	ssum.casalemedia.com	3 redirects
3	js.adscale.de	s.console.adtarget.com.tr js.adscale.de ih.adscale.de
3	creativecdn.com	3 redirects
3	consentmanager.mgr.consensu.org	api.adinplay.com brightsidebeauty.com
3	fonts.googleapis.com	brightsidebeauty.com live.primis.tech
2	ap.lijit.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	pixel.advertising.com	2 redirects
2	image2.pubmatic.com	2 redirects
2	tracking.m6r.eu	2 redirects
2	track.adform.net	2 redirects
2	sync.mathtag.com	2 redirects
2	cdn.admatic.com.tr	s.console.adtarget.com.tr cdn.admatic.com.tr
2	ads.us.e-planning.net	1 redirects s.console.adtarget.com.tr
2	ssum-sec.casalemedia.com	2 redirects
2	u.openx.net	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	ads.pubmatic.com	live.primis.tech s.console.adtarget.com.tr
2	c.amazon-adsystem.com	live.primis.tech c.amazon-adsystem.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	player.adtelligent.com	brightsidebeauty.com
2	fdyn.pubwise.io	brightsidebeauty.com
2	api.adinplay.com	brightsidebeauty.com api.adinplay.com
1	ssc-cms.33across.com	fdyn.pubwise.io
1	acdn.adnxs.com	fdyn.pubwise.io
1	api.rlcdn.com	fdyn.pubwise.io
1	dis.criteo.com	1 redirects
1	adscale-emea.adnxs.com	1 redirects
1	bbnaut.ibillboard.com	1 redirects
1	t.trafmag.com	s.adtelligent.com
1	onetag-sys.com	s.adtelligent.com
1	s0.2mdn.net	imasdk.googleapis.com
1	image6.pubmatic.com	ads.pubmatic.com
1	s.adtelligent.com	s.console.adtarget.com.tr
1	cm.adform.net	s.console.adtarget.com.tr
1	secure.adnxs.com	1 redirects
1	csync.loopme.me	1 redirects
1	x.bidswitch.net	brightsidebeauty.com
1	s.console.adtarget.com.tr	live.primis.tech
1	api.pubwise.io	fdyn.pubwise.io
1	bid.pubwise.io	fdyn.pubwise.io
1	ssc.33across.com	fdyn.pubwise.io
1	live.sekindo.com	brightsidebeauty.com
1	country.adinplay.workers.dev	api.adinplay.com
1	cdn.jsdelivr.net	api.adinplay.com
1	www.googletagmanager.com	brightsidebeauty.com
0	match.adsrvr.org Failed	fdyn.pubwise.io
147	60

This site contains links to these domains. Also see Links.

Domain
adinplay.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.adtelligent.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-28` - `2021-11-27`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-15` - `2021-08-15`	a year	crt.sh
1376624012.rsc.cdn77.org R3	`2021-06-29` - `2021-09-27`	3 months	crt.sh
consentmanager.mgr.consensu.org R3	`2021-05-04` - `2021-08-02`	3 months	crt.sh
brightsidebeauty.com R3	`2021-06-14` - `2021-09-12`	3 months	crt.sh
www.sekindo.com Go Daddy Secure Certificate Authority - G2	`2021-05-11` - `2021-11-28`	7 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
*.a-mo.net R3	`2021-05-11` - `2021-08-09`	3 months	crt.sh
bid.pubwise.io GTS CA 1D4	`2021-06-27` - `2021-09-25`	3 months	crt.sh
*.pubwise.io Sectigo RSA Domain Validation Secure Server CA	`2020-02-11` - `2022-02-18`	2 years	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-31` - `2021-08-23`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
s.console.adtarget.com.tr ZeroSSL ECC Domain Secure Site CA	`2021-06-02` - `2021-08-31`	3 months	crt.sh
*.primis.tech Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-07` - `2021-08-30`	3 months	crt.sh
sync.console.adtarget.com.tr R3	`2021-06-01` - `2021-08-30`	3 months	crt.sh
ads.us.e-planning.net R3	`2021-05-24` - `2021-08-22`	3 months	crt.sh
*.adscale.de Amazon	`2020-09-06` - `2021-10-06`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-15`	a year	crt.sh
cdn.admatic.com.tr R3	`2021-06-29` - `2021-09-27`	3 months	crt.sh
s.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-06-06` - `2021-09-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-31` - `2021-08-23`	3 months	crt.sh
onetag-sys.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
sync.adtelligent.com R3	`2021-06-05` - `2021-09-03`	3 months	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2021-06-10` - `2022-06-22`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh

This page contains 25 frames:

Primary Page: http://brightsidebeauty.com/
Frame ID: B1943DAC753AEFE8704BB3F6CF9E5373
Requests: 75 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=103592&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&subId=[SUBID_ENCODED]&vp_content=plembed1e38pvqlxoum&vp_template=8166&subId=undefined&csuuid=60ddc4b31d58b&r_csuuid=1&cbuster=1625146547&pubUrlAuto=http%3A%2F%2Fbrightsidebeauty.com%2F&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=100&floatHorizontalOffset=1&floatCloseBtn=1&flowMode=seenboth&flowCloseButtonPosition=right
Frame ID: D2A712EBA74CE93122D45C1AD3C5319C
Requests: 18 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: EE9505ACECB0162F3042DFF0A63AE041
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=CPIqa8APIqa8AAfYeBENBgCgAAAAAAAAAAigAAAAAAAA&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60ddc4b31d58b%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3DCPIqa8APIqa8AAfYeBENBgCgAAAAAAAAAAigAAAAAAAA
Frame ID: 878A08CC1C3646701E9EDD04F3EFF748
Requests: 2 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=60ddc4b31d58b&pixel=&advId=94&advUuid=3e56efae-da71-11eb-badc-1e875f050506
Frame ID: 2B568D274211904433810176821ABD79
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=60ddc4b31d58b&pixel=&advId=98&advUuid=8313fdce-5b86-4a66-aeac-773b4928b01a
Frame ID: 0BA8DD9ACFC6029A712E93B6D06DF819
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: F5B5772A4D89CD1BAC20333F358EF424
Requests: 2 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=cC8idHA1ocr1FcczqPb8&pi=admatic&tc=1
Frame ID: D2D7001475B990A424D68A966F4A582C
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: 93C2B3C7DA9AE048855A165203A1B660
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: 7680EE9E198F29D1E9E99D13019FE695
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: A104BE074160A9E984368E33245A1CF9
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 74B3127BC3BAD94F9A799C3C47592C30
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: E0C9D51A940C1C534B90A4EFF30146F3
Requests: 2 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=609724
Frame ID: 06126FF3A99CD9D4D2CBB8EB511043D2
Requests: 4 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.469.0_en.html
Frame ID: DCE596FF133B87C5F4C4AE85E187C08F
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: A0B7D40BC71274C307D6CB7C06F0ACD5
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307355&extuid=cC8idHA1ocr1FcczqPb8&pi=adtelligent
Frame ID: 88D4AE6EA50D61BD8CCD701F49D84D5D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 63A8F6B2C08C87D389880BD097E8375A
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: 331926D30AE762E38C29E813CEA52730
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 42FD8BE8A20B56A69B32C643895E24C0
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dgJ9Gw4ler6OoEaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Frame ID: D9F7A03A2309AC6A0F9DCD0853F2E9AE
Requests: 1 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.469.0_en.html
Frame ID: 180BFA72B5473E04597AC736D2F3310E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A8264A6129E52ECD80AD1AD36F0DB626
Requests: 1 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.469.0_en.html
Frame ID: D8EE8BD3485F1DA51F46649BE03BDCAB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1D02E4FEE44C3BC3E938644E713B5381
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

147
Requests

84 %
HTTPS

31 %
IPv6

43
Domains

60
Subdomains

44
IPs

8
Countries

5376 kB
Transfer

9480 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://adinplay.com/privacy-and-cookies-policy/#cmpnoscreen
Title: Learn more

Search URL Search Domain Scan URL

URL: https://adinplay.com/?utm_source=publishers&utm_medium=cmp

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

http://player.adtelligent.com/prebidlink/451429/hb_307449_7284.js HTTP 307
https://player.adtelligent.com/prebidlink/451429/hb_307449_7284.js

Request Chain 14

http://securepubads.g.doubleclick.net/tag/js/gpt.js HTTP 301
https://securepubads.g.doubleclick.net/tag/js/gpt.js

Request Chain 15

http://player.adtelligent.com/prebidlink/451429/wrapper_hb_307449_7284.js HTTP 307
https://player.adtelligent.com/prebidlink/451429/wrapper_hb_307449_7284.js

Request Chain 54

https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60ddc4b31d58b%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60ddc4b31d58b%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=3e56efea-da71-11eb-badc-1e875f050506 HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&csuuid=60ddc4b31d58b&pixel=&advId=94&advUuid=3e56efae-da71-11eb-badc-1e875f050506

Request Chain 55

https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60ddc4b31d58b%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60ddc4b31d58b%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&csuuid=60ddc4b31d58b&pixel=&advId=98&advUuid=8313fdce-5b86-4a66-aeac-773b4928b01a

Request Chain 70

https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60ddc4b31d58b%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
https://live.primis.tech/live/liveCS.php?source=external&csuuid=60ddc4b31d58b&pixel=&advId=93&advUuid=8d7ebdc8-07c0-4e3e-8e2a-d3004e4f1d14

Request Chain 71

https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60ddc4b31d58b%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60ddc4b31d58b%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1 HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&csuuid=60ddc4b31d58b&pixel=&advId=99&advUuid=YN3Es0q-pve9BaHfEUvzxAAABIgAAAIB

Request Chain 72

https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60ddc4b31d58b%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&csuuid=60ddc4b31d58b&pixel=&advId=105&advUuid=8943078721656408612

Request Chain 78

https://creativecdn.com/cm-notify?pi=admatic HTTP 302
https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=cC8idHA1ocr1FcczqPb8&pi=admatic&tc=1

Request Chain 79

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID HTTP 302
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID

Request Chain 94

https://creativecdn.com/cm-notify?pi=adtelligent HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=307355&extuid=cC8idHA1ocr1FcczqPb8&pi=adtelligent

Request Chain 95

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8943078721656408612

Request Chain 96

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=9e1be7ef4e3e92d8

Request Chain 97

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D322988%26extuid%3D%7Buid%7D HTTP 302
https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=9e1be7ef4e3e92d8

Request Chain 99

https://ih.adscale.de/uu?cbfn=receive&t=1625146547 HTTP 302
https://ih.adscale.de/uu?cbfn=receive&t=1625146547&nut&uu=c0b54bd5ca98460b908597335ccdb9cf

Request Chain 108

https://bbnaut.ibillboard.com/match/AdScale?partneruid=c0b54bd5ca98460b908597335ccdb9cf&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0859cc2e01fa48f4964fc01047bdbe36%2F1625146548173%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
https://ih.adscale.de/sium/0859cc2e01fa48f4964fc01047bdbe36/1625146548173/0/img?tpid=101&tpuid=BBID-01-02998605483007482-16328664

Request Chain 110

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=5f23cf9ef1bcd6e2410f793b95e4bd0b23f209e4f3c28e51c371eae948c922ea&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0859cc2e01fa48f4964fc01047bdbe36%2F1625146548173%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=3f5b60dd-c4b4-4a00-926c-197e740d6ff5&gdpr=0&gdpr_consent=

Request Chain 114

https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F0859cc2e01fa48f4964fc01047bdbe36%2F1625146548173%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
https://ih.adscale.de/sium/0859cc2e01fa48f4964fc01047bdbe36/1625146548173/0/img?tpid=75&tpuid=8943078721656408612&gdpr=0

Request Chain 115

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=c0f492666c965e085b89056a26176ea70e9ffb50d850d5e0aa0397b83679d1fc&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0859cc2e01fa48f4964fc01047bdbe36%2F1625146548173%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YN3Es0q.pve9BaHfEUvzxAAA%261160

Request Chain 116

https://track.adform.net/serving/cookie/match/?party=9&uid=b2935625a8e875f8088e2dbfce18361ae97c3d2af73e406870ebd57bcc88f970&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0859cc2e01fa48f4964fc01047bdbe36%2F1625146548173%2F0%2Fimg&gdpr=0 HTTP 302
https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=b2935625a8e875f8088e2dbfce18361ae97c3d2af73e406870ebd57bcc88f970&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0859cc2e01fa48f4964fc01047bdbe36%2F1625146548173%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/0859cc2e01fa48f4964fc01047bdbe36/1625146548173/0/img?tpid=42&gdpr=0&tpuid=7949445556896655890

Request Chain 117

https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=80807b2a45cb782d4d7bdb528a0670096ace04ad84baff08f55d9103fe7e3b18&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0859cc2e01fa48f4964fc01047bdbe36%2F1625146548173%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=a5ec5046-dc3b-47d6-b45b-d43765afc9a0

Request Chain 118

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=d586207633e17c92c8ba31935057bea5ded6c8d77d831a5587840ed6091f4bdf&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0859cc2e01fa48f4964fc01047bdbe36%2F1625146548173%2F0%2Fimg&gdpr=0 HTTP 302
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=e41860dd-c4b5-4600-a0fc-4b57437d8163&gdpr=0&gdpr_consent=

Request Chain 119

https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=5c55ca2500a0991daf0d0e6cf729c8a11ec2c3edd40e8c7820f29212e385b9b2&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0859cc2e01fa48f4964fc01047bdbe36%2F1625146548173%2F0%2Fjs&gdpr=0 HTTP 302
https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=5c55ca2500a0991daf0d0e6cf729c8a11ec2c3edd40e8c7820f29212e385b9b2&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0859cc2e01fa48f4964fc01047bdbe36%2F1625146548173%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
https://ih.adscale.de/sium/0859cc2e01fa48f4964fc01047bdbe36/1625146548173/0/js?tpid=48&tpuid=733ba7ea69c5f9579183ef650c014896

Request Chain 126

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D72ce48ca-13f3-4c47-8c15-dd1ae63523d1%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D72ce48ca-13f3-4c47-8c15-dd1ae63523d1%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
https://prebid.a-mo.net/setuid?A=72ce48ca-13f3-4c47-8c15-dd1ae63523d1&D=&bidder=pubmatic&uid=0E9DD495-2110-4675-9123-1007426CB04B

Request Chain 127

https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=72ce48ca-13f3-4c47-8c15-dd1ae63523d1 HTTP 302
https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=72ce48ca-13f3-4c47-8c15-dd1ae63523d1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=72ce48ca-13f3-4c47-8c15-dd1ae63523d1&apid=UP4047d0df-da71-11eb-913c-061b755ca63a HTTP 302
https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=72ce48ca-13f3-4c47-8c15-dd1ae63523d1&apid=UP4047d0df-da71-11eb-913c-061b755ca63a&verify=true HTTP 302
https://prebid.a-mo.net/setuid/verizon_video?uid=UP4047d0df-da71-11eb-913c-061b755ca63a&gdpr=0&gdpr_consent=

Request Chain 128

https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D72ce48ca-13f3-4c47-8c15-dd1ae63523d1%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D72ce48ca-13f3-4c47-8c15-dd1ae63523d1%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1 HTTP 302
https://prebid.a-mo.net/setuid?A=72ce48ca-13f3-4c47-8c15-dd1ae63523d1&D=&bidder=index_rtb&uid=YN3EtvhbvXS5ZdksAlOZVQAA%261112

Request Chain 129

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D72ce48ca-13f3-4c47-8c15-dd1ae63523d1%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D72ce48ca-13f3-4c47-8c15-dd1ae63523d1%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
https://prebid.a-mo.net/setuid?A=72ce48ca-13f3-4c47-8c15-dd1ae63523d1&D=&bidder=appnexus&uid=6597383816566709910

Request Chain 130

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D72ce48ca-13f3-4c47-8c15-dd1ae63523d1%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D72ce48ca-13f3-4c47-8c15-dd1ae63523d1%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://prebid.a-mo.net/setuid?A=72ce48ca-13f3-4c47-8c15-dd1ae63523d1&D=&bidder=sovrn&uid=149bf59c618de0e2f0fe95ff

147 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
brightsidebeauty.com/ 114 KB
25 KB 267ms
246ms Document
text/html 174.138.45.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

http://brightsidebeauty.com/

Protocol

HTTP/1.1

Server

174.138.45.75 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

02229a4e65127f3fdc47db97b6843a2ac1b41d6839adc2c48bc110959ca46ebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: brightsidebeauty.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server: nginx-rc
Date: Thu, 01 Jul 2021 13:35:46 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-UA-Compatible: IE=edge
Link: <https://brightsidebeauty.com/wp-json/>; rel="https://api.w.org/"
Set-Cookie: PHPSESSID=pah03vd0d57t7aenmjk2ek8r12; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Cache-Control: private, proxy-revalidate, s-maxage=0
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=15768000
X-RunCloud-Cache: HIT
Content-Encoding: gzip

GET
H/1.1 200
OK autoptimize_4fe85a1031c443f1c1822a23f1531519.css
brightsidebeauty.com/wp-content/cache/autoptimize/css/ 107 KB
19 KB 268ms
248ms Stylesheet
text/css 174.138.45.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

http://brightsidebeauty.com/wp-content/cache/autoptimize/css/autoptimize_4fe85a1031c443f1c1822a23f1531519.css

Requested by

Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/

Protocol

HTTP/1.1

Server

174.138.45.75 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

bb2188e819d3cb73490b17b16032bf096f9a710e9e3295a89a2657b36b0499af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: brightsidebeauty.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://brightsidebeauty.com/
Cookie: PHPSESSID=pah03vd0d57t7aenmjk2ek8r12
Connection: keep-alive
Cache-Control: no-cache
Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 13:35:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Jun 2021 13:35:53 GMT
Server: nginx-rc
X-Frame-Options: SAMEORIGIN
ETag: W/"60c8acb9-1ad88"
Strict-Transport-Security: max-age=15768000
Content-Type: text/css
Cache-Control: max-age=2592000 public
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Jul 2021 13:35:46 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 9 KB
1 KB 23ms
15ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Work+Sans:100,200,300,regular,500,600,700,800,900|Satisfy:regular

Requested by

Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

073dd3bd8b87a108b17cb1c285ff1cbb41bd2a99a045e3c7192689bbfc9af4f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 13:35:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 01 Jul 2021 13:35:46 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Thu, 01 Jul 2021 13:35:46 GMT

GET
H/1.1 200
OK jquery.js Show response
brightsidebeauty.com/wp-includes/js/jquery/ 95 KB
34 KB 270ms
250ms Script
application/javascript 174.138.45.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

http://brightsidebeauty.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Requested by

Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/

Protocol

HTTP/1.1

Server

174.138.45.75 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: brightsidebeauty.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://brightsidebeauty.com/
Cookie: PHPSESSID=pah03vd0d57t7aenmjk2ek8r12
Connection: keep-alive
Cache-Control: no-cache
Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 13:35:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 20 May 2020 13:28:17 GMT
Server: nginx-rc
X-Frame-Options: SAMEORIGIN
ETag: W/"5ec53071-17a69"
Strict-Transport-Security: max-age=15768000
Content-Type: application/javascript
Cache-Control: max-age=2592000 public
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Jul 2021 13:35:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 20ms
18ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-136605546-5

Requested by

Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2c362adf86b7125c26278effe0963c04bf81d56679bd8337adf8f546ede208bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36430
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Jul 2021 13:35:46 GMT

GET
H/1.1 200
OK tracking.php Show response
brightsidebeauty.com/wp-content/plugins/fuser-master/res/js/ 480 B
826 B 487ms
467ms Script
application/javascript 174.138.45.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

http://brightsidebeauty.com/wp-content/plugins/fuser-master/res/js/tracking.php?ts=1625143111&ver=5.4.6

Requested by

Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/

Protocol

HTTP/1.1

Server

174.138.45.75 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

c993d3d5e3d22558b6085daa94779ff514a7339fe7f7aa44d3bb547f9a3a82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: brightsidebeauty.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://brightsidebeauty.com/
Cookie: PHPSESSID=pah03vd0d57t7aenmjk2ek8r12
Connection: keep-alive
Cache-Control: no-cache
Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 13:35:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-RunCloud-Cache: BYPASS
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=edge
Pragma: no-cache
Server: nginx-rc
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15768000
Content-Type: application/javascript
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Expires: Mon, 2 Sep 1945 13:37:00 GMT

GET
H/1.1 200
OK tag.min.js Show response
api.adinplay.com/libs/aiptag/pub/ICW/brightsidebeauty.com/ 385 KB
120 KB 72ms
56ms Script
application/javascript 2606:4700:20::681a:f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://api.adinplay.com/libs/aiptag/pub/ICW/brightsidebeauty.com/tag.min.js
Requested by: Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:f6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c09d77efdd7b5859ac698b4e5bc8417e9195dcdb557df71a55487911fdb4754

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 13:35:46 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 86737
Transfer-Encoding: chunked
X-Host: adinplay-2
Connection: keep-alive
cf-request-id: 0b03e171e100001f292a827000000001
Last-Modified: Fri, 25 Jun 2021 11:21:26 GMT
Server: cloudflare
Etag: W/"60d5bc36-60290"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ptbpO3l0tNBIti0nPJwWhiF2nRpqs6QGGTX%2BaW62ddBXGCGZ6MG8DmoEarTEacYd00Vb%2FB4mW8awateRZ7HfWnZw5pWLNlo9GoFwltAk3WohaOt%2B2eQ3WK4ZvC8cRi1Oz8KklOSBRV%2BI"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1800
Access-Control-Allow-Credentials: true
CF-RAY: 668004fc99a51f29-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 69 KB
24 KB 146ms
66ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

8611bf540c2466f51cdf38f613dc767cce11e0b22e91da1076ff89f50f3f3c65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "917 / 409 of 1000 / last-modified: 1625137988"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24342
x-xss-protection: 0
expires: Thu, 01 Jul 2021 13:35:46 GMT

GET
H/1.1 200
OK pre_pws.js Show response
fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/ 3 KB
2 KB 107ms
35ms Script
text/javascript 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pre_pws.js?type=default
Requested by: Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/
Protocol: HTTP/1.1
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 6e5ddcf6cf93482d7bf25de103974b2637c2234396dfe94c240e4ebb3d5521f6

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 13:35:45 GMT
Content-Encoding: gzip
Age: 17030
X-GUploader-UploadID: ABg5-UyfQrGt-TO03X98D0GrV1T6XU0Ca6zf4cYOuDryC_TiJr7kRMRQZq19fYgdFKPRQoYbs8JcsUAeM6FYVRYKll8
X-Cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
x-verify-21-url: /prod/sites/4/b/d/4bd9c890-824a-45e9-8426-2ac566772981/default/pre_pws.js
x-restarts: 0
X-Served-By: cache-mdw17358-MDW, cache-fra19182-FRA
Accept-Ranges: bytes
Last-Modified: Wed, 23 Jun 2021 06:07:00 GMT
Server: UploadServer
x-file-loc: primary0
X-Timer: S1625146545.482628,VS0,VE1
ETag: "1ab57a693e9bb0d64c66e31c97bc2e74"
x-orig-url: /script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pre_pws.js?type=default
Vary: Accept-Encoding
x-goog-hash: crc32c=fwf7ow==, md5=GrV6aT6bsNZMZuMcl7wudA==
x-goog-generation: 1624428420720861
Via: 1.1 varnish, 1.1 varnish
Expires: Wed, 23 Jun 2021 12:25:53 GMT
Cache-Control: public, max-age=43200
x-goog-stored-content-length: 2671
Content-Length: 1329
Content-Type: text/javascript
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK pws.js Show response
fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/ 388 KB
117 KB 29ms
27ms Script
text/javascript 151.101.14.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default
Requested by: Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/
Protocol: HTTP/1.1
Server: 151.101.14.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2aecd59be421da619e015839a203c01027acd34a5241df8aa038d1b061723e34

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 13:35:45 GMT
Content-Encoding: gzip
Age: 17031
X-GUploader-UploadID: ADPycdstjpWDG9NOQTG160h80Grgj_h6bEB9q2KcyMa_paA9mQDt-HNaArtBCWoNPZZ54D4BoPh47s6cH4uSXQgGx94
X-Cache: HIT, HIT
x-goog-storage-class: STANDARD
x-split-fraction: 10
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
x-verify-21-url: /prod/sites/4/b/d/4bd9c890-824a-45e9-8426-2ac566772981/default/d/pws.js
x-restarts: 0
X-Served-By: cache-mdw17376-MDW, cache-fra19182-FRA
Accept-Ranges: bytes
Last-Modified: Thu, 01 Jul 2021 07:42:40 GMT
Server: UploadServer
X-Timer: S1625146546.893496,VS0,VE1
ETag: "0db20a8513d205535755a8ae47c950a2"
x-orig-url: /script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default
Vary: Accept-Encoding
x-goog-hash: crc32c=FgFyog==, md5=DbIKhRPSBVNXVaiuR8lQog==
x-goog-generation: 1625125360804156
Via: 1.1 varnish, 1.1 varnish
Expires: Thu, 01 Jul 2021 08:42:54 GMT
Cache-Control: public, max-age=43200
x-goog-stored-content-length: 397577
Content-Length: 118764
Content-Type: text/javascript
x-c-host: D
X-Cache-Hits: 1, 1

GET
H/1.1 200
OK lazy_placeholder.gif
brightsidebeauty.com/wp-content/plugins/a3-lazy-load/assets/images/ 42 B
509 B 135ms
133ms Image
image/gif 174.138.45.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://brightsidebeauty.com/wp-content/plugins/a3-lazy-load/assets/images/lazy_placeholder.gif

Requested by

Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/

Protocol

HTTP/1.1

Server

174.138.45.75 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: brightsidebeauty.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://brightsidebeauty.com/
Cookie: PHPSESSID=pah03vd0d57t7aenmjk2ek8r12
Connection: keep-alive
Cache-Control: no-cache
Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 13:35:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 19 Apr 2021 06:59:49 GMT
Server: nginx-rc
X-Frame-Options: SAMEORIGIN
ETag: "607d2a65-2a"
Strict-Transport-Security: max-age=15768000
Content-Type: image/gif
Cache-Control: max-age=2592000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Jul 2021 13:35:46 GMT

GET
H/1.1 200
OK autoptimize_87c7befcc180ca6dafab2b976e4262ae.js Show response
brightsidebeauty.com/wp-content/cache/autoptimize/js/ 38 KB
13 KB 136ms
134ms Script
application/javascript 174.138.45.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

http://brightsidebeauty.com/wp-content/cache/autoptimize/js/autoptimize_87c7befcc180ca6dafab2b976e4262ae.js

Requested by

Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/

Protocol

HTTP/1.1

Server

174.138.45.75 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

2d85a758716ea4a19dfabb01353dadcc765816370735c50a3ef822f338a9f368

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: brightsidebeauty.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://brightsidebeauty.com/
Cookie: PHPSESSID=pah03vd0d57t7aenmjk2ek8r12
Connection: keep-alive
Cache-Control: no-cache
Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 13:35:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 Jun 2021 13:35:53 GMT
Server: nginx-rc
X-Frame-Options: SAMEORIGIN
ETag: W/"60c8acb9-971d"
Strict-Transport-Security: max-age=15768000
Content-Type: application/javascript
Cache-Control: max-age=2592000 public
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Jul 2021 13:35:46 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
brightsidebeauty.com/wp-includes/js/ 14 KB
5 KB 135ms
133ms Script
application/javascript 174.138.45.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

http://brightsidebeauty.com/wp-includes/js/wp-emoji-release.min.js?ver=5.4.6

Requested by

Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/

Protocol

HTTP/1.1

Server

174.138.45.75 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: brightsidebeauty.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://brightsidebeauty.com/
Cookie: PHPSESSID=pah03vd0d57t7aenmjk2ek8r12
Connection: keep-alive
Cache-Control: no-cache
Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 13:35:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 15 Apr 2021 07:38:30 GMT
Server: nginx-rc
X-Frame-Options: SAMEORIGIN
ETag: W/"6077ed76-363c"
Strict-Transport-Security: max-age=15768000
Content-Type: application/javascript
Cache-Control: max-age=2592000 public
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Jul 2021 13:35:46 GMT

GET
H/1.1 200
OK ga.js Show response
brightsidebeauty.com/wp-content/plugins/fuser-master/res/js/addon-ga/ 156 B
637 B 135ms
133ms Script
application/javascript 174.138.45.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

http://brightsidebeauty.com/wp-content/plugins/fuser-master/res/js/addon-ga/ga.js?ts=1625146546

Requested by

Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/wp-content/plugins/fuser-master/res/js/tracking.php?ts=1625143111&ver=5.4.6

Protocol

HTTP/1.1

Server

174.138.45.75 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

6a3a08e8e60a695d82656345a101f730276cf06852de6203ee09e95037cd1254

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: brightsidebeauty.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: */*
Referer: http://brightsidebeauty.com/
Cookie: PHPSESSID=pah03vd0d57t7aenmjk2ek8r12
Connection: keep-alive
Cache-Control: no-cache
Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 13:35:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Apr 2021 10:15:38 GMT
Server: nginx-rc
X-Frame-Options: SAMEORIGIN
ETag: "60814cca-9c"
Strict-Transport-Security: max-age=15768000
Content-Type: application/javascript
Cache-Control: max-age=2592000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 156
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Jul 2021 13:35:46 GMT

GET
H2

200

hb_307449_7284.js Show response
player.adtelligent.com/prebidlink/451429/
Redirect Chain

http://player.adtelligent.com/prebidlink/451429/hb_307449_7284.js
https://player.adtelligent.com/prebidlink/451429/hb_307449_7284.js

1 B
244 B

104ms
39ms

Script
application/javascript

213.174.135.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/451429/hb_307449_7284.js
Requested by: Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:46 GMT
last-modified: Wed, 30 Jun 2021 12:29:05 GMT
server: nginx
etag: "60dc6391-1"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 01 Jul 2021 14:35:46 GMT
cache-control: max-age=3600
accept-ranges: bytes
content-length: 1
x-proxy-cache: HIT

Redirect headers

Location: https://player.adtelligent.com/prebidlink/451429/hb_307449_7284.js
Non-Authoritative-Reason: HSTS

GET
H2

200

gpt.js Show response
securepubads.g.doubleclick.net/tag/js/
Redirect Chain

http://securepubads.g.doubleclick.net/tag/js/gpt.js
https://securepubads.g.doubleclick.net/tag/js/gpt.js

69 KB
24 KB

45ms
44ms

Script
text/javascript

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

3a152b6793c2cbec00972381fb6797d2e6ee54876a497eb1b130bb2da0a13ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "917 / 970 of 1000 / last-modified: 1625137876"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24342
x-xss-protection: 0
expires: Thu, 01 Jul 2021 13:35:46 GMT

Redirect headers

Date: Thu, 01 Jul 2021 13:07:02 GMT
X-Content-Type-Options: nosniff
Server: sffe
Age: 1724
Content-Type: text/html; charset=UTF-8
Location: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Cache-Control: public, max-age=1800
Content-Length: 249
X-XSS-Protection: 0
Expires: Thu, 01 Jul 2021 13:37:02 GMT

GET
H2

200

wrapper_hb_307449_7284.js Show response
player.adtelligent.com/prebidlink/451429/
Redirect Chain

http://player.adtelligent.com/prebidlink/451429/wrapper_hb_307449_7284.js
https://player.adtelligent.com/prebidlink/451429/wrapper_hb_307449_7284.js

127 B
368 B

104ms
39ms

Script
application/javascript

213.174.135.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/451429/wrapper_hb_307449_7284.js
Requested by: Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5ea995481d7dfddb5307f94aedabe955e8bdd9ba40b925007532997185cd35c6

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:46 GMT
content-encoding: gzip
last-modified: Wed, 30 Jun 2021 12:29:05 GMT
server: nginx
etag: W/"60dc6391-7f"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Thu, 01 Jul 2021 14:35:46 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

Redirect headers

Location: https://player.adtelligent.com/prebidlink/451429/wrapper_hb_307449_7284.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK loading.gif
brightsidebeauty.com/wp-content/plugins/a3-lazy-load/assets/css/ 2 KB
2 KB 264ms
245ms Image
image/gif 174.138.45.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://brightsidebeauty.com/wp-content/plugins/a3-lazy-load/assets/css/loading.gif

Requested by

Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/wp-content/cache/autoptimize/css/autoptimize_4fe85a1031c443f1c1822a23f1531519.css

Protocol

HTTP/1.1

Server

174.138.45.75 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: brightsidebeauty.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://brightsidebeauty.com/wp-content/cache/autoptimize/css/autoptimize_4fe85a1031c443f1c1822a23f1531519.css
Cookie: PHPSESSID=pah03vd0d57t7aenmjk2ek8r12
Connection: keep-alive
Cache-Control: no-cache
Referer: http://brightsidebeauty.com/wp-content/cache/autoptimize/css/autoptimize_4fe85a1031c443f1c1822a23f1531519.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 13:35:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 19 Apr 2021 06:59:49 GMT
Server: nginx-rc
X-Frame-Options: SAMEORIGIN
ETag: "607d2a65-69a"
Strict-Transport-Security: max-age=15768000
Content-Type: image/gif
Cache-Control: max-age=2592000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1690
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Jul 2021 13:35:46 GMT

GET
H/1.1 200
OK QGYsz_wNahGAdqQ43Rh_fKDp.woff2
fonts.gstatic.com/s/worksans/v9/ 54 KB
55 KB 14ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/worksans/v9/QGYsz_wNahGAdqQ43Rh_fKDp.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Work+Sans:100,200,300,regular,500,600,700,800,900|Satisfy:regular

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a4918ffe64106f49bc51cc7105702b64ddeb8a72bd89e5b2d242e7682b7d691

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://brightsidebeauty.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 23:24:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 28 Jan 2021 21:40:26 GMT
Server: sffe
Age: 51063
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 55340
X-XSS-Protection: 0
Expires: Thu, 30 Jun 2022 23:24:43 GMT

GET
H/1.1 200
OK rP2Hp2yn6lkG50LoCZOIHQ.woff2
fonts.gstatic.com/s/satisfy/v11/ 22 KB
23 KB 13ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/satisfy/v11/rP2Hp2yn6lkG50LoCZOIHQ.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Work+Sans:100,200,300,regular,500,600,700,800,900|Satisfy:regular

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a02009d2f95d79b62b95c6de12d6614bdb36bffa6d4e756db81ec1c51c5acc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://brightsidebeauty.com
Referer: http://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 30 Jun 2021 10:01:46 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 01 Sep 2020 05:25:02 GMT
Server: sffe
Age: 99240
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 22652
X-XSS-Protection: 0
Expires: Thu, 30 Jun 2022 10:01:46 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 6ms
4ms XHR
application/json 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210701

Requested by

Host: api.adinplay.com
URL: http://api.adinplay.com/libs/aiptag/pub/ICW/brightsidebeauty.com/tag.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5e8271129c935c6f4281facb657c5b837b758b0484aaa8446d54fb17a8d336ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 37884
x-jsd-version: 1.0.1024
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 944
etag: W/"69e-YdpuLX5fL5q+8z95640GeNe4E5s"
x-served-by: cache-fra19179-FRA
x-jsd-version-type: version
date: Thu, 01 Jul 2021 13:35:46 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK adsbygoogle.js Show response
api.adinplay.com/libs/aiptag/assets/ 16 B
830 B 22ms
20ms Script
application/javascript 2606:4700:20::681a:f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by: Host: api.adinplay.com
URL: http://api.adinplay.com/libs/aiptag/pub/ICW/brightsidebeauty.com/tag.min.js
Protocol: HTTP/1.1
Server: 2606:4700:20::681a:f6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 13:35:46 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 86738
X-Host: adinplay-2
Connection: keep-alive
Content-Length: 16
cf-request-id: 0b03e1728000001f29fca43000000001
Last-Modified: Wed, 04 Apr 2018 16:13:25 GMT
Server: cloudflare
Etag: "5ac4f9a5-10"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=W0tHqhm2BjxE%2BuJ83Om4ib5mSfjxp1CkdYtMejviiLFDY169qCJUkjBriOrbsFK6Neb7LUWE66IB%2BF9zqQPXpzAxxvTjEy2tdJhpmuPgPPCKLSTQDvE4jC%2Fmo20BfMggOQOMGU483xG0"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1800
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
CF-RAY: 668004fd9b7e1f29-FRA

GET
H2 200 / Show response
country.adinplay.workers.dev/ 2 B
679 B 66ms
30ms XHR
text/plain 2606:4700:3033::6815:45cd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://country.adinplay.workers.dev/
Requested by: Host: api.adinplay.com
URL: http://api.adinplay.com/libs/aiptag/pub/ICW/brightsidebeauty.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:45cd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:46 GMT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=tC7pc5tMjzVT%2FeDW1nTDSmUAU8Qnip739SKUaiAt2wMzUpF1ErfcYm%2FIlNfdocSKQ6iPxlWKTnAQ8W88evDRz6VRmbJdXdUQkTE4pmvpaAku%2FUy5%2FzymBYeH2%2BpXf%2F6fijmkRFSs2%2FW2a4FHL59LyeLc1lk5kg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 668004fdcb964a7a-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 2
cf-request-id: 0b03e172a100004a7a26267000000001

GET
H2 200 cmp.min.css
cdn.consentmanager.mgr.consensu.org/delivery/ 20 KB
4 KB 21ms
6ms Stylesheet
text/css 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.consentmanager.mgr.consensu.org/delivery/cmp.min.css
Requested by: Host: api.adinplay.com
URL: http://api.adinplay.com/libs/aiptag/pub/ICW/brightsidebeauty.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PleskLin
Resource Hash: f2ff0388a2083600b5da4610b87cddbaab2184ed0e296b26bf0637157c950c05

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jul 2021 13:35:46 GMT
content-encoding: br
vary: Accept-Encoding
x-77-nzt-ray: 5zgq5CL6PAI=
x-powered-by: PleskLin
x-77-cache: HIT
x-cache: HIT
x-age: 1248
x-77-nzt: AcO1ry8w6I/v4AQAAA==
x-accel-expires: @1625148898
last-modified: Tue, 15 Jun 2021 00:58:34 GMT
server: CDN77-Turbo
etag: W/"60c7fb3a-5187"
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
expires: Tue, 15 Jun 2021 21:08:25 GMT

GET
H/1.1 200
OK cmp.php Show response
consentmanager.mgr.consensu.org/delivery/ 5 KB
5 KB 193ms
55ms Script
application/javascript 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://consentmanager.mgr.consensu.org/delivery/cmp.php?id=13566&h=http%3A%2F%2Fbrightsidebeauty.com%2F&undefined&__cmpfcc=1&l=en&o=1625146546918

Requested by

Host: api.adinplay.com
URL: http://api.adinplay.com/libs/aiptag/pub/ICW/brightsidebeauty.com/tag.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

a96cfba8eb874607ff59dad1e8ba2d5a96c4ca01e66d38c1ec4e1c5f43d911e5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jul 2021 13:35:47 GMT
Last-Modified: Thu, 01 Jul 2021 13:35:47 GMT
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 4790
X-XSS-Protection: 0
Expires: 0

GET
H2 200 cmp_en.min.js Show response
cdn.consentmanager.mgr.consensu.org/delivery/ 267 KB
49 KB 37ms
23ms Script
application/javascript 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.consentmanager.mgr.consensu.org/delivery/cmp_en.min.js
Requested by: Host: api.adinplay.com
URL: http://api.adinplay.com/libs/aiptag/pub/ICW/brightsidebeauty.com/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PleskLin
Resource Hash: 3e72f3ed398163c82a841ef868b7409b552cf1d4394ea3ae10f3ed4ac6d086f3

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jul 2021 13:35:46 GMT
content-encoding: br
vary: Accept-Encoding
x-77-nzt-ray: YNHdx2vRovI=
x-powered-by: PleskLin
x-77-cache: HIT
x-cache: HIT
x-age: 1246
x-77-nzt: AcO1ry+9ORLv3gQAAA==
x-accel-expires: @1625148900
last-modified: Tue, 22 Jun 2021 12:20:25 GMT
server: CDN77-Turbo
etag: W/"60d1d589-42a9a"
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
expires: Tue, 22 Jun 2021 14:10:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-136605546-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 6938
date: Thu, 01 Jul 2021 11:40:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Thu, 01 Jul 2021 13:40:08 GMT

GET
H2 200 Skin_Pigmentation-898x1024.jpg
brightsidebeauty.com/wp-content/uploads/2020/05/ 85 KB
85 KB 553ms
136ms Image
image/jpeg 174.138.45.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://brightsidebeauty.com/wp-content/uploads/2020/05/Skin_Pigmentation-898x1024.jpg

Requested by

Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

174.138.45.75 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

79c477880c3be27ed502f8465f505068363b8fa24f0ebc9a9f458ee2f789331c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 06 May 2020 05:12:27 GMT
server: nginx-rc
etag: W/"5eb2473b-1543d"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000, public
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Sat, 31 Jul 2021 13:35:47 GMT

GET
H/1.1 200
OK cartoon_girls_profile_picture80-150x150.jpg
brightsidebeauty.com/wp-content/uploads/2020/05/ 5 KB
5 KB 134ms
132ms Image
image/jpeg 174.138.45.75
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://brightsidebeauty.com/wp-content/uploads/2020/05/cartoon_girls_profile_picture80-150x150.jpg

Requested by

Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/

Protocol

HTTP/1.1

Server

174.138.45.75 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx-rc /

Resource Hash

8744ea2b9fe0b8b1e3dacf34e65054c41fe0e6756e9065ea82737d0816f4cbfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: brightsidebeauty.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://brightsidebeauty.com/
Cookie: PHPSESSID=pah03vd0d57t7aenmjk2ek8r12; CountryCode=DE; userFromEEA=true
Connection: keep-alive
Cache-Control: no-cache
Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 13:35:47 GMT
X-Content-Type-Options: nosniff
Last-Modified: Sat, 29 Aug 2020 09:34:39 GMT
Server: nginx-rc
X-Frame-Options: SAMEORIGIN
ETag: "5f4a212f-12e0"
Strict-Transport-Security: max-age=15768000
Content-Type: image/jpeg
Cache-Control: max-age=2592000 public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4832
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Jul 2021 13:35:47 GMT

GET
H3-29 200 pubads_impl_2021062408.js Show response
securepubads.g.doubleclick.net/gpt/ 332 KB
116 KB 81ms
42ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021062408.js

Requested by

Host: securepubads.g.doubleclick.net
URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

f852dfebba4af97add777a1d789b4739164d6cc93aa34db2c463141a5c3f4d09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 24 Jun 2021 17:13:33 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118414
x-xss-protection: 0
expires: Thu, 01 Jul 2021 13:35:47 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 39 B
79 B 88ms
44ms XHR
application/json 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=brightsidebeauty.com

Requested by

Host: securepubads.g.doubleclick.net
URL: http://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

860f06b090ed7565eec010272e829843528d905122ccb8d7caaf387ae2c6db49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 01 Jul 2021 13:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55
x-xss-protection: 0
expires: Thu, 01 Jul 2021 13:35:47 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 31ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=770843360&t=pageview&_s=1&dl=http%3A%2F%2Fbrightsidebeauty.com%2F&ul=en-us&de=UTF-8&dt=BrightsideBeauty&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=585939099&gjid=1728853967&cid=364518100.1625146547&tid=UA-136605546-5&_gid=1211079043.1625146547&_r=1&gtm=2ou6n0&z=857787504

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 13:35:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://brightsidebeauty.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 liveView.php Show response
live.sekindo.com/live/ 35 KB
10 KB 128ms
43ms Script
text/javascript 194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=103592&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&subId=[SUBID_ENCODED]&vp_content=plembed1e38pvqlxoum&vp_template=8166&subId=undefined
Requested by: Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 36685e9f83d6f850737748bc1504e851aec375b01ce13699364aed8f473a6f81

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 13:35:47 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/javascript; charset=utf-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 173ms
173ms XHR
application/json 185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: fdyn.pubwise.io
URL: http://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

51fe1029e586423b74060396dde6443cf84e3683106d503b97f532386e14075a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 01 Jul 2021 13:35:47 GMT
X-Proxy-Origin: 217.138.199.28; 217.138.199.28; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8aa239f3-af3e-4bbc-b462-847ca62bd0a0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://brightsidebeauty.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 65 B
645 B 403ms
130ms XHR
application/json 52.6.70.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dgJ9Gw4ler6OoEaKkv7mNO
Requested by: Host: fdyn.pubwise.io
URL: http://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.70.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-70-212.compute-1.amazonaws.com
Software: / 33Across
Resource Hash: 513c0b0fc04628266e0dcb8ccee70c7b776104ee050bd07984e8535edef2676e

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Jul 2021 13:35:47 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://brightsidebeauty.com
access-control-allow-credentials: true

POST
H2 200 c Show response
prebid.a-mo.net/a/ 861 B
787 B 383ms
143ms XHR
application/json 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: fdyn.pubwise.io
URL: http://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: 3473c34e7d938344a8efbc7815d4c1b7b36516d57fca5d3e2098f7cee9034812

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Jul 2021 13:35:46 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: http://brightsidebeauty.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 23
content-length: 355

POST
H2 204 prebid Show response
bid.pubwise.io/ 0
190 B 680ms
595ms XHR
text/html 34.107.161.123
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.pubwise.io/prebid
Requested by: Host: fdyn.pubwise.io
URL: http://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.161.123 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 123.161.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Jul 2021 13:35:47 GMT
via: 1.1 google
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: http://brightsidebeauty.com
x-cloud-trace-context: 39f24b6e704f173302620d6917b3a84c
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 bV8xLndfMTM1NjYuZF81MzI0LnhfMTAudg.js Show response
cdn.consentmanager.mgr.consensu.org/delivery/customdata/ 75 KB
12 KB 13ms
13ms Script
application/javascript 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.consentmanager.mgr.consensu.org/delivery/customdata/bV8xLndfMTM1NjYuZF81MzI0LnhfMTAudg.js

Requested by

Host: consentmanager.mgr.consensu.org
URL: https://consentmanager.mgr.consensu.org/delivery/cmp.php?id=13566&h=http%3A%2F%2Fbrightsidebeauty.com%2F&undefined&__cmpfcc=1&l=en&o=1625146546918

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo / PleskLin

Resource Hash

08a7e3d860d7a4c68d0c88c8310abfe7f20280b88af3f6e43aabae88b0c17155

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jul 2021 13:35:47 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding
x-powered-by: PleskLin
x-77-cache: HIT
x-cache: HIT
x-age: 762
x-xss-protection: 0
x-77-nzt: AcO1ry9JVNTv+gIAAA==
x-accel-expires: @1625147585
last-modified: Thu, 01 Jul 2021 13:23:05 GMT
server: CDN77-Turbo
x-77-nzt-ray: JWmiQpuqAUs=
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *, *
cache-control: public, max-age=1800
expires: Thu, 01 Jul 2021 13:53:05 GMT

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame D2A7 2 KB
1 KB 41ms
40ms Script
text/javascript 194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?s=103592&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&subId=[SUBID_ENCODED]&vp_content=plembed1e38pvqlxoum&vp_template=8166&subId=undefined&csuuid=60ddc4b31d58b&r_csuuid=1&cbuster=1625146547&pubUrlAuto=http%3A%2F%2Fbrightsidebeauty.com%2F&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=100&floatHorizontalOffset=1&floatCloseBtn=1&flowMode=seenboth&flowCloseButtonPosition=right
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=103592&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&subId=[SUBID_ENCODED]&vp_content=plembed1e38pvqlxoum&vp_template=8166&subId=undefined
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: c9b7bba7cd1d4f90e8741c0faa1980be37d566f49bae17b74149612257a0d915

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 13:35:47 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/javascript; charset=utf-8

GET
H2 200 iab_consent_sdk.v1.0.js Show response
live.primis.tech/content/ClientDetections/ Frame D2A7 19 KB
6 KB 43ms
41ms Script
application/javascript 194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=103592&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&subId=[SUBID_ENCODED]&vp_content=plembed1e38pvqlxoum&vp_template=8166&subId=undefined&csuuid=60ddc4b31d58b&r_csuuid=1&cbuster=1625146547&pubUrlAuto=http%3A%2F%2Fbrightsidebeauty.com%2F&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=100&floatHorizontalOffset=1&floatCloseBtn=1&flowMode=seenboth&flowCloseButtonPosition=right
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:46 GMT
content-encoding: gzip
last-modified: Wed, 12 Feb 2020 15:01:36 GMT
server: nginx
etag: W/"5e441350-4be0"
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Fri, 01 Jul 2022 13:35:46 GMT

GET
H2 200 DetectGDPR2.v1.1.js Show response
live.primis.tech/content/ClientDetections/ Frame D2A7 9 KB
3 KB 38ms
37ms Script
application/javascript 194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=103592&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&subId=[SUBID_ENCODED]&vp_content=plembed1e38pvqlxoum&vp_template=8166&subId=undefined&csuuid=60ddc4b31d58b&r_csuuid=1&cbuster=1625146547&pubUrlAuto=http%3A%2F%2Fbrightsidebeauty.com%2F&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=100&floatHorizontalOffset=1&floatCloseBtn=1&flowMode=seenboth&flowCloseButtonPosition=right
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:46 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 09:45:49 GMT
server: nginx
etag: W/"6024fccd-228f"
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Fri, 01 Jul 2022 13:35:46 GMT

GET
H2 200 DetectGDPR.v1.1.js Show response
live.primis.tech/content/ClientDetections/ Frame D2A7 8 KB
3 KB 40ms
39ms Script
application/javascript 194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=103592&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&subId=[SUBID_ENCODED]&vp_content=plembed1e38pvqlxoum&vp_template=8166&subId=undefined&csuuid=60ddc4b31d58b&r_csuuid=1&cbuster=1625146547&pubUrlAuto=http%3A%2F%2Fbrightsidebeauty.com%2F&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=100&floatHorizontalOffset=1&floatCloseBtn=1&flowMode=seenboth&flowCloseButtonPosition=right
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:47 GMT
content-encoding: gzip
last-modified: Thu, 11 Feb 2021 09:45:49 GMT
server: nginx
etag: W/"6024fccd-1ef8"
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Fri, 01 Jul 2022 13:35:47 GMT

GET
H2 200 hls.0.12.4_2.min.js Show response
live.primis.tech/content/video/hls/ Frame D2A7 256 KB
86 KB 49ms
48ms Script
application/javascript 194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=103592&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&subId=[SUBID_ENCODED]&vp_content=plembed1e38pvqlxoum&vp_template=8166&subId=undefined&csuuid=60ddc4b31d58b&r_csuuid=1&cbuster=1625146547&pubUrlAuto=http%3A%2F%2Fbrightsidebeauty.com%2F&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=100&floatHorizontalOffset=1&floatCloseBtn=1&flowMode=seenboth&flowCloseButtonPosition=right
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:46 GMT
content-encoding: gzip
last-modified: Thu, 13 Aug 2020 08:36:05 GMT
server: nginx
etag: W/"5f34fb75-3ff27"
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Fri, 01 Jul 2022 13:35:46 GMT

GET
H2 200 prebidVid.4.43.0_3.min.js Show response
live.primis.tech/content/prebid/ Frame D2A7 385 KB
143 KB 80ms
79ms Script
application/javascript 194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/prebid/prebidVid.4.43.0_3.min.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=103592&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&subId=[SUBID_ENCODED]&vp_content=plembed1e38pvqlxoum&vp_template=8166&subId=undefined&csuuid=60ddc4b31d58b&r_csuuid=1&cbuster=1625146547&pubUrlAuto=http%3A%2F%2Fbrightsidebeauty.com%2F&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=100&floatHorizontalOffset=1&floatCloseBtn=1&flowMode=seenboth&flowCloseButtonPosition=right
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ad40318899ca689fb63bf5401ecea97b60cf650cfa82c9be2ea758f1f847c30

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:46 GMT
content-encoding: gzip
last-modified: Tue, 29 Jun 2021 11:43:13 GMT
server: nginx
etag: W/"60db0751-60302"
content-type: application/javascript
cache-control: max-age=31536000, public
expires: Fri, 01 Jul 2022 13:35:46 GMT

GET
H2 200 liveVideo.php Show response
live.primis.tech/live/ Frame D2A7 553 KB
154 KB 104ms
104ms Script
text/html 194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30372D30315F31367D7B7331343230393134397D7B433131397D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=60ddc4b31d58b&debugInfo=14209149_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14209149&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e38pvqlxoum&secondaryContent=&x=690&y=390&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.0804&geoLong=14.5045&vpTemplate=8166&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=103592&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&subId=[SUBID_ENCODED]&vp_content=plembed1e38pvqlxoum&vp_template=8166&subId=undefined&csuuid=60ddc4b31d58b&r_csuuid=1&cbuster=1625146547&pubUrlAuto=http%3A%2F%2Fbrightsidebeauty.com%2F&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=100&floatHorizontalOffset=1&floatCloseBtn=1&flowMode=seenboth&flowCloseButtonPosition=right
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: f72fc9d609ff92d177b9d70dcb44aaeb6077697692b7fb2d84ceebc46303c46d

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:47 GMT
content-encoding: gzip
server: nginx
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK pixel.php
consentmanager.mgr.consensu.org/delivery/ 43 B
325 B 72ms
71ms Image
image/gif 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consentmanager.mgr.consensu.org/delivery/pixel.php?id=13566&did=1&cfdid=3&t=pv.d_ncs.d_ancs.d_bncs.cf.cfx&h=http%3A%2F%2Fbrightsidebeauty.com%2F&o=1625146547246&l=EN&lv=0&d=1&ct=14&e=&e2=&e3=&i=&sv=31&dv=10&

Requested by

Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jul 2021 13:35:47 GMT
Last-Modified: Thu, 01 Jul 2021 13:35:47 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 43
X-XSS-Protection: 0
Expires: 0

GET
H/1.1 200
OK pixel.php
consentmanager.mgr.consensu.org/delivery/ 43 B
325 B 220ms
146ms Image
image/gif 87.230.98.74
PLUSSERVER-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consentmanager.mgr.consensu.org/delivery/pixel.php?id=13566&did=1&cfdid=1&t=cv&h=http%3A%2F%2Fbrightsidebeauty.com%2F&o=1625146547248&l=EN&lv=0&d=1&ct=14&e=&e2=&e3=&i=&sv=31&dv=10&

Requested by

Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

87.230.98.74 , Germany, ASN61157 (PLUSSERVER-ASN1, DE),

Reverse DNS

ma5037422.psmanaged.com

Software

Resource Hash

5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 01 Jul 2021 13:35:47 GMT
Last-Modified: Thu, 01 Jul 2021 13:35:47 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 43
X-XSS-Protection: 0
Expires: 0

GET
H2 200 logo1592405744x390.gif
cdn.consentmanager.mgr.consensu.org/delivery/img/ 29 KB
29 KB 8ms
6ms Image
image/gif 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.consentmanager.mgr.consensu.org/delivery/img/logo1592405744x390.gif
Requested by: Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PleskLin
Resource Hash: 73e80796df0f325249f01776635aecedb926aaa6df8404c66aedb6941f95d918

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 01 Jul 2021 13:35:47 GMT
x-77-nzt-ray: XG0wsbS91Bw=
x-powered-by: PleskLin
x-77-cache: HIT
x-cache: HIT
x-age: 578
content-length: 29354
x-77-nzt: AcO1ry9swdPvQgIAAA==
x-accel-expires: @1625149569
last-modified: Wed, 17 Feb 2021 09:59:32 GMT
server: CDN77-Turbo
etag: "602ce904-72aa"
access-control-max-age: 1000
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
expires: Tue, 15 Jun 2021 21:08:43 GMT

GET
H/1.1 200
OK en.gif
cdn.consentmanager.mgr.consensu.org/delivery/flags/ 384 B
977 B 13ms
6ms Image
image/gif 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cdn.consentmanager.mgr.consensu.org/delivery/flags/en.gif
Requested by: Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/
Protocol: HTTP/1.1
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo / PleskLin
Resource Hash: eee4cf12a666b414c57a7f3ad86679b3f8d3baeb0914c5f2ec68243d9375d881

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-77-POP: frankfurtDE
Date: Thu, 01 Jul 2021 13:35:47 GMT
Vary: Accept-Encoding
X-77-NZT-Ray: yYX3CPyqKp4=
X-Powered-By: PleskLin
X-77-Cache: HIT
X-Cache: HIT
Connection: keep-alive
X-Age: 584
Content-Length: 384
X-77-NZT: AcO1ry/asTPvSAIAAA==
X-Accel-Expires: @1625149563
Last-Modified: Tue, 30 Mar 2021 19:22:21 GMT
Server: CDN77-Turbo
ETag: "180-5bec5ead1b540"
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT
Content-Type: image/gif
Access-Control-Allow-Origin: *
X-Accel-Version: 0.01
Accept-Ranges: bytes

POST
H2 204 / Show response
api.pubwise.io/api/v8/event/add/ 0
146 B 222ms
135ms XHR
text/plain 130.211.34.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pubwise.io/api/v8/event/add/
Requested by: Host: fdyn.pubwise.io
URL: http://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.34.132 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 132.34.211.130.bc.googleusercontent.com
Software: nginx/1.19.8 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Jul 2021 13:35:47 GMT
via: 1.1 google
server: nginx/1.19.8
vary: Origin
access-control-allow-origin: http://brightsidebeauty.com
access-control-allow-credentials: true
x-bes: pw-api-v8log-vgdt
alt-svc: clear

GET
H2 200 primisslate.css
live.primis.tech/content/video/css/ 17 KB
5 KB 37ms
37ms Stylesheet
text/css 194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/video/css/primisslate.css
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30372D30315F31367D7B7331343230393134397D7B433131397D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=60ddc4b31d58b&debugInfo=14209149_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14209149&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e38pvqlxoum&secondaryContent=&x=690&y=390&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.0804&geoLong=14.5045&vpTemplate=8166&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:47 GMT
content-encoding: gzip
last-modified: Tue, 18 Aug 2020 10:07:25 GMT
server: nginx
etag: W/"5f3ba85d-45c8"
content-type: text/css

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame D2A7 123 KB
33 KB 149ms
52ms Script
application/javascript 65.9.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30372D30315F31367D7B7331343230393134397D7B433131397D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=60ddc4b31d58b&debugInfo=14209149_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14209149&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e38pvqlxoum&secondaryContent=&x=690&y=390&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.0804&geoLong=14.5045&vpTemplate=8166&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 0f4b08d07ecca9f8fcaf108ea78bb163fc98cfc19a844bd0f87412ab34a41873

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: SOzAdyP7.FQsxAjkeGom0RVGr_hQgEwt
content-encoding: gzip
server: Server
age: 12098
etag: c457e964d47ff007ca9e04843536c474
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a156165ae278c5ddd408f18e7181dccd.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
date: Thu, 01 Jul 2021 10:14:09 GMT
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: o2sHp7V_hMQ1jOwu_5wI3OBOwMG0hDf-6WkBmALDuJGGTTIc3UyZvg==

GET
H2 200 css
fonts.googleapis.com/ Frame EE95 2 KB
657 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=swap

Requested by

Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 12:51:19 GMT
server: ESF
date: Thu, 01 Jul 2021 13:35:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Jul 2021 13:35:47 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 2 KB
548 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=swap

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30372D30315F31367D7B7331343230393134397D7B433131397D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=60ddc4b31d58b&debugInfo=14209149_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14209149&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e38pvqlxoum&secondaryContent=&x=690&y=390&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.0804&geoLong=14.5045&vpTemplate=8166&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 12:51:32 GMT
server: ESF
date: Thu, 01 Jul 2021 13:35:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Jul 2021 13:35:47 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 878A 14 KB
5 KB 146ms
48ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=CPIqa8APIqa8AAfYeBENBgCgAAAAAAAAAAigAAAAAAAA&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60ddc4b31d58b%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3DCPIqa8APIqa8AAfYeBENBgCgAAAAAAAAAAigAAAAAAAA
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30372D30315F31367D7B7331343230393134397D7B433131397D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=60ddc4b31d58b&debugInfo=14209149_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14209149&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e38pvqlxoum&secondaryContent=&x=690&y=390&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.0804&geoLong=14.5045&vpTemplate=8166&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=CPIqa8APIqa8AAfYeBENBgCgAAAAAAAAAAigAAAAAAAA&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60ddc4b31d58b%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3DCPIqa8APIqa8AAfYeBENBgCgAAAAAAAAAAigAAAAAAAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://brightsidebeauty.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://brightsidebeauty.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=164141
expires: Sat, 03 Jul 2021 11:11:28 GMT
date: Thu, 01 Jul 2021 13:35:47 GMT
vary: Accept-Encoding

GET
H2

200

liveCS.php Show response
live.primis.tech/live/ Frame 2B56
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60ddc4b31d58b%26pixel%3D%26advId%3D94%26advUuid%3D%24...
https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60ddc4b31d58b%26pixel%3D%26advId%3D94%26advUuid%3D%24...
https://live.primis.tech/live/liveCS.php?source=external&csuuid=60ddc4b31d58b&pixel=&advId=94&advUuid=3e56efae-da71-11eb-badc-1e875f050506

0
223 B

65ms
40ms

Document
text/html

194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=60ddc4b31d58b&pixel=&advId=94&advUuid=3e56efae-da71-11eb-badc-1e875f050506
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30372D30315F31367D7B7331343230393134397D7B433131397D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=60ddc4b31d58b&debugInfo=14209149_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14209149&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e38pvqlxoum&secondaryContent=&x=690&y=390&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.0804&geoLong=14.5045&vpTemplate=8166&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: live.primis.tech
:scheme: https
:path: /live/liveCS.php?source=external&csuuid=60ddc4b31d58b&pixel=&advId=94&advUuid=3e56efae-da71-11eb-badc-1e875f050506
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://brightsidebeauty.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://brightsidebeauty.com/

Response headers

server: nginx
date: Thu, 01 Jul 2021 13:35:47 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
pragma: no-cache
age: 0
content-encoding: gzip

Redirect headers

Server: nginx
Date: Thu, 01 Jul 2021 13:35:47 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=3e56efae-da71-11eb-badc-1e875f050506; expires=Fri, 01-Jul-2022 14:42:27 GMT; path=/; domain=.spotxchange.com; SameSite=none; Secure
Location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=60ddc4b31d58b&pixel=&advId=94&advUuid=3e56efae-da71-11eb-badc-1e875f050506
X-fe: 110
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0

GET
H2

200

liveCS.php Show response
live.primis.tech/live/ Frame 0BA8
Redirect Chain

https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60ddc4b31d58b%26pixel%3D%26advId%3D98%26advU...
https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60ddc4b31d58b%26pixel%3D%26advId%3D98%2...
https://live.primis.tech/live/liveCS.php?source=external&csuuid=60ddc4b31d58b&pixel=&advId=98&advUuid=8313fdce-5b86-4a66-aeac-773b4928b01a

0
223 B

39ms
39ms

Document
text/html

194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=60ddc4b31d58b&pixel=&advId=98&advUuid=8313fdce-5b86-4a66-aeac-773b4928b01a
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30372D30315F31367D7B7331343230393134397D7B433131397D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=60ddc4b31d58b&debugInfo=14209149_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14209149&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e38pvqlxoum&secondaryContent=&x=690&y=390&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.0804&geoLong=14.5045&vpTemplate=8166&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: live.primis.tech
:scheme: https
:path: /live/liveCS.php?source=external&csuuid=60ddc4b31d58b&pixel=&advId=98&advUuid=8313fdce-5b86-4a66-aeac-773b4928b01a
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://brightsidebeauty.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://brightsidebeauty.com/

Response headers

server: nginx
date: Thu, 01 Jul 2021 13:35:47 GMT
content-type: text/html; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
pragma: no-cache
age: 0
content-encoding: gzip

Redirect headers

vary: Accept, Accept-Encoding
set-cookie: i=a71a2427-be47-4d62-b01f-29f0c147c0f2|1625146547; Version=1; Expires=Fri, 01-Jul-2022 13:35:47 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.210.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=60ddc4b31d58b&pixel=&advId=98&advUuid=8313fdce-5b86-4a66-aeac-773b4928b01a
date: Thu, 01 Jul 2021 13:35:47 GMT
content-type: text/html
content-length: 0
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK sync.html Show response
s.console.adtarget.com.tr/ Frame F5B5 2 KB
1 KB 91ms
23ms Document
text/html 2a0c:5c81:5095:0:225:90ff:fefa:245d
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30372D30315F31367D7B7331343230393134397D7B433131397D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=60ddc4b31d58b&debugInfo=14209149_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14209149&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e38pvqlxoum&secondaryContent=&x=690&y=390&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.0804&geoLong=14.5045&vpTemplate=8166&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 401332272d60ca3c294a022966a96c4d342059269e4590d5967c8f515838e2cf

Request headers

Host: s.console.adtarget.com.tr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://brightsidebeauty.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://brightsidebeauty.com/

Response headers

Server: VertaMedia 1.0
Date: Thu, 01 Jul 2021 13:35:46 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 847
Access-Control-Allow-Origin: http://brightsidebeauty.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame D2A7 6 KB
2 KB 55ms
53ms XHR
application/json 194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.1.0&vid_viewabilityState=1&vid_content_url=https%3A%2F%2Fvideo.primis.tech%2Fuploads%2Fcn20%2Fvideo%2Fusers%2Fconverted%2F28743%2Fvideo_5de3954e0895a499415686%2Fvid5de3ae5f8a778071038059.mp4&vid_content_id=590395&vid_content_desc=Weird+Beauty+Hacks+Using+Food+%7C+Four+Nine+Looks&vid_content_title=Weird+Beauty+Hacks+Using+Food+%7C+Four+Nine+Looks&vid_content_duration=181&debugInformation=&x=339&y=191&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&ri=6C69766553746174737C736B317B54307D7B64323032312D30372D30315F31367D7B7331343230393134397D7B433131397D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&isApp=0&geoLati=50.0804&geoLong=14.5045&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&playerApiId=&csuuid=60ddc4b31d58b&cbuster=1625146547543&gdpr=1&gdprConsent=CPIqa8APIqa8AAfYeBENBgCgAAAAAAAAAAigAAAAAAAA&isWePassGdpr=0
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30372D30315F31367D7B7331343230393134397D7B433131397D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=60ddc4b31d58b&debugInfo=14209149_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14209149&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e38pvqlxoum&secondaryContent=&x=690&y=390&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.0804&geoLong=14.5045&vpTemplate=8166&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 70aed74ef0c3fcabe9a3dd672a5b41e56f6eaa4e792ac2eb5e40d555ce7beabd

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 13:35:47 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: http://brightsidebeauty.com
cache-control: no-store
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 1317

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame D2A7 6 KB
2 KB 52ms
51ms XHR
application/json 194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.1.0&vid_viewabilityState=1&vid_content_url=https%3A%2F%2Fvideo.primis.tech%2Fuploads%2Fcn20%2Fvideo%2Fusers%2Fconverted%2F28743%2Fvideo_5de3954e0895a499415686%2Fvid5de3ae5f8a778071038059.mp4&vid_content_id=590395&vid_content_desc=Weird+Beauty+Hacks+Using+Food+%7C+Four+Nine+Looks&vid_content_title=Weird+Beauty+Hacks+Using+Food+%7C+Four+Nine+Looks&vid_content_duration=181&debugInformation=&x=400&y=225&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&ri=6C69766553746174737C736B317B54307D7B64323032312D30372D30315F31367D7B7331343230393134397D7B433131397D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&isApp=0&geoLati=50.0804&geoLong=14.5045&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&playerApiId=&csuuid=60ddc4b31d58b&cbuster=1625146547543&gdpr=1&gdprConsent=CPIqa8APIqa8AAfYeBENBgCgAAAAAAAAAAigAAAAAAAA&isWePassGdpr=0
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30372D30315F31367D7B7331343230393134397D7B433131397D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=60ddc4b31d58b&debugInfo=14209149_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14209149&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e38pvqlxoum&secondaryContent=&x=690&y=390&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.0804&geoLong=14.5045&vpTemplate=8166&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 6cfff141940ea10296535d0f0c6701060fba67578fde262b0d59354a543af36b

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 13:35:47 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: http://brightsidebeauty.com
cache-control: no-store
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 1316

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame D2A7 6 KB
2 KB 48ms
47ms XHR
application/json 194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.1.0&vid_viewabilityState=0&vid_content_url=https%3A%2F%2Fvideo.primis.tech%2Fuploads%2Fcn20%2Fvideo%2Fusers%2Fconverted%2F28743%2Fvideo_5de3954e0895a499415686%2Fvid5de3ae5f8a778071038059.mp4&vid_content_id=590395&vid_content_desc=Weird+Beauty+Hacks+Using+Food+%7C+Four+Nine+Looks&vid_content_title=Weird+Beauty+Hacks+Using+Food+%7C+Four+Nine+Looks&vid_content_duration=181&debugInformation=&x=339&y=191&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&ri=6C69766553746174737C736B317B54307D7B64323032312D30372D30315F31367D7B7331343230393134397D7B433131397D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&isApp=0&geoLati=50.0804&geoLong=14.5045&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&playerApiId=&csuuid=60ddc4b31d58b&cbuster=1625146547547&gdpr=1&gdprConsent=CPIqa8APIqa8AAfYeBENBgCgAAAAAAAAAAigAAAAAAAA&isWePassGdpr=0
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30372D30315F31367D7B7331343230393134397D7B433131397D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&csuuid=60ddc4b31d58b&debugInfo=14209149_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14209149&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1e38pvqlxoum&secondaryContent=&x=690&y=390&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=1&flow_bottomOffset=100&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.0804&geoLong=14.5045&vpTemplate=8166&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: a75d75f984af954aa2bd8f23cccb0f390c7ad834917c2c400925a303945935ee

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 13:35:47 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: http://brightsidebeauty.com
cache-control: no-store
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 1278

GET
H2 200 chunklist_480.m3u8 Show response
video.primis.tech/uploads/cn20/video/users/hls/28743/video_5de3954e0895a499415686/vid5de3ae5f8a778071038059.mp4/ 1 KB
626 B 149ms
53ms XHR
application/vnd.apple.mpegurl 2600:9000:2017:6000:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn20/video/users/hls/28743/video_5de3954e0895a499415686/vid5de3ae5f8a778071038059.mp4/chunklist_480.m3u8
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2017:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f7b1c3cac7a9b7775785a27a84cc0ef8679de643e9a60c14dcd8ff5d27504819

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:12:09 GMT
content-encoding: gzip
last-modified: Sun, 13 Sep 2020 01:06:56 GMT
server: nginx
age: 1418
etag: W/"5f5d70b0-470"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-pop: OTP50-C1
x-amz-cf-id: Q8pxNRtiBaQiqV395EopBPUUtVL_mUtTZ9mj-WLqwl9xBx6L01zFyw==
via: 1.1 f693e744372b77a139d6ae7a83a1b4ce.cloudfront.net (CloudFront)
expires: Thu, 01 Jul 2021 13:12:08 GMT

GET
H2 200 vid5de3ae5f8a778071038059_thumb.jpg
video.primis.tech/uploads/cn20/video/users/converted/28743/video_5de3954e0895a499415686/ Frame EE95 1 KB
2 KB 110ms
34ms Image
image/jpeg 2600:9000:2017:6000:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn20/video/users/converted/28743/video_5de3954e0895a499415686/vid5de3ae5f8a778071038059_thumb.jpg?cbuster=1614090882
Requested by: Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2017:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 818a6a4cf24321b300b693b368c3b78e99fb164fdd2f8d1539c2bad6fdd58dc8

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 21 Jun 2021 03:57:57 GMT
via: 1.1 eeb37cc1f9365f500f5ca2cdb3697a98.cloudfront.net (CloudFront)
last-modified: Wed, 28 Apr 2021 19:37:49 GMT
server: nginx
age: 898670
etag: "6089b98d-5a2"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: OTP50-C1
accept-ranges: bytes
content-length: 1442
x-amz-cf-id: UH6JsqkwKGIA8_SWbqWarp2Qo8RBCziR4AjI-wW5U-XbesiSa0Y5zg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vid5e879afe71b94878341813_thumb.jpg
video.primis.tech/uploads/cn19/video/users/converted/28743/video_5de3954e0895a499415686/ Frame EE95 1 KB
2 KB 110ms
35ms Image
image/jpeg 2600:9000:2017:6000:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn19/video/users/converted/28743/video_5de3954e0895a499415686/vid5e879afe71b94878341813_thumb.jpg?cbuster=1614090881
Requested by: Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2017:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 700a2fe79abdb46ed9d18110a2d280fbd8076cdac9efe480b977649618f7393e

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 16:44:28 GMT
via: 1.1 eeb37cc1f9365f500f5ca2cdb3697a98.cloudfront.net (CloudFront)
last-modified: Wed, 28 Apr 2021 18:37:10 GMT
server: nginx
age: 2407879
etag: "6089ab56-58c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: OTP50-C1
accept-ranges: bytes
content-length: 1420
x-amz-cf-id: LC1DTby2_anpLgfUuyu-8FCAEvkoJWXjKi74HA7q5gagYlkkJ_i5vA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vid5e66a513987eb390879536_thumb.jpg
video.primis.tech/uploads/cn13/video/users/converted/28743/video_5de3954e0895a499415686/ Frame EE95 2 KB
2 KB 111ms
36ms Image
image/jpeg 2600:9000:2017:6000:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn13/video/users/converted/28743/video_5de3954e0895a499415686/vid5e66a513987eb390879536_thumb.jpg?cbuster=1614090881
Requested by: Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2017:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 758ca888b1ed4794a140f0a413969649da28f40751d277ac83891951366eaeea

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 17 May 2021 11:48:39 GMT
via: 1.1 eeb37cc1f9365f500f5ca2cdb3697a98.cloudfront.net (CloudFront)
last-modified: Wed, 28 Apr 2021 17:13:26 GMT
server: nginx
age: 3894428
etag: "608997b6-65d"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: OTP50-C1
accept-ranges: bytes
content-length: 1629
x-amz-cf-id: OJntBqr1fPMcvDI8Ra9zu_ThFi38TA5xfzgDqS_H9-axvo892p6goA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vid5e691876448e6529595939_thumb.jpg
video.primis.tech/uploads/cn12/video/users/converted/28743/video_5de3954e0895a499415686/ Frame EE95 1 KB
2 KB 111ms
36ms Image
image/jpeg 2600:9000:2017:6000:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn12/video/users/converted/28743/video_5de3954e0895a499415686/vid5e691876448e6529595939_thumb.jpg?cbuster=1614090881
Requested by: Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2017:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9ce173c9855cb218bfdcaa7f18af7127bc5dbaad37a07bf061491680d8282dd1

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 06:41:02 GMT
via: 1.1 eeb37cc1f9365f500f5ca2cdb3697a98.cloudfront.net (CloudFront)
last-modified: Wed, 28 Apr 2021 16:59:37 GMT
server: nginx
age: 2616885
etag: "60899479-58a"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: OTP50-C1
accept-ranges: bytes
content-length: 1418
x-amz-cf-id: kI_vPOgejubRX6P9H2qWNYFZG9_N5Xs5F5YuJjXg8LySW8fwJiXnxA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vid5e6bd35e6eba6652404361_thumb.jpg
video.primis.tech/uploads/cn12/video/users/converted/28743/video_5de3954e0895a499415686/ Frame EE95 2 KB
2 KB 111ms
37ms Image
image/jpeg 2600:9000:2017:6000:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn12/video/users/converted/28743/video_5de3954e0895a499415686/vid5e6bd35e6eba6652404361_thumb.jpg?cbuster=1614090881
Requested by: Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2017:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e1368931d10fad9661c7a694ac863e6918efc6ce3b18eb068b0116c84a71c64

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 07:53:56 GMT
via: 1.1 eeb37cc1f9365f500f5ca2cdb3697a98.cloudfront.net (CloudFront)
last-modified: Wed, 28 Apr 2021 16:59:37 GMT
server: nginx
age: 2612511
etag: "60899479-683"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: OTP50-C1
accept-ranges: bytes
content-length: 1667
x-amz-cf-id: dl0Z9Fksy8JEZBKr-TMXZK07if1fyA6O5jeOLWSOTxGR9pQsVPytbQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vid60dc934b5d4ea821437488_thumb.jpg
video.primis.tech/uploads/cn14/video/users/converted/24485/video_5cdab50d33907306656829/ Frame EE95 2 KB
2 KB 39ms
32ms Image
image/jpeg 2600:9000:2017:6000:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn14/video/users/converted/24485/video_5cdab50d33907306656829/vid60dc934b5d4ea821437488_thumb.jpg?cbuster=1625068364
Requested by: Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2017:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a01a5ac95d07b0d52a300388bec82cad77a3100df5c8acfea211c401d3f4dc7

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 19:18:30 GMT
via: 1.1 eeb37cc1f9365f500f5ca2cdb3697a98.cloudfront.net (CloudFront)
last-modified: Wed, 30 Jun 2021 15:56:39 GMT
server: nginx
age: 65837
etag: "60dc9437-792"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: OTP50-C1
accept-ranges: bytes
content-length: 1938
x-amz-cf-id: GdRr7VdNMWfGxg8SPQr8otaq0WMqIY4tLt4SBij3BtphYSIMXofLKw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vid6082ded7853a2255392626_thumb.jpg
video.primis.tech/uploads/cn1/video/users/converted/24485/video_5cdab50d33907306656829/ Frame EE95 2 KB
3 KB 39ms
10ms Image
image/jpeg 2600:9000:2017:6000:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn1/video/users/converted/24485/video_5cdab50d33907306656829/vid6082ded7853a2255392626_thumb.jpg?cbuster=1619189464
Requested by: Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2017:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 59d0677e98f820e83fe6316ecfd6d5b3dcb00fcb65c5ff7481a643104a913a58

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 10:41:46 GMT
via: 1.1 eeb37cc1f9365f500f5ca2cdb3697a98.cloudfront.net (CloudFront)
last-modified: Wed, 28 Apr 2021 18:55:47 GMT
server: nginx
age: 1997641
etag: "6089afb3-8af"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: OTP50-C1
accept-ranges: bytes
content-length: 2223
x-amz-cf-id: fzPMWR9WWqzrp-4l12BBT95caa0dE_8Ip8jOOcej4gJ0itpbgSQwfg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 liveView.php
live.primis.tech/live/ 0
226 B 43ms
41ms Image
text/html 194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=50&serverTime=1625146547&vid_playerVer=3.1.0&s=103592&sta=0&x=690&y=390&vid_passDomain=brightsidebeauty.com&subId=undefined_brightsidebeauty.com&debugInformation=&isApp=0&ri=6C69766553746174737C736B317B54307D7B64323032312D30372D30315F31367D7B7331343230393134397D7B433131397D7B536457356B5A575A70626D566B58324A796157646F64484E705A4756695A57463164486B75593239747D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583639307D7B593339307D7B66317D7B4C383136367DFEFE&diaid=&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=60ddc4b31d58b&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=CPIqa8APIqa8AAfYeBENBgCgAAAAAAAAAAigAAAAAAAA&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1625146547537&uid=SekindoSPlayer60ddc4b342254&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&floatStatus=false
Requested by: Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 13:35:47 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H2 200 sync
x.bidswitch.net/ Frame D2A7 43 B
146 B 111ms
35ms Image
image/gif 3.121.79.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=sekindo&user_id=60ddc4b31d58b&custom_data=60ddc4b31d58b;live.primis.tech&gdpr=1&gdpr_consent=CPIqa8APIqa8AAfYeBENBgCgAAAAAAAAAAigAAAAAAAA
Requested by: Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.79.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-79-35.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:47 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame D2A7
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60ddc4b31d58b%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
https://live.primis.tech/live/liveCS.php?source=external&csuuid=60ddc4b31d58b&pixel=&advId=93&advUuid=8d7ebdc8-07c0-4e3e-8e2a-d3004e4f1d14

0
223 B

39ms
39ms

Image
text/html

194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=60ddc4b31d58b&pixel=&advId=93&advUuid=8d7ebdc8-07c0-4e3e-8e2a-d3004e4f1d14
Requested by: Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 13:35:47 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
content-type: text/html; charset=utf-8

Redirect headers

location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=60ddc4b31d58b&pixel=&advId=93&advUuid=8d7ebdc8-07c0-4e3e-8e2a-d3004e4f1d14
date: Thu, 01 Jul 2021 13:35:47 GMT
server: _
content-length: 0

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame D2A7
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60ddc4b31d58b%26pixel%3D%26advId%3D99%26advUuid%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60ddc4b31d58b%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1
https://live.primis.tech/live/liveCS.php?source=external&csuuid=60ddc4b31d58b&pixel=&advId=99&advUuid=YN3Es0q-pve9BaHfEUvzxAAABIgAAAIB

0
223 B

40ms
38ms

Image
text/html

194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=60ddc4b31d58b&pixel=&advId=99&advUuid=YN3Es0q-pve9BaHfEUvzxAAABIgAAAIB
Requested by: Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 13:35:47 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
content-type: text/html; charset=utf-8

Redirect headers

Pragma: no-cache
Date: Thu, 01 Jul 2021 13:35:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=60ddc4b31d58b&pixel=&advId=99&advUuid=YN3Es0q-pve9BaHfEUvzxAAABIgAAAIB
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 334
Expires: Thu, 01 Jul 2021 13:35:47 GMT

GET
H2

200

liveCS.php
live.primis.tech/live/ Frame D2A7
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60ddc4b31d58b%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
https://live.primis.tech/live/liveCS.php?source=external&csuuid=60ddc4b31d58b&pixel=&advId=105&advUuid=8943078721656408612

0
223 B

41ms
39ms

Image
text/html

194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveCS.php?source=external&csuuid=60ddc4b31d58b&pixel=&advId=105&advUuid=8943078721656408612
Requested by: Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 13:35:47 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
content-type: text/html; charset=utf-8

Redirect headers

Pragma: no-cache
Date: Thu, 01 Jul 2021 13:35:47 GMT
X-Proxy-Origin: 217.138.199.28; 217.138.199.28; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 377b4cdf-7143-441b-b4cf-a53608d065a4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://live.primis.tech/live/liveCS.php?source=external&csuuid=60ddc4b31d58b&pixel=&advId=105&advUuid=8943078721656408612
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 vid5de3ae5f8a778071038059.jpg
video.primis.tech/uploads/cn20/video/users/converted/28743/video_5de3954e0895a499415686/ 20 KB
21 KB 113ms
43ms Image
image/jpeg 2600:9000:2017:6000:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn20/video/users/converted/28743/video_5de3954e0895a499415686/vid5de3ae5f8a778071038059.jpg?cbuster=1614090882
Requested by: Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2017:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d40bafff0ad5f317a3124313e6d8ea0bde09c3988c20a065933758bfe3445ce2

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:17:32 GMT
via: 1.1 eeb37cc1f9365f500f5ca2cdb3697a98.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 01:06:56 GMT
server: nginx
age: 220695
etag: "5f5d70b0-51be"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
x-amz-cf-pop: OTP50-C1
accept-ranges: bytes
content-length: 20926
x-amz-cf-id: KW4SyH5uXON0-RbnhTrhUMeaAJ-ATijw1MQJf6QmgI3B1O0ruJhQNA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 13ms
10ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://brightsidebeauty.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 10:48:51 GMT
x-content-type-options: nosniff
age: 96416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 10:48:51 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame EE95 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://brightsidebeauty.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 30 Jun 2021 10:48:51 GMT
x-content-type-options: nosniff
age: 96416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jun 2022 10:48:51 GMT

GET
H2 200 liveView.php
live.primis.tech/live/ 0
226 B 40ms
40ms Image
text/html 194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=43&serverTime=1625146547&vid_playerVer=3.1.0&s=103592&sta=0&x=690&y=390&vid_passDomain=brightsidebeauty.com&subId=undefined_brightsidebeauty.com&debugInformation=&isApp=0&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=60ddc4b31d58b&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=CPIqa8APIqa8AAfYeBENBgCgAAAAAAAAAAigAAAAAAAA&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1625146547643&uid=SekindoSPlayer60ddc4b342254&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&floatStatus=false
Requested by: Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 13:35:47 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame D2A7 6 KB
3 KB 164ms
68ms XHR
application/javascript 65.9.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 116
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
date: Thu, 01 Jul 2021 13:33:52 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: eAH8PlLZR-uclAuuFdIjBEDAXp_6FbmCBsv4yWI4JuhqYfTQ8696Yw==

GET
H/1.1

200
OK

Cookie set csync Show response
sync.console.adtarget.com.tr/ Frame D2D7
Redirect Chain

https://creativecdn.com/cm-notify?pi=admatic
https://creativecdn.com/cm-notify?pi=admatic&tc=1
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=cC8idHA1ocr1FcczqPb8&pi=admatic&tc=1

86 B
547 B

671ms
403ms

Document
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=cC8idHA1ocr1FcczqPb8&pi=admatic&tc=1
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host: sync.console.adtarget.com.tr
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.console.adtarget.com.tr/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.console.adtarget.com.tr/

Response headers

Server: VertaMedia 1.0
Date: Thu, 01 Jul 2021 13:35:47 GMT
Content-Type: image/gif
Content-Length: 86
Cache-Control: no-cache, no-store, must-revalidate
Set-Cookie: vmuid=cb5e180ee7ea17f0; expires=Wed, 01 Sep 2021 13:35:48 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None a307080=cC8idHA1ocr1FcczqPb8; expires=Wed, 01 Sep 2021 13:35:48 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None

Redirect headers

date: Thu, 01 Jul 2021 13:35:47 GMT Thu, 01 Jul 2021 13:35:47 GMT
location: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=cC8idHA1ocr1FcczqPb8&pi=admatic&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H2

200

/ Show response
ads.us.e-planning.net/uspd/1/ Frame 93C2
Redirect Chain

https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID

13 B
91 B

52ms
51ms

Document
text/html

46.249.52.249
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.249.52.249 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

:method: GET
:authority: ads.us.e-planning.net
:scheme: https
:path: /uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.console.adtarget.com.tr/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: CT=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.console.adtarget.com.tr/

Response headers

server: openresty
date: Thu, 01 Jul 2021 13:35:47 GMT
content-type: text/html
content-length: 13
x-sid: AMS-732

Redirect headers

server: openresty
date: Thu, 01 Jul 2021 13:35:47 GMT
content-type: text/html; charset=iso-8859-1
set-cookie: CT=1; path=/; SameSite=None; Secure
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
x-sid: AMS-732

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7680 14 KB
5 KB 50ms
48ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.console.adtarget.com.tr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.console.adtarget.com.tr/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=164141
expires: Sat, 03 Jul 2021 11:11:28 GMT
date: Thu, 01 Jul 2021 13:35:47 GMT
vary: Accept-Encoding

GET
H2 200 pbsync.html Show response
js.adscale.de/ Frame A104 3 KB
2 KB 130ms
29ms Document
text/html 2600:9000:20fc:5200:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20fc:5200:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

:method: GET
:authority: js.adscale.de
:scheme: https
:path: /pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.console.adtarget.com.tr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.console.adtarget.com.tr/

Response headers

content-type: text/html
last-modified: Wed, 02 Jun 2021 04:52:00 GMT
x-amz-version-id: PrxfzkfOycpkP6dzd0FWzZeWCMor9ul2
server: AmazonS3
content-encoding: br
date: Thu, 01 Jul 2021 13:31:31 GMT
cache-control: max-age=7200
etag: W/"5550fca00caf055568d6ced373f2721f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 ddf05588239a53ffcc4f78bf3b76aac4.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: SIx6X_9mauNtM1eihEDxBYXK5JKHCXq98hK7a-WpyCO17vzfY7mCyA==
age: 256

GET
H2 200 cookie Show response
cm.adform.net/ Frame 74B3 43 B
106 B 179ms
47ms Document
image/gif 37.157.4.24
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.24 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

:method: GET
:authority: cm.adform.net
:scheme: https
:path: /cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.console.adtarget.com.tr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.console.adtarget.com.tr/

Response headers

server: nginx
date: Thu, 01 Jul 2021 13:35:47 GMT
content-type: image/gif
content-length: 43

GET
H2 200 user Show response
cdn.admatic.com.tr/ Frame E0C9 251 B
616 B 174ms
53ms Document
text/html 185.59.220.198
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admatic.com.tr/user
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-723.bunnyinfra.net
Software: BunnyCDN-DE1-723 /
Resource Hash: 62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

:method: GET
:authority: cdn.admatic.com.tr
:scheme: https
:path: /user
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.console.adtarget.com.tr/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.console.adtarget.com.tr/

Response headers

date: Thu, 01 Jul 2021 13:35:47 GMT
content-type: text/html
vary: Accept-Encoding
server: BunnyCDN-DE1-723
cdn-pullzone: 266102
cdn-uid: bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode: GB
cdn-edgestorageid: 755
cdn-storageserver: DE-51
cache-control: public, max-age=3600
last-modified: Thu, 11 Feb 2021 13:30:42 GMT
cdn-cachedat: 2021-06-20 10:47:42
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-requestid: 8d0b7d509a0060ec428fb3f66b69c4de
cdn-cache: HIT
content-encoding: gzip

GET
H/1.1 200
OK sync.html Show response
s.adtelligent.com/ Frame 0612 2 KB
1 KB 95ms
33ms Document
text/html 2a0c:5c81:5139::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adtelligent.com/sync.html?aid=609724
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 0d9f7b500537c7d2e4a28e5d788176ae6bd8c5e0a03658102f9d22c347be87fc

Request headers

Host: s.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.console.adtarget.com.tr/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.console.adtarget.com.tr/

Response headers

Server: VertaMedia 1.0
Date: Thu, 01 Jul 2021 13:35:47 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 803
Access-Control-Allow-Origin: https://s.console.adtarget.com.tr
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Encoding: gzip

GET
H/1.1 200
OK csync
sync.console.adtarget.com.tr/ Frame F5B5 86 B
402 B 692ms
71ms Image
image/gif 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.console.adtarget.com.tr/csync?redir=
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://s.console.adtarget.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 13:35:47 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame D2A7 339 KB
117 KB 38ms
14ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0df2428b04580eb0f5ee738042cac441c8a0c51ad082c5d61ea01124a2507dcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118864
x-xss-protection: 0
expires: Thu, 01 Jul 2021 13:35:47 GMT

GET
H2 200 liveView.php
live.primis.tech/live/ 0
226 B 40ms
40ms Image
text/html 194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=49&serverTime=1625146547&vid_playerVer=3.1.0&s=103592&sta=0&x=690&y=390&vid_passDomain=brightsidebeauty.com&subId=undefined_brightsidebeauty.com&debugInformation=&isApp=0&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=60ddc4b31d58b&vImpOpportunityMultiplier=1&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=CPIqa8APIqa8AAfYeBENBgCgAAAAAAAAAAigAAAAAAAA&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1625146547711&uid=SekindoSPlayer60ddc4b342254&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&floatStatus=false
Requested by: Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 13:35:47 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H2 200 w_480_00000.ts Show response
video.primis.tech/uploads/cn20/video/users/hls/28743/video_5de3954e0895a499415686/vid5de3ae5f8a778071038059.mp4/ 464 KB
465 KB 52ms
51ms XHR
video/mp2t 2600:9000:2017:6000:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn20/video/users/hls/28743/video_5de3954e0895a499415686/vid5de3ae5f8a778071038059.mp4/w_480_00000.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2017:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2bb30c4a2e399d575f904435dd9d64628fbb6bec475c19ace0579100641dfbaf

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 08:09:08 GMT
via: 1.1 f693e744372b77a139d6ae7a83a1b4ce.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 01:07:00 GMT
server: nginx
age: 365198
etag: "5f5d70b4-73f08"
x-cache: Hit from cloudfront
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-pop: OTP50-C1
accept-ranges: bytes
content-length: 474888
x-amz-cf-id: AHJHa79jfCMdXNykkc6POBIQIxPVjNPPmx3BJJHoI_c8a6URtfvBig==
expires: Sun, 04 Jul 2021 08:09:08 GMT

GET
BLOB 200
OK 66ce02e3-8416-425a-821d-e13f3d36fdff
http://brightsidebeauty.com/ 65 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://brightsidebeauty.com/66ce02e3-8416-425a-821d-e13f3d36fdff
Requested by: Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 66258
Content-Type: text/javascript

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 878A 0
42 B 145ms
47ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=68253257&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CPIqa8APIqa8AAfYeBENBgCgAAAAAAAAAAigAAAAAAAA&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=CPIqa8APIqa8AAfYeBENBgCgAAAAAAAAAAigAAAAAAAA&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60ddc4b31d58b%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3DCPIqa8APIqa8AAfYeBENBgCgAAAAAAAAAAigAAAAAAAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:47 GMT
content-length: 0

GET
H/1.1 200
OK bridge3.469.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame DCE5 576 KB
189 KB 13ms
7ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.469.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f773aae9bd3478ff9083be452a9894e124e54b1138a3d6d691976b759e4cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: imasdk.googleapis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://brightsidebeauty.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://brightsidebeauty.com/

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 193037
Date: Thu, 01 Jul 2021 09:48:27 GMT
Expires: Fri, 01 Jul 2022 09:48:27 GMT
Last-Modified: Thu, 24 Jun 2021 19:54:07 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 13640

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame D2A7 44 KB
17 KB 37ms
15ms Script
text/javascript 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Thu, 01 Jul 2021 13:35:47 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame A0B7 2 KB
818 B 92ms
28ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=59a18369e249bfb

Requested by

Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=59a18369e249bfb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://s.adtelligent.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.adtelligent.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H/1.1

200
OK

Cookie set csync Show response
sync.adtelligent.com/ Frame 88D4
Redirect Chain

https://creativecdn.com/cm-notify?pi=adtelligent
https://sync.adtelligent.com/csync?t=a&ep=307355&extuid=cC8idHA1ocr1FcczqPb8&pi=adtelligent

86 B
531 B

806ms
403ms

Document
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=307355&extuid=cC8idHA1ocr1FcczqPb8&pi=adtelligent
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host: sync.adtelligent.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://s.adtelligent.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://s.adtelligent.com/

Response headers

Server: VertaMedia 1.0
Date: Thu, 01 Jul 2021 13:35:47 GMT
Content-Type: image/gif
Content-Length: 86
Cache-Control: no-cache, no-store, must-revalidate
Set-Cookie: vmuid=9e1be7ef4e3e92d8; expires=Wed, 01 Sep 2021 13:35:48 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None a307355=cC8idHA1ocr1FcczqPb8; expires=Wed, 01 Sep 2021 13:35:48 GMT; domain=.adtelligent.com; path=/; secure; SameSite=None

Redirect headers

date: Thu, 01 Jul 2021 13:35:47 GMT Thu, 01 Jul 2021 13:35:47 GMT
location: https://sync.adtelligent.com/csync?t=a&ep=307355&extuid=cC8idHA1ocr1FcczqPb8&pi=adtelligent
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame 0612
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8943078721656408612

86 B
530 B

848ms
404ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8943078721656408612
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 13:35:47 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 01 Jul 2021 13:35:47 GMT
X-Proxy-Origin: 217.138.199.28; 217.138.199.28; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a8030ceb-a00f-4d25-b815-838a660a28a8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=8943078721656408612
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

1px-matching-adtelligent.gif
t.trafmag.com/images/images/ Frame 0612
Redirect Chain

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=9e1be7ef4e3e92d8

35 B
232 B

160ms
49ms

Image
image/gif

193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=9e1be7ef4e3e92d8
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:48 GMT
server: nginx
content-type: image/gif
content-length: 35
p3p: CP="NON DSP COR CURa TIA"

Redirect headers

Location: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=9e1be7ef4e3e92d8
Date: Thu, 01 Jul 2021 13:35:47 GMT
Server: VertaMedia 1.0
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

csync
sync.console.adtarget.com.tr/ Frame 0612
Redirect Chain

https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D322988%26extuid%3D%7Buid%7D
https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=9e1be7ef4e3e92d8

86 B
543 B

404ms
403ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=9e1be7ef4e3e92d8
Requested by: Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=609724
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://s.adtelligent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 13:35:48 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

Redirect headers

Location: https://sync.console.adtarget.com.tr/csync?t=a&ep=322988&extuid=9e1be7ef4e3e92d8
Date: Thu, 01 Jul 2021 13:35:47 GMT
Server: VertaMedia 1.0
Content-Length: 43
Content-Type: image/gif

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 63A8 36 KB
13 KB 8ms
4ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 01 Jul 2021 14:11:49 GMT

GET
H2

200

uu Show response
ih.adscale.de/ Frame A104
Redirect Chain

https://ih.adscale.de/uu?cbfn=receive&t=1625146547
https://ih.adscale.de/uu?cbfn=receive&t=1625146547&nut&uu=c0b54bd5ca98460b908597335ccdb9cf

44 B
214 B

45ms
44ms

Script
text/javascript

52.58.198.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/uu?cbfn=receive&t=1625146547&nut&uu=c0b54bd5ca98460b908597335ccdb9cf
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.198.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-198-108.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: afbe1b8d688116934e5be7af31e66ad8ae6cc3e9b31822acc0d85ce8e4dca108

Request headers

Referer: https://js.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:48 GMT
content-length: 44
content-type: text/javascript;charset=ISO-8859-1

Redirect headers

location: https://ih.adscale.de/uu?cbfn=receive&t=1625146547&nut&uu=c0b54bd5ca98460b908597335ccdb9cf
date: Thu, 01 Jul 2021 13:35:47 GMT
content-length: 0

GET
H2 200 bundle.js Show response
cdn.admatic.com.tr/user/ Frame E0C9 54 KB
20 KB 61ms
61ms Script
application/javascript 185.59.220.198
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admatic.com.tr/user/bundle.js
Requested by: Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.59.220.198 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: edge-723.bunnyinfra.net
Software: BunnyCDN-DE1-723 /
Resource Hash: 8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Referer: https://cdn.admatic.com.tr/user
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:47 GMT
content-encoding: br
cdn-edgestorageid: 601
cdn-storageserver: DE-51
cdn-cachedat: 2021-06-08 21:27:55
cdn-pullzone: 266102
last-modified: Fri, 12 Mar 2021 04:24:48 GMT
server: BunnyCDN-DE1-723
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control: public, max-age=3600
cdn-requestid: 04f8e85a73abef8d6f5fcec8abea6cc7
cdn-requestcountrycode: GB
cdn-requestpullsuccess: True

GET
H2 200 w_480_00001.ts Show response
video.primis.tech/uploads/cn20/video/users/hls/28743/video_5de3954e0895a499415686/vid5de3ae5f8a778071038059.mp4/ 402 KB
403 KB 78ms
78ms XHR
video/mp2t 2600:9000:2017:6000:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn20/video/users/hls/28743/video_5de3954e0895a499415686/vid5de3ae5f8a778071038059.mp4/w_480_00001.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2017:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7a5ff12c70fd920319f9ee82422cfe5b2fea03522987fb06ba6485d1aeb7e021

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 08:09:10 GMT
via: 1.1 f693e744372b77a139d6ae7a83a1b4ce.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 01:07:00 GMT
server: nginx
age: 365198
etag: "5f5d70b4-6478c"
x-cache: Hit from cloudfront
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-pop: OTP50-C1
accept-ranges: bytes
content-length: 411532
x-amz-cf-id: vEhYWPoyEtM4Y9E4IbeRBja9Hk0gXsbM9fRrJsPw_wWR751mYk4KDQ==
expires: Sun, 04 Jul 2021 08:09:10 GMT

GET
H2 200 userconnect.js Show response
js.adscale.de/ Frame A104 14 KB
5 KB 30ms
30ms Script
application/javascript 2600:9000:20fc:5200:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/userconnect.js
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20fc:5200:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Referer: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: qk2YZDtBUeUOoSq4Qhy4ZfQ7Zg9BAnLT
content-encoding: br
last-modified: Wed, 02 Jun 2021 04:52:00 GMT
server: AmazonS3
age: 2604
etag: W/"98f37b242862929d9aef4bde91abc8ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ddf05588239a53ffcc4f78bf3b76aac4.cloudfront.net (CloudFront)
cache-control: max-age=7200
date: Thu, 01 Jul 2021 12:52:25 GMT
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: 9L7m9nsveDJkquy_QZim1zYbPhiWO_Z-6zAJZMCO6Usf-RbVxYr0Tg==

GET
H/1.1 200
OK csync
sync.console.adtarget.com.tr/ Frame A104 86 B
559 B 702ms
404ms Image
image/gif 62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=c0b54bd5ca98460b908597335ccdb9cf
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://js.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 01 Jul 2021 13:35:47 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

GET
H2 200 userconnect Show response
ih.adscale.de/ Frame A104 149 B
224 B 32ms
32ms Script
application/javascript 52.58.198.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1625146548114&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.198.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-198-108.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Referer: https://js.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:48 GMT
content-length: 149
content-type: application/javascript

GET
H2 200 map Show response
ih.adscale.de/ Frame 3319 3 KB
3 KB 34ms
34ms Document
text/html 52.58.198.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.198.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-198-108.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 401b17cae2d00c7029d9978f3b5ed1f05eb7f37ae9366eed097488f7cc9ee4bf

Request headers

:method: GET
:authority: ih.adscale.de
:scheme: https
:path: /map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.adscale.de/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uu=c0b54bd5ca98460b908597335ccdb9cf; cct=1625146547971
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.adscale.de/

Response headers

date: Thu, 01 Jul 2021 13:35:48 GMT
content-type: text/html;charset=ISO-8859-1
content-length: 2702
set-cookie: tu=4#1581295969#48~~451429~451429~1#101~~451429~451429~1#39~~451429~451429~1#40~~451429~451429~1#42~~451429~451429~1#75~~451429~451429~1#108~~451429~451429~1#63~~451429~451429~1; Max-Age=31336000; Domain=ih.adscale.de; Path=/; Secure; SameSite=None cct=1625146548173; Max-Age=31336000; Domain=.adscale.de; Path=/; Secure; SameSite=None

GET
H2 200 w_480_00002.ts Show response
video.primis.tech/uploads/cn20/video/users/hls/28743/video_5de3954e0895a499415686/vid5de3ae5f8a778071038059.mp4/ 458 KB
459 KB 44ms
44ms XHR
video/mp2t 2600:9000:2017:6000:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn20/video/users/hls/28743/video_5de3954e0895a499415686/vid5de3ae5f8a778071038059.mp4/w_480_00002.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2017:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: eaf4befec5d8dce45863e237686e817463f1b97895e97aa0326986ad1d9ea217

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 08:09:10 GMT
via: 1.1 f693e744372b77a139d6ae7a83a1b4ce.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 01:07:00 GMT
server: nginx
age: 365198
etag: "5f5d70b4-72844"
x-cache: Hit from cloudfront
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-pop: OTP50-C1
accept-ranges: bytes
content-length: 469060
x-amz-cf-id: yXQUsl6DNAfQ2lQptKz386T8xBeR_WTo_xvcrbskNhdrl7maWtOF6Q==
expires: Sun, 04 Jul 2021 08:09:10 GMT

GET
H2 200 match.js Show response
js.adscale.de/ Frame 3319 4 KB
2 KB 30ms
30ms Script
application/javascript 2600:9000:20fc:5200:f:4f64:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adscale.de/match.js
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20fc:5200:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Hy7stwDKjWSCFshbRJl9T4nANPe7.cNc
content-encoding: br
last-modified: Wed, 02 Jun 2021 04:52:00 GMT
server: AmazonS3
age: 2511
etag: W/"b75124846aec28a28b7a3441813682d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 ddf05588239a53ffcc4f78bf3b76aac4.cloudfront.net (CloudFront)
cache-control: max-age=7200
date: Thu, 01 Jul 2021 12:53:58 GMT
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: xWhthZZwcwVD25FYazKSHRSzk6swqJ0jaFbq0V0L0SO6pCQgN_7fNA==

GET
H2

200

img
ih.adscale.de/sium/0859cc2e01fa48f4964fc01047bdbe36/1625146548173/0/ Frame 3319
Redirect Chain

https://bbnaut.ibillboard.com/match/AdScale?partneruid=c0b54bd5ca98460b908597335ccdb9cf&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0859cc2e01fa48f4964fc01047bdbe36%2F1625146548173%2F0%2Fimg%3Ftpid%...
https://ih.adscale.de/sium/0859cc2e01fa48f4964fc01047bdbe36/1625146548173/0/img?tpid=101&tpuid=BBID-01-02998605483007482-16328664

49 B
465 B

47ms
47ms

Image
image/gif

52.58.198.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/0859cc2e01fa48f4964fc01047bdbe36/1625146548173/0/img?tpid=101&tpuid=BBID-01-02998605483007482-16328664
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.198.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-198-108.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:48 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Date: Thu, 01 Jul 2021 13:35:48 GMT
Server: nginx
Transfer-Encoding: chunked
p3p: CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location: https://ih.adscale.de/sium/0859cc2e01fa48f4964fc01047bdbe36/1625146548173/0/img?tpid=101&tpuid=BBID-01-02998605483007482-16328664
Cache-Control: private, max-age=3600
Access-Control-Allow-Credentials: true
Connection: close

GET
H2 200 w_480_00003.ts Show response
video.primis.tech/uploads/cn20/video/users/hls/28743/video_5de3954e0895a499415686/vid5de3ae5f8a778071038059.mp4/ 477 KB
478 KB 45ms
45ms XHR
video/mp2t 2600:9000:2017:6000:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn20/video/users/hls/28743/video_5de3954e0895a499415686/vid5de3ae5f8a778071038059.mp4/w_480_00003.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2017:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f5ed7e038b476b565a14d9dd75110039cc26920c393044f70f79c2f3f2e4e64b

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 08:09:11 GMT
via: 1.1 f693e744372b77a139d6ae7a83a1b4ce.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 01:07:00 GMT
server: nginx
age: 365197
etag: "5f5d70b4-77270"
x-cache: Hit from cloudfront
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-pop: OTP50-C1
accept-ranges: bytes
content-length: 488048
x-amz-cf-id: DmP_J2jpjxV83E_Rv89U5o7aBeuqtEs4i26YE-ZzaRRCQdMMDEPnRA==
expires: Sun, 04 Jul 2021 08:09:11 GMT

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 3319
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=5f23cf9ef1bcd6e2410f793...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=3f5b60dd-c4b4-4a00-926c-197e740d6ff5&gdpr=0&gdpr_consent=

49 B
560 B

42ms
41ms

Image
image/gif

52.58.198.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=3f5b60dd-c4b4-4a00-926c-197e740d6ff5&gdpr=0&gdpr_consent=
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.198.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-198-108.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:48 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Date: Thu, 01 Jul 2021 13:35:12 GMT
Server: MT3 3799 851f7e8 master cdg-pixel-x31
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=3f5b60dd-c4b4-4a00-926c-197e740d6ff5&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 01 Jul 2021 13:35:11 GMT

GET
H3-29 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame DCE5 0
23 B 22ms
19ms XHR
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F21734706084%2FLowSPprerollsdk&description_url=http%3A%2F%2Fbrightsidebeauty.com%2F&env=vp&correlator=239689038046671&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1&unviewed_position_start=1&sdkv=h.3.469.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&addtl_consent=1~&sdki=44d&adk=607520389&sdk_apis=2%2C8&sid=5F494E3B-4252-4B0C-8F28-3F7343D4F799&eid=21064201&url=http%3A%2F%2Fbrightsidebeauty.com%2F&ref=http%3A%2F%2Fbrightsidebeauty.com%2F&dlt=1625146547180&idt=841&dt=1625146548374&scor=1070189874152561&ged=ve4_td1_tt0_pd1_la1000_er215.-2785.368.-2485_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.469.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:48 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: http://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 w_480_00004.ts Show response
video.primis.tech/uploads/cn20/video/users/hls/28743/video_5de3954e0895a499415686/vid5de3ae5f8a778071038059.mp4/ 473 KB
473 KB 47ms
47ms XHR
video/mp2t 2600:9000:2017:6000:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn20/video/users/hls/28743/video_5de3954e0895a499415686/vid5de3ae5f8a778071038059.mp4/w_480_00004.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2017:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: badd9b8b9362b15193d7d6309539a289021740c9d40bbfd6536351d0cc659996

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 08:09:11 GMT
via: 1.1 f693e744372b77a139d6ae7a83a1b4ce.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 01:07:00 GMT
server: nginx
age: 365197
etag: "5f5d70b4-76248"
x-cache: Hit from cloudfront
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-pop: OTP50-C1
accept-ranges: bytes
content-length: 483912
x-amz-cf-id: 6ypOxQMsrpy0P321RY8TbdZtNUsondq7dBEe0apP9Tx7tthazoW6Kg==
expires: Sun, 04 Jul 2021 08:09:11 GMT

GET
H2 200 w_480_00005.ts Show response
video.primis.tech/uploads/cn20/video/users/hls/28743/video_5de3954e0895a499415686/vid5de3ae5f8a778071038059.mp4/ 470 KB
471 KB 44ms
44ms XHR
video/mp2t 2600:9000:2017:6000:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn20/video/users/hls/28743/video_5de3954e0895a499415686/vid5de3ae5f8a778071038059.mp4/w_480_00005.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2017:6000:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b28bb2610f920f09b3de423d22529b70f522c5af95296f96746b31d1b2dec18e

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 27 Jun 2021 08:09:12 GMT
via: 1.1 f693e744372b77a139d6ae7a83a1b4ce.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 01:07:00 GMT
server: nginx
age: 365196
etag: "5f5d70b4-75688"
x-cache: Hit from cloudfront
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-pop: OTP50-C1
accept-ranges: bytes
content-length: 480904
x-amz-cf-id: 38QgeFKvwk06bERiBLimOLL0JArDI-y4cYirSA0tH0llnVwxAPpHlw==
expires: Sun, 04 Jul 2021 08:09:12 GMT

GET
H2

200

img
ih.adscale.de/sium/0859cc2e01fa48f4964fc01047bdbe36/1625146548173/0/ Frame 3319
Redirect Chain

https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F0859cc2e01fa48f4964fc01047bdbe36%2F1625146548173%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
https://ih.adscale.de/sium/0859cc2e01fa48f4964fc01047bdbe36/1625146548173/0/img?tpid=75&tpuid=8943078721656408612&gdpr=0

49 B
570 B

34ms
34ms

Image
image/gif

52.58.198.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/0859cc2e01fa48f4964fc01047bdbe36/1625146548173/0/img?tpid=75&tpuid=8943078721656408612&gdpr=0
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.198.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-198-108.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:48 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 01 Jul 2021 13:35:48 GMT
X-Proxy-Origin: 217.138.199.28; 217.138.199.28; 819.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6ad81581-4aea-497e-a083-c230f9d4121b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ih.adscale.de/sium/0859cc2e01fa48f4964fc01047bdbe36/1625146548173/0/img?tpid=75&tpuid=8943078721656408612&gdpr=0
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 3319
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=c0f492666c965e085b89056a2...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YN3Es0q.pve9BaHfEUvzxAAA%261160

49 B
588 B

34ms
34ms

Image
image/gif

52.58.198.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YN3Es0q.pve9BaHfEUvzxAAA%261160
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.198.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-198-108.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:48 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 01 Jul 2021 13:35:48 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YN3Es0q.pve9BaHfEUvzxAAA%261160
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 310
Expires: Thu, 01 Jul 2021 13:35:48 GMT

GET
H2

200

img
ih.adscale.de/sium/0859cc2e01fa48f4964fc01047bdbe36/1625146548173/0/ Frame 3319
Redirect Chain

https://track.adform.net/serving/cookie/match/?party=9&uid=b2935625a8e875f8088e2dbfce18361ae97c3d2af73e406870ebd57bcc88f970&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0859cc2e01fa48f4964fc0...
https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=b2935625a8e875f8088e2dbfce18361ae97c3d2af73e406870ebd57bcc88f970&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0859cc2e01fa48f49...
https://ih.adscale.de/sium/0859cc2e01fa48f4964fc01047bdbe36/1625146548173/0/img?tpid=42&gdpr=0&tpuid=7949445556896655890

49 B
599 B

34ms
34ms

Image
image/gif

52.58.198.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/0859cc2e01fa48f4964fc01047bdbe36/1625146548173/0/img?tpid=42&gdpr=0&tpuid=7949445556896655890
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.198.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-198-108.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:49 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 01 Jul 2021 13:35:49 GMT
server: nginx
location: https://ih.adscale.de/sium/0859cc2e01fa48f4964fc01047bdbe36/1625146548173/0/img?tpid=42&gdpr=0&tpuid=7949445556896655890
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 3319
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=a5ec5046-dc3b-47d6-b45b-d43765afc9a0

49 B
549 B

33ms
33ms

Image
image/gif

52.58.198.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=a5ec5046-dc3b-47d6-b45b-d43765afc9a0
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.198.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-198-108.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:49 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=a5ec5046-dc3b-47d6-b45b-d43765afc9a0
cache-control: no-cache
date: Thu, 01 Jul 2021 13:35:48 GMT
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2144
content-type: text/html; charset=utf-8
content-length: 237
expires: Thu, 01 Jul 2021 00:00:00 GMT

GET
H2

200

img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame 3319
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=d586207633e17c92c8ba3193...
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=e41860dd-c4b5-4600-a0fc-4b57437d8163&gdpr=0&gdpr_consent=

49 B
644 B

52ms
51ms

Image
image/gif

52.58.198.108
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=e41860dd-c4b5-4600-a0fc-4b57437d8163&gdpr=0&gdpr_consent=
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.198.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-198-108.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:49 GMT
p3p: CP=NOI PSA OUR
content-length: 49
content-type: image/gif

Redirect headers

Date: Thu, 01 Jul 2021 13:35:13 GMT
Server: MT3 3799 851f7e8 master cdg-pixel-x29
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=e41860dd-c4b5-4600-a0fc-4b57437d8163&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 01 Jul 2021 13:35:12 GMT

GET
H2

200

js Show response
ih.adscale.de/sium/0859cc2e01fa48f4964fc01047bdbe36/1625146548173/0/ Frame 3319
Redirect Chain

https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=5c55ca2500a0991daf0d0e6cf729c8a11ec2c3edd40e8c7820f29212e385b9b2&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0859cc2e01fa48...
https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=5c55ca2500a0991daf0d0e6cf729c8a11ec2c3edd40e8c7820f29212e385b9b2&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0859cc2e01fa48...
https://ih.adscale.de/sium/0859cc2e01fa48f4964fc01047bdbe36/1625146548173/0/js?tpid=48&tpuid=733ba7ea69c5f9579183ef650c014896

44 B
590 B

34ms
33ms

Script
text/javascript

52.58.198.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/sium/0859cc2e01fa48f4964fc01047bdbe36/1625146548173/0/js?tpid=48&tpuid=733ba7ea69c5f9579183ef650c014896
Requested by: Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.198.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-198-108.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 37b878697a297c54454ee5157913188223c0de9f1395e072d6d218e5e47f09d3

Request headers

Referer: https://ih.adscale.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:49 GMT
p3p: CP=NOI PSA OUR
content-length: 44
content-type: text/javascript

Redirect headers

Date: Thu, 01 Jul 2021 13:35:49 GMT
Server: nginx
Vary: Accept
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://ih.adscale.de/sium/0859cc2e01fa48f4964fc01047bdbe36/1625146548173/0/js?tpid=48&tpuid=733ba7ea69c5f9579183ef650c014896
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 147

GET
H2 200 liveView.php
live.primis.tech/live/ 0
226 B 41ms
41ms Image
text/html 194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=36&serverTime=1625146547&vid_playerVer=3.1.0&s=103592&sta=0&x=690&y=390&vid_passDomain=brightsidebeauty.com&subId=undefined_brightsidebeauty.com&debugInformation=&isApp=0&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=60ddc4b31d58b&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=CPIqa8APIqa8AAfYeBENBgCgAAAAAAAAAAigAAAAAAAA&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1625146549626&uid=SekindoSPlayer60ddc4b342254&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&floatStatus=false
Requested by: Host: brightsidebeauty.com
URL: http://brightsidebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 13:35:49 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

POST
H2 200 sium Show response
ih.adscale.de/ Frame 3319 0
190 B 33ms
33ms XHR
application/json 52.58.198.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ih.adscale.de/sium
Requested by: Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.198.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-198-108.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ih.adscale.de
date: Thu, 01 Jul 2021 13:35:49 GMT
access-control-allow-credentials: true
access-control-allow-headers: x-openrtb-version
content-length: 0
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 0
223 B 106ms
39ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=109
Requested by: Host: fdyn.pubwise.io
URL: http://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 01 Jul 2021 13:35:50 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: http://brightsidebeauty.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET rid
match.adsrvr.org/track/ 0
0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 42FD 52 KB
17 KB 57ms
55ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: fdyn.pubwise.io
URL: http://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://brightsidebeauty.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://brightsidebeauty.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 02 Jul 2021 13:35:52 GMT
Date: Thu, 01 Jul 2021 13:35:50 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame D9F7 0
0 414ms
137ms Document
text/plain 67.202.110.21
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dgJ9Gw4ler6OoEaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: fdyn.pubwise.io
URL: http://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.110.21 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip21.67-202-110.static.steadfastdns.net
Software: 33XP004 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&ru=deb&id=dgJ9Gw4ler6OoEaKkv7mNO&gdpr_consent=undefined&us_privacy=undefined
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://brightsidebeauty.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://brightsidebeauty.com/

Response headers

x-33x-status: 2000208
server: 33XP004
date: Thu, 01 Jul 2021 13:35:50 GMT

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D72ce48ca-13f3-4c47-8c15-dd1ae63523d1%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D72ce48ca-13f3-4c47-8c15-dd1ae63523d1%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
https://prebid.a-mo.net/setuid?A=72ce48ca-13f3-4c47-8c15-dd1ae63523d1&D=&bidder=pubmatic&uid=0E9DD495-2110-4675-9123-1007426CB04B

0
120 B

122ms
122ms

Image
text/plain

136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=72ce48ca-13f3-4c47-8c15-dd1ae63523d1&D=&bidder=pubmatic&uid=0E9DD495-2110-4675-9123-1007426CB04B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:50 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 3
server: envoy

Redirect headers

location: https://prebid.a-mo.net/setuid?A=72ce48ca-13f3-4c47-8c15-dd1ae63523d1&D=&bidder=pubmatic&uid=0E9DD495-2110-4675-9123-1007426CB04B
date: Thu, 01 Jul 2021 13:35:51 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

204

verizon_video
prebid.a-mo.net/setuid/
Redirect Chain

https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=72ce48ca-13f3-4c47-8c15-dd1ae63523d1
https://pixel.advertising.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=72ce48ca-13f3-4c47-8c15-dd1ae63523d1&verify=true
https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=72ce48ca-13f3-4c47-8c15-dd1ae63523d1&apid=UP4047d0df-da71-11eb-913c-061b755ca63a
https://ups.analytics.yahoo.com/ups/58474/sync?redir=true&gdpr=0&gdpr_consent=&uid=72ce48ca-13f3-4c47-8c15-dd1ae63523d1&apid=UP4047d0df-da71-11eb-913c-061b755ca63a&verify=true
https://prebid.a-mo.net/setuid/verizon_video?uid=UP4047d0df-da71-11eb-913c-061b755ca63a&gdpr=0&gdpr_consent=

0
126 B

121ms
120ms

Image
text/plain

136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/verizon_video?uid=UP4047d0df-da71-11eb-913c-061b755ca63a&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:50 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy

Redirect headers

Date: Thu, 01 Jul 2021 13:35:51 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://prebid.a-mo.net/setuid/verizon_video?uid=UP4047d0df-da71-11eb-913c-061b755ca63a&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D72ce48ca-13f3-4c47-8c15-dd1ae63523d1%26D%3D%26bidder%3Dindex_rtb%26uid%3D
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D72ce48ca-13f3-4c47-8c15-dd1ae63523d1%26D%3D%26bidder%3Dindex_rtb%26uid%3D&s=191503&C=1
https://prebid.a-mo.net/setuid?A=72ce48ca-13f3-4c47-8c15-dd1ae63523d1&D=&bidder=index_rtb&uid=YN3EtvhbvXS5ZdksAlOZVQAA%261112

0
115 B

121ms
121ms

Image
text/plain

136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=72ce48ca-13f3-4c47-8c15-dd1ae63523d1&D=&bidder=index_rtb&uid=YN3EtvhbvXS5ZdksAlOZVQAA%261112
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:50 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy

Redirect headers

Pragma: no-cache
Date: Thu, 01 Jul 2021 13:35:50 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://prebid.a-mo.net/setuid?A=72ce48ca-13f3-4c47-8c15-dd1ae63523d1&D=&bidder=index_rtb&uid=YN3EtvhbvXS5ZdksAlOZVQAA%261112
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 321
Expires: Thu, 01 Jul 2021 13:35:50 GMT

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D72ce48ca-13f3-4c47-8c15-dd1ae63523d1%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D72ce48ca-13f3-4c47-8c15-dd1ae63523d1%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID
https://prebid.a-mo.net/setuid?A=72ce48ca-13f3-4c47-8c15-dd1ae63523d1&D=&bidder=appnexus&uid=6597383816566709910

0
141 B

121ms
121ms

Image
text/plain

136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=72ce48ca-13f3-4c47-8c15-dd1ae63523d1&D=&bidder=appnexus&uid=6597383816566709910
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:50 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy

Redirect headers

Pragma: no-cache
Date: Thu, 01 Jul 2021 13:35:50 GMT
X-Proxy-Origin: 217.138.199.28; 217.138.199.28; 623.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 26941124-15d5-4e5d-97b1-fb99a2e59e98
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid.a-mo.net/setuid?A=72ce48ca-13f3-4c47-8c15-dd1ae63523d1&D=&bidder=appnexus&uid=6597383816566709910
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

setuid
prebid.a-mo.net/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D72ce48ca-13f3-4c47-8c15-dd1ae63523d1%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D72ce48ca-13f3-4c47-8c15-dd1ae63523d1%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://prebid.a-mo.net/setuid?A=72ce48ca-13f3-4c47-8c15-dd1ae63523d1&D=&bidder=sovrn&uid=149bf59c618de0e2f0fe95ff

0
141 B

123ms
123ms

Image
text/plain

136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid?A=72ce48ca-13f3-4c47-8c15-dd1ae63523d1&D=&bidder=sovrn&uid=149bf59c618de0e2f0fe95ff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:51 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 3
server: envoy

Redirect headers

Date: Thu, 01 Jul 2021 13:35:51 GMT
Server: nginx
Location: https://prebid.a-mo.net/setuid?A=72ce48ca-13f3-4c47-8c15-dd1ae63523d1&D=&bidder=sovrn&uid=149bf59c618de0e2f0fe95ff
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2 200 liveView.php
live.primis.tech/live/ 0
226 B 40ms
39ms Image
text/html 194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=42&serverTime=1625146547&vid_playerVer=3.1.0&s=103592&sta=0&x=690&y=390&vid_passDomain=brightsidebeauty.com&subId=undefined_brightsidebeauty.com&debugInformation=&isApp=0&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=60ddc4b31d58b&contentFileId=0&mediaPlayListId=0&mediaListId=0&dur=500&gdpr=1&gdprConsent=CPIqa8APIqa8AAfYeBENBgCgAAAAAAAAAAigAAAAAAAA&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1625146552627&uid=SekindoSPlayer60ddc4b342254&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&floatStatus=false
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 13:35:52 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK bridge3.469.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 180B 576 KB
189 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.469.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f773aae9bd3478ff9083be452a9894e124e54b1138a3d6d691976b759e4cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: imasdk.googleapis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://brightsidebeauty.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://brightsidebeauty.com/

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 193037
Date: Thu, 01 Jul 2021 09:48:27 GMT
Expires: Fri, 01 Jul 2022 09:48:27 GMT
Last-Modified: Thu, 24 Jun 2021 19:54:07 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 13648

GET
H2 200 liveView.php
live.primis.tech/live/ 0
226 B 42ms
41ms Image
text/html 194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=49&serverTime=1625146547&vid_playerVer=3.1.0&s=103592&sta=0&x=690&y=390&vid_passDomain=brightsidebeauty.com&subId=undefined_brightsidebeauty.com&debugInformation=&isApp=0&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=60ddc4b31d58b&vImpOpportunityMultiplier=1&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=CPIqa8APIqa8AAfYeBENBgCgAAAAAAAAAAigAAAAAAAA&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1625146555437&uid=SekindoSPlayer60ddc4b342254&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&floatStatus=false
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 13:35:55 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H2 200 liveView.php
live.primis.tech/live/ 43 B
298 B 43ms
42ms Image
image/gif 194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=6&serverTime=1625146547&vid_playerVer=3.1.0&s=58057&sta=11403434&x=339&y=191&msta=14209149&vid_vastType=3&vid_viewabilityState=1&vid_passDomain=brightsidebeauty.com&subId=brightsidebeauty.com&debugInformation=&isApp=0&vid_ati=LowSPprerollsdk&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=60ddc4b31d58b&rvn=1850&attemptMultiplier=10&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=CPIqa8APIqa8AAfYeBENBgCgAAAAAAAAAAigAAAAAAAA&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1625146555443&uid=SekindoSPlayer60ddc4b342254&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&floatStatus=false
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 13:35:55 GMT
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: max-age=315360000
content-disposition: inline; filename="pixel.gif"
content-type: image/gif
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A826 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 01 Jul 2021 14:11:49 GMT

GET
H3-29 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 180B 0
23 B 20ms
20ms XHR
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F21734706084%2FLowSPprerollsdk&description_url=http%3A%2F%2Fbrightsidebeauty.com%2F&env=vp&correlator=1686922677545322&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1&unviewed_position_start=1&sdkv=h.3.469.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&addtl_consent=1~&sdki=44d&adk=607520389&sdk_apis=2%2C8&sid=5F494E3B-4252-4B0C-8F28-3F7343D4F799&eid=21064201&url=http%3A%2F%2Fbrightsidebeauty.com%2F&ref=http%3A%2F%2Fbrightsidebeauty.com%2F&dlt=1625146547180&idt=8305&dt=1625146555949&scor=1213352117075972&ged=ve4_td9_tt8_pd9_la9000_er215.-2785.368.-2485_vi0.0.1200.1600_vp0_ts8_eb16491

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.469.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:55 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: http://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 liveView.php
live.primis.tech/live/ 0
226 B 45ms
44ms Image
text/html 194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=25&serverTime=1625146547&vid_playerVer=3.1.0&s=103592&sta=0&x=690&y=390&vid_passDomain=brightsidebeauty.com&subId=undefined_brightsidebeauty.com&debugInformation=&isApp=0&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=60ddc4b31d58b&contentFileId=0&mediaPlayListId=0&mediaListId=0&dur=1000&gdpr=1&gdprConsent=CPIqa8APIqa8AAfYeBENBgCgAAAAAAAAAAigAAAAAAAA&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1625146557569&uid=SekindoSPlayer60ddc4b342254&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&floatStatus=false
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 13:35:57 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H2 200 liveView.php
live.primis.tech/live/ 0
226 B 42ms
41ms Image
text/html 194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=42&serverTime=1625146547&vid_playerVer=3.1.0&s=103592&sta=0&x=690&y=390&vid_passDomain=brightsidebeauty.com&subId=undefined_brightsidebeauty.com&debugInformation=&isApp=0&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=60ddc4b31d58b&contentFileId=0&mediaPlayListId=0&mediaListId=0&dur=500&gdpr=1&gdprConsent=CPIqa8APIqa8AAfYeBENBgCgAAAAAAAAAAigAAAAAAAA&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1625146557630&uid=SekindoSPlayer60ddc4b342254&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&floatStatus=false
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 13:35:56 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK bridge3.469.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D8EE 576 KB
189 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.469.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f773aae9bd3478ff9083be452a9894e124e54b1138a3d6d691976b759e4cbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: imasdk.googleapis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://brightsidebeauty.com/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://brightsidebeauty.com/

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 193037
Date: Thu, 01 Jul 2021 09:48:27 GMT
Expires: Fri, 01 Jul 2022 09:48:27 GMT
Last-Modified: Thu, 24 Jun 2021 19:54:07 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 13650

GET
H2 200 liveView.php
live.primis.tech/live/ 0
226 B 41ms
40ms Image
text/html 194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=49&serverTime=1625146547&vid_playerVer=3.1.0&s=103592&sta=0&x=690&y=390&vid_passDomain=brightsidebeauty.com&subId=undefined_brightsidebeauty.com&debugInformation=&isApp=0&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=60ddc4b31d58b&vImpOpportunityMultiplier=1&contentFileId=0&mediaPlayListId=0&mediaListId=0&gdpr=1&gdprConsent=CPIqa8APIqa8AAfYeBENBgCgAAAAAAAAAAigAAAAAAAA&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1625146557650&uid=SekindoSPlayer60ddc4b342254&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&floatStatus=false
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 13:35:57 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1D02 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:11:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 01 Jul 2021 14:11:49 GMT

GET
H3-29 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame D8EE 0
23 B 18ms
18ms XHR
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F21734706084%2FLowSPprerollsdk&description_url=http%3A%2F%2Fbrightsidebeauty.com%2F&env=vp&correlator=891855697597502&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1&unviewed_position_start=1&sdkv=h.3.469.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&addtl_consent=1~&sdki=44d&adk=607520389&sdk_apis=2%2C8&sid=5F494E3B-4252-4B0C-8F28-3F7343D4F799&eid=21064201&url=http%3A%2F%2Fbrightsidebeauty.com%2F&ref=http%3A%2F%2Fbrightsidebeauty.com%2F&dlt=1625146547180&idt=10536&dt=1625146558162&scor=1184446543325110&ged=ve4_td11_tt10_pd11_la11000_er215.-2785.368.-2485_vi0.0.1200.1600_vp0_ts2_eb16491

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/core/bridge3.469.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 13:35:58 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: http://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 liveView.php
live.primis.tech/live/ 0
226 B 41ms
40ms Image
text/html 194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=16&serverTime=1625146547&vid_playerVer=3.1.0&s=0&sta=14209149&x=339&y=191&vid_passDomain=brightsidebeauty.com&subId=undefined_brightsidebeauty.com&debugInformation=&isApp=0&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=60ddc4b31d58b&contentFileId=590395&mediaPlayListId=7736&mediaListId=6332&contentMatchType=&isExcludeFromOpt=0&gdpr=1&gdprConsent=CPIqa8APIqa8AAfYeBENBgCgAAAAAAAAAAigAAAAAAAA&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1625146558190&uid=SekindoSPlayer60ddc4b342254&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&floatStatus=false
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 13:35:58 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H2 200 liveView.php
live.primis.tech/live/ 0
226 B 40ms
39ms Image
text/html 194.146.38.205
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?njs=1&ito=1&vid_event=42&serverTime=1625146547&vid_playerVer=3.1.0&s=103592&sta=0&x=690&y=390&vid_passDomain=brightsidebeauty.com&subId=undefined_brightsidebeauty.com&debugInformation=&isApp=0&userIpAddr=217.138.199.28&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=60ddc4b31d58b&contentFileId=0&mediaPlayListId=0&mediaListId=0&dur=500&gdpr=1&gdprConsent=CPIqa8APIqa8AAfYeBENBgCgAAAAAAAAAAigAAAAAAAA&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1625146562627&uid=SekindoSPlayer60ddc4b342254&pubUrl=http%3A%2F%2Fbrightsidebeauty.com%2F&floatStatus=false
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 194.146.38.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Jul 2021 13:36:02 GMT
content-encoding: gzip
server: nginx
age: 0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
cache-control: no-store
content-type: text/html; charset=UTF-8

GET
H2 200 w_480_00006.ts
video.primis.tech/uploads/cn20/video/users/hls/28743/video_5de3954e0895a499415686/vid5de3ae5f8a778071038059.mp4/ 462 KB
462 KB 43ms
11ms XHR
video/mp2t 2600:9000:2057:a600:1:6448:6d00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn20/video/users/hls/28743/video_5de3954e0895a499415686/vid5de3ae5f8a778071038059.mp4/w_480_00006.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:a600:1:6448:6d00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: http://brightsidebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 00:48:58 GMT
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
last-modified: Sun, 13 Sep 2020 01:07:00 GMT
server: nginx
age: 218826
etag: "5f5d70b4-73638"
x-cache: Hit from cloudfront
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=604800
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 472632
x-amz-cf-id: m3U8aaBm2H1b4jHhKduNACkQcsIP9Wjftik4nlOSgIs3fmeHda26Iw==
expires: Tue, 06 Jul 2021 00:48:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: match.adsrvr.org
URL: http://match.adsrvr.org/track/rid?ttd_pid=z9q9llu&fmt=json

Verdicts & Comments Add Verdict or Comment

217 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ih.adscale.de/	1970-01-20 04:08:02	Name: tu Value: 4#2442678899#48~733ba7ea69c5f9579183ef650c014896~451429~0~0#101~BBID-01-02998605483007482-16328664~451429~0~0#39~e41860dd-c4b5-4600-a0fc-4b57437d8163~451429~0~0#40~a5ec5046-dc3b-47d6-b45b-d43765afc9a0~451429~0~0#42~7949445556896655890~451429~0~0#75~8943078721656408612~451429~0~0#108~3f5b60dd-c4b4-4a00-926c-197e740d6ff5~451429~0~0#63~YN3Es0q.pve9BaHfEUvzxAAA&1160~451429~0~0
.adscale.de/	1970-01-20 04:08:02	Name: cct Value: 1625146549333
.adscale.de/	1970-01-20 04:08:02	Name: uu Value: c0b54bd5ca98460b908597335ccdb9cf

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pre_pws.js?type=default(Line 17) Message: PubWise Pre Load Complete Rev XV520210128
console-api	warning	URL: http://api.adinplay.com/libs/aiptag/pub/ICW/brightsidebeauty.com/tag.min.js(Line 4) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	URL: http://api.adinplay.com/libs/aiptag/pub/ICW/brightsidebeauty.com/tag.min.js(Line 92) Message: %c %c %c AdinPlay v2.0 ✰ ICW ✰ v4.27.0 %c %c ads by http://www.adinplay.com/ %c %c %c%c background: #9C0013; padding:5px 0; background: #9C0013; padding:5px 0; color: #FFFFFF; background: #030307; padding:5px 0; background: #9C0013; padding:5px 0; color: #FFFFFF;background: #DB0028; padding:5px 0; background: #9C0013; padding:5px 0; color: #ff2424; background: #fff; padding:5px 0; color: #ff2424; background: #fff; padding:5px 0; color: #ff2424; background: #fff; padding:5px 0;
console-api	log	URL: http://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default(Line 504) Message: PBJS Config [object Object]
console-api	log	URL: http://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default(Line 715) Message: PubWise Load Complete Custom::7fa6cd2f-6d9 XV520210128 false
console-api	log	URL: http://brightsidebeauty.com/wp-content/cache/autoptimize/js/autoptimize_87c7befcc180ca6dafab2b976e4262ae.js(Line 8) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	URL: http://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default(Line 249) Message: PW Dyn Unit (min-width:0px)
console-api	log	URL: http://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default(Line 251) Message: PW Dyn Build true
console-api	log	URL: http://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default(Line 283) Message: PW Dyn Build 0,0,320,50,320,100
console-api	log	URL: http://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default(Line 283) Message: PW Dyn Build 768,690,728,90,320,50,320,100
console-api	log	URL: http://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default(Line 287) Message: PW Dyn Build 768,690,728,90,320,50,320,100,0,0,320,50,320,100
console-api	log	URL: http://fdyn.pubwise.io/script/4bd9c890-824a-45e9-8426-2ac566772981/v3/dyn/pws.js?type=default(Line 299) Message: PW Dyn Build [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ads.pubmatic.com
ads.us.e-planning.net
adscale-emea.adnxs.com
ap.lijit.com
api.adinplay.com
api.pubwise.io
api.rlcdn.com
bbnaut.ibillboard.com
bid.pubwise.io
brightsidebeauty.com
c.amazon-adsystem.com
cdn.admatic.com.tr
cdn.consentmanager.mgr.consensu.org
cdn.jsdelivr.net
cm.adform.net
consentmanager.mgr.consensu.org
country.adinplay.workers.dev
creativecdn.com
csync.loopme.me
dis.criteo.com
fdyn.pubwise.io
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
ih.adscale.de
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
js.adscale.de
live.primis.tech
live.sekindo.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
pixel.advertising.com
player.adtelligent.com
prebid.a-mo.net
s.adtelligent.com
s.console.adtarget.com.tr
s0.2mdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.mathtag.com
sync.search.spotxchange.com
t.trafmag.com
track.adform.net
tracking.m6r.eu
u.openx.net
ups.analytics.yahoo.com
video.primis.tech
www.google-analytics.com
www.googletagmanager.com
x.bidswitch.net
match.adsrvr.org
130.211.34.132
136.144.59.88
151.101.14.217
162.55.6.211
174.138.45.75
178.250.2.151
18.156.0.31
18.184.153.186
185.184.8.65
185.29.135.234
185.33.220.145
185.33.221.14
185.33.223.212
185.59.220.198
185.64.189.115
185.64.190.80
185.94.180.125
193.200.65.5
194.146.38.205
2.18.232.130
2.18.233.180
2.18.234.21
213.174.135.1
216.52.2.19
216.58.212.162
2600:9000:2017:6000:1:6448:6d00:93a1
2600:9000:2057:a600:1:6448:6d00:93a1
2600:9000:20fc:5200:f:4f64:8940:93a1
2606:4700:20::681a:f6b
2606:4700:3033::6815:45cd
2a00:1450:4001:802::200a
2a00:1450:4001:803::2002
2a00:1450:4001:808::2006
2a00:1450:4001:809::2003
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:827::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200a
2a02:6ea0:c700::2
2a04:4e42:3::485
2a0c:5c81:5095:0:225:90ff:fefa:245d
2a0c:5c81:5139::2
3.121.79.35
34.107.161.123
34.120.133.55
35.244.159.8
37.157.4.24
46.249.52.249
51.89.9.251
52.58.198.108
52.6.70.212
62.149.0.72
62.209.227.211
65.9.86.127
67.202.110.21
72.251.244.142
87.230.98.74
0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31
02229a4e65127f3fdc47db97b6843a2ac1b41d6839adc2c48bc110959ca46ebc
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
073dd3bd8b87a108b17cb1c285ff1cbb41bd2a99a045e3c7192689bbfc9af4f7
08a7e3d860d7a4c68d0c88c8310abfe7f20280b88af3f6e43aabae88b0c17155
0d9f7b500537c7d2e4a28e5d788176ae6bd8c5e0a03658102f9d22c347be87fc
0df2428b04580eb0f5ee738042cac441c8a0c51ad082c5d61ea01124a2507dcd
0f4b08d07ecca9f8fcaf108ea78bb163fc98cfc19a844bd0f87412ab34a41873
0f773aae9bd3478ff9083be452a9894e124e54b1138a3d6d691976b759e4cbcb
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2aecd59be421da619e015839a203c01027acd34a5241df8aa038d1b061723e34
2bb30c4a2e399d575f904435dd9d64628fbb6bec475c19ace0579100641dfbaf
2c362adf86b7125c26278effe0963c04bf81d56679bd8337adf8f546ede208bc
2d85a758716ea4a19dfabb01353dadcc765816370735c50a3ef822f338a9f368
3473c34e7d938344a8efbc7815d4c1b7b36516d57fca5d3e2098f7cee9034812
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a
36685e9f83d6f850737748bc1504e851aec375b01ce13699364aed8f473a6f81
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37b878697a297c54454ee5157913188223c0de9f1395e072d6d218e5e47f09d3
3a01a5ac95d07b0d52a300388bec82cad77a3100df5c8acfea211c401d3f4dc7
3a152b6793c2cbec00972381fb6797d2e6ee54876a497eb1b130bb2da0a13ecf
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e72f3ed398163c82a841ef868b7409b552cf1d4394ea3ae10f3ed4ac6d086f3
401332272d60ca3c294a022966a96c4d342059269e4590d5967c8f515838e2cf
401b17cae2d00c7029d9978f3b5ed1f05eb7f37ae9366eed097488f7cc9ee4bf
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4e1368931d10fad9661c7a694ac863e6918efc6ce3b18eb068b0116c84a71c64
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5
513c0b0fc04628266e0dcb8ccee70c7b776104ee050bd07984e8535edef2676e
51fe1029e586423b74060396dde6443cf84e3683106d503b97f532386e14075a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
59d0677e98f820e83fe6316ecfd6d5b3dcb00fcb65c5ff7481a643104a913a58
5a4918ffe64106f49bc51cc7105702b64ddeb8a72bd89e5b2d242e7682b7d691
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5e8271129c935c6f4281facb657c5b837b758b0484aaa8446d54fb17a8d336ad
5ea995481d7dfddb5307f94aedabe955e8bdd9ba40b925007532997185cd35c6
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd
6814ef46f686990cf4e946f966167b0507e1d642c44e51f61bffb0bba2d4672b
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6a3a08e8e60a695d82656345a101f730276cf06852de6203ee09e95037cd1254
6ad40318899ca689fb63bf5401ecea97b60cf650cfa82c9be2ea758f1f847c30
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cfff141940ea10296535d0f0c6701060fba67578fde262b0d59354a543af36b
6e5ddcf6cf93482d7bf25de103974b2637c2234396dfe94c240e4ebb3d5521f6
700a2fe79abdb46ed9d18110a2d280fbd8076cdac9efe480b977649618f7393e
70aed74ef0c3fcabe9a3dd672a5b41e56f6eaa4e792ac2eb5e40d555ce7beabd
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
73e80796df0f325249f01776635aecedb926aaa6df8404c66aedb6941f95d918
758ca888b1ed4794a140f0a413969649da28f40751d277ac83891951366eaeea
79c477880c3be27ed502f8465f505068363b8fa24f0ebc9a9f458ee2f789331c
7a5ff12c70fd920319f9ee82422cfe5b2fea03522987fb06ba6485d1aeb7e021
7c09d77efdd7b5859ac698b4e5bc8417e9195dcdb557df71a55487911fdb4754
818a6a4cf24321b300b693b368c3b78e99fb164fdd2f8d1539c2bad6fdd58dc8
860f06b090ed7565eec010272e829843528d905122ccb8d7caaf387ae2c6db49
8611bf540c2466f51cdf38f613dc767cce11e0b22e91da1076ff89f50f3f3c65
8744ea2b9fe0b8b1e3dacf34e65054c41fe0e6756e9065ea82737d0816f4cbfa
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694
9ce173c9855cb218bfdcaa7f18af7127bc5dbaad37a07bf061491680d8282dd1
a02009d2f95d79b62b95c6de12d6614bdb36bffa6d4e756db81ec1c51c5acc34
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a75d75f984af954aa2bd8f23cccb0f390c7ad834917c2c400925a303945935ee
a96cfba8eb874607ff59dad1e8ba2d5a96c4ca01e66d38c1ec4e1c5f43d911e5
afbe1b8d688116934e5be7af31e66ad8ae6cc3e9b31822acc0d85ce8e4dca108
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b28bb2610f920f09b3de423d22529b70f522c5af95296f96746b31d1b2dec18e
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec
badd9b8b9362b15193d7d6309539a289021740c9d40bbfd6536351d0cc659996
bb2188e819d3cb73490b17b16032bf096f9a710e9e3295a89a2657b36b0499af
c993d3d5e3d22558b6085daa94779ff514a7339fe7f7aa44d3bb547f9a3a82de
c9b7bba7cd1d4f90e8741c0faa1980be37d566f49bae17b74149612257a0d915
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2dffba8a31eb663c59a5494783cbf197c182104edc58f0c0a17b7992429d7af
d40bafff0ad5f317a3124313e6d8ea0bde09c3988c20a065933758bfe3445ce2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf4befec5d8dce45863e237686e817463f1b97895e97aa0326986ad1d9ea217
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
eee4cf12a666b414c57a7f3ad86679b3f8d3baeb0914c5f2ec68243d9375d881
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2ff0388a2083600b5da4610b87cddbaab2184ed0e296b26bf0637157c950c05
f5ed7e038b476b565a14d9dd75110039cc26920c393044f70f79c2f3f2e4e64b
f72fc9d609ff92d177b9d70dcb44aaeb6077697692b7fb2d84ceebc46303c46d
f7b1c3cac7a9b7775785a27a84cc0ef8679de643e9a60c14dcd8ff5d27504819
f852dfebba4af97add777a1d789b4739164d6cc93aa34db2c463141a5c3f4d09

brightsidebeauty.com Open in urlscan Pro 174.138.45.75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

147 Requests

84 %HTTPS

31 %IPv6

43 Domains

60 Subdomains

44 IPs

8 Countries

5376 kBTransfer

9480 kBSize

3 Cookies

2 Outgoing links

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

brightsidebeauty.com Open in urlscan Pro
174.138.45.75 Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

84 %
HTTPS

31 %
IPv6

43
Domains

60
Subdomains

44
IPs

8
Countries

5376 kB
Transfer

9480 kB
Size

3
Cookies

147 HTTP transactions
0 data transactions