www.cbr.com Open in urlscan Pro
34.201.177.150 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Submission: On July 07 via manual (July 7th 2023, 3:51:36 am UTC) from US — Scanned from DE

Summary HTTP 189 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 77 IPs in 13 countries across 74 domains to perform 189 HTTP transactions. The main IP is 34.201.177.150, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.cbr.com. The Cisco Umbrella rank of the primary domain is 39248.
TLS certificate: Issued by R3 on May 30th 2023. Valid for: 3 months.

This is the only time www.cbr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	34.201.177.150 34.201.177.150	14618 (AMAZON-AES) (AMAZON-AES)
10	2400:52e0:1e0... 2400:52e0:1e00::1081:1	200325 (BUNNYCDN) (BUNNYCDN)
3	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	18.173.187.57 18.173.187.57	16509 (AMAZON-02) (AMAZON-02)
2	143.204.215.114 143.204.215.114	16509 (AMAZON-02) (AMAZON-02)
1	108.138.36.80 108.138.36.80	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3031::ac43:81a1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::681a:274	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:237... 2600:9000:237d:6400:11:b309:9100:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2600:1901:0:4... 2600:1901:0:4277::1	15169 (GOOGLE) (GOOGLE)
4	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	52.222.208.154 52.222.208.154	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	144.76.226.28 144.76.226.28	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	13.32.99.59 13.32.99.59	16509 (AMAZON-02) (AMAZON-02)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:26d... 2600:9000:26da:7400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	2600:9000:237... 2600:9000:237d:8200:5:82fd:2500:21	16509 (AMAZON-02) (AMAZON-02)
18	2600:9000:225... 2600:9000:2251:b000:1a:5235:f980:93a1	16509 (AMAZON-02) (AMAZON-02)
4	23.67.137.210 23.67.137.210	16625 (AKAMAI-AS) (AKAMAI-AS)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
1	172.64.152.222 172.64.152.222	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:35ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.236.169.87 3.236.169.87	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 5	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	52.30.150.15 52.30.150.15	16509 (AMAZON-02) (AMAZON-02)
4 4	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	2600:1901:0:d... 2600:1901:0:d733::1	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
10	185.167.96.10 185.167.96.10	41436 (CLOUDWEBM...) (CLOUDWEBMANAGE-EU)
2 2	54.76.252.247 54.76.252.247	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.137 69.173.144.137	26667 (RUBICONPR...) (RUBICONPROJECT)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.98.16 143.204.98.16	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3037::ac43:c1e6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	13.32.99.23 13.32.99.23	16509 (AMAZON-02) (AMAZON-02)
1	35.244.193.51 35.244.193.51	15169 (GOOGLE) (GOOGLE)
3	162.19.138.116 162.19.138.116	16276 (OVH) (OVH)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2	184.30.16.195 184.30.16.195	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	213.155.156.165 213.155.156.165	1299 (TWELVE99 ...) (TWELVE99 Arelion)
8	198.47.127.205 198.47.127.205	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 5	67.220.224.150 67.220.224.150	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
8	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	52.3.201.139 52.3.201.139	14618 (AMAZON-AES) (AMAZON-AES)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
5 5	54.217.171.212 54.217.171.212	16509 (AMAZON-02) (AMAZON-02)
8 8	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1 1	185.86.138.153 185.86.138.153	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	208.93.169.131 208.93.169.131	46244 (WEBMD-IDC...) (WEBMD-IDC1-AS)
1 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	173.231.181.122 173.231.181.122	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	52.220.229.2 52.220.229.2	16509 (AMAZON-02) (AMAZON-02)
1 1	35.214.138.110 35.214.138.110	15169 (GOOGLE) (GOOGLE)
1	195.5.165.20 195.5.165.20	44968 (IPROM-AS) (IPROM-AS)
1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	141.95.171.139 141.95.171.139	16276 (OVH) (OVH)
2 2	141.94.171.216 141.94.171.216	16276 (OVH) (OVH)
1 2	54.77.229.78 54.77.229.78	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	52.205.237.64 52.205.237.64	14618 (AMAZON-AES) (AMAZON-AES)
3 3	37.157.5.84 37.157.5.84	198622 (ADFORM) (ADFORM)
1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a05:d018:d29... 2a05:d018:d29:3601:3520:f97d:1648:35a1	16509 (AMAZON-02) (AMAZON-02)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
5 5	18.185.50.28 18.185.50.28	16509 (AMAZON-02) (AMAZON-02)
2 2	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1	98.98.134.241 98.98.134.241	21859 (ZEN-ECN) (ZEN-ECN)
1 1	188.166.17.21 188.166.17.21	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1 1	2a04:4e42:200... 2a04:4e42:200::300	54113 (FASTLY) (FASTLY)
1 1	44.235.174.246 44.235.174.246	16509 (AMAZON-02) (AMAZON-02)
1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
189	77

16 34.201.177.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-177-150.compute-1.amazonaws.com

www.cbr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)

static1.cbrimages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.adsninja.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.173.187.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-57.muc50.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-114.fra53.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-80.muc50.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:81a1 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.optmn.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:274 (United States)

ASN13335 (CLOUDFLARENET, US)

tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beacon.tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:6400:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)

d15kdpgjg3unno.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7daf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1901:0:4277::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

aloofvest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)

seg.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 144.76.226.28 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: haproxy05.cl01.het.mrf.io

mbid.marfeelrev.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-59.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26da:7400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:8200:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)

dyv1bugovvq1g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:9000:2251:b000:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)

live.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.67.137.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-67-137-210.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.222 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.236.169.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-236-169-87.compute-1.amazonaws.com

sqs.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.150.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-150-15.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.20 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)

proc.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:d733::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)

scarfsmash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.167.96.10 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)

video.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.252.247 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-252-247.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-16.fra50.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:c1e6 (United States)

ASN13335 (CLOUDFLARENET, US)

images.getadmiral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.23 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-23.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 1 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.165 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.131 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 67.220.224.150 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.201.139 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-201-139.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.217.171.212 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-171-212.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.98 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.153 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.93.169.131 (United States) 1 redirects

ASN46244 (WEBMD-IDC1-AS, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.181.122 (Secaucus, United States)

ASN32475 (SINGLEHOP-LLC, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.220.229.2 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com

cm-supply-web.gammaplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.138.110 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 110.138.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.171.139 (Aubervilliers, France) 1 redirects

ASN16276 (OVH, FR)
PTR: bixel-5.cloudy.ovh

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.94.171.216 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh

pixel-eu.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.77.229.78 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-229-78.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.205.237.64 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-237-64.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.5.84 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:3520:f97d:1648:35a1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.185.50.28 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-50-28.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 31.172.81.160 (Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.166.17.21 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::300 (United States) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.235.174.246 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-174-246.us-west-2.compute.amazonaws.com

www.storygize.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	primis.tech live.primis.tech — Cisco Umbrella Rank: 2822 video.primis.tech — Cisco Umbrella Rank: 6342	3 MB
23	pubmatic.com 1 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 575 ads.pubmatic.com — Cisco Umbrella Rank: 553 image6.pubmatic.com — Cisco Umbrella Rank: 812 image2.pubmatic.com — Cisco Umbrella Rank: 1036 simage2.pubmatic.com — Cisco Umbrella Rank: 797 simage4.pubmatic.com — Cisco Umbrella Rank: 1338	32 KB
16	cbr.com www.cbr.com — Cisco Umbrella Rank: 39248	369 KB
12	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 374 prebid-server.rubiconproject.com — Cisco Umbrella Rank: 999 eus.rubiconproject.com — Cisco Umbrella Rank: 616 token.rubiconproject.com — Cisco Umbrella Rank: 652	14 KB
10	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 stats.g.doubleclick.net — Cisco Umbrella Rank: 130 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	128 KB
10	amazon-adsystem.com 3 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 353 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1025	130 KB
8	cbrimages.com static1.cbrimages.com — Cisco Umbrella Rank: 78387	128 KB
6	aloofvest.com aloofvest.com — Cisco Umbrella Rank: 23923	126 KB
5	bidswitch.net 5 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	2 KB
5	bidr.io 5 redirects match.prod.bidr.io — Cisco Umbrella Rank: 610	3 KB
5	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1002 bcp.crwdcntrl.net — Cisco Umbrella Rank: 959 id.crwdcntrl.net — Cisco Umbrella Rank: 3180 sync.crwdcntrl.net — Cisco Umbrella Rank: 955	13 KB
5	marfeelrev.com mbid.marfeelrev.com — Cisco Umbrella Rank: 20467	5 KB
5	ad.gt a.ad.gt — Cisco Umbrella Rank: 3028 seg.ad.gt — Cisco Umbrella Rank: 9333 id.hadron.ad.gt — Cisco Umbrella Rank: 2437	8 KB
5	privacymanager.io launchpad.privacymanager.io — Cisco Umbrella Rank: 3466 launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 3867 geo.privacymanager.io — Cisco Umbrella Rank: 2056	24 KB
4	audrte.com 3 redirects a.audrte.com — Cisco Umbrella Rank: 2962	3 KB
4	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 257	3 KB
4	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1443	98 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63 region1.google-analytics.com — Cisco Umbrella Rank: 1623	21 KB
3	adform.net 3 redirects dmp.adform.net — Cisco Umbrella Rank: 3542 c1.adform.net — Cisco Umbrella Rank: 633	2 KB
3	weborama.fr 2 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 25056 idsync.frontend.weborama.fr — Cisco Umbrella Rank: 22775	897 B
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 162	3 KB
3	gstatic.com fonts.gstatic.com	82 KB
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 808 id5-sync.com — Cisco Umbrella Rank: 423	26 KB
3	tru.am tru.am — Cisco Umbrella Rank: 4979 beacon.tru.am — Cisco Umbrella Rank: 6362	12 KB
3	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 2361	89 KB
3	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 500 fonts.googleapis.com — Cisco Umbrella Rank: 88	121 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	223 KB
2	bumlam.com 2 redirects sync.bumlam.com — Cisco Umbrella Rank: 3852	1 KB
2	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481 ups.analytics.yahoo.com — Cisco Umbrella Rank: 338	551 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 893 s.tribalfusion.com — Cisco Umbrella Rank: 1946	1 KB
2	onaudience.com 2 redirects pixel-eu.onaudience.com — Cisco Umbrella Rank: 13969	1 KB
2	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 796	770 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 5037	562 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 383	651 B
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 670	746 B
2	dotomi.com proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 4135 pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4489	498 B
2	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1953 lexicon.33across.com — Cisco Umbrella Rank: 1949	4 KB
2	google.de ampcid.google.de — Cisco Umbrella Rank: 52173 www.google.de — Cisco Umbrella Rank: 4752	773 B
2	casalemedia.com 1 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1357	1 KB
2	google.com ampcid.google.com — Cisco Umbrella Rank: 2261 www.google.com — Cisco Umbrella Rank: 10	844 B
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 1037	4 KB
2	cloudfront.net d15kdpgjg3unno.cloudfront.net dyv1bugovvq1g.cloudfront.net	26 KB
2	adsninja.ca cdn.adsninja.ca — Cisco Umbrella Rank: 22758	214 KB
1	mathtag.com sync.mathtag.com — Cisco Umbrella Rank: 577	442 B
1	storygize.net 1 redirects www.storygize.net — Cisco Umbrella Rank: 2622	430 B
1	taboola.com 1 redirects trc.taboola.com — Cisco Umbrella Rank: 634	275 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2864	555 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 756	187 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1067	518 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 981	610 B
1	erne.co 1 redirects green.erne.co — Cisco Umbrella Rank: 18525	412 B
1	ctnsnet.com ipac.ctnsnet.com — Cisco Umbrella Rank: 6589	369 B
1	iprom.net core.iprom.net — Cisco Umbrella Rank: 7105	277 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1061	225 B
1	gammaplatform.com 1 redirects cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3655	640 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1657	283 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 651	706 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 623	790 B
1	opera.com t.adx.opera.com — Cisco Umbrella Rank: 2930	412 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 813	944 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1777	524 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 862	589 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	363 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 977	795 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1098	398 B
1	getadmiral.com images.getadmiral.com — Cisco Umbrella Rank: 44230	1 KB
1	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 2652 api.rlcdn.com Failed	73 KB
1	scarfsmash.com scarfsmash.com — Cisco Umbrella Rank: 77295	82 KB
1	amazonaws.com sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 5272	658 B
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 2616	10 KB
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 982	245 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 624	481 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	26 KB
1	optmn.cloud cdn.optmn.cloud — Cisco Umbrella Rank: 24744	777 B
189	74

	Domain	Requested by
18	live.primis.tech	tagan.adlightning.com live.primis.tech
16	www.cbr.com	www.cbr.com
10	video.primis.tech	live.primis.tech
8	cm.g.doubleclick.net	8 redirects
8	simage2.pubmatic.com	ads.pubmatic.com
8	image2.pubmatic.com	ads.pubmatic.com
8	static1.cbrimages.com	www.cbr.com
6	aloofvest.com	www.cbr.com aloofvest.com
5	x.bidswitch.net	5 redirects
5	match.prod.bidr.io	5 redirects
5	aax-eu.amazon-adsystem.com	3 redirects ads.pubmatic.com
5	pixel.rubiconproject.com	1 redirects
5	mbid.marfeelrev.com	www.cbr.com mbid.marfeelrev.com
5	c.amazon-adsystem.com	www.cbr.com c.amazon-adsystem.com live.primis.tech
4	a.audrte.com	3 redirects
4	token.rubiconproject.com	eus.rubiconproject.com
4	ib.adnxs.com	4 redirects
4	secure.cdn.fastclick.net	tagan.adlightning.com secure.cdn.fastclick.net
3	sb.scorecardresearch.com	1 redirects
3	fonts.gstatic.com	fonts.googleapis.com
3	tagan.adlightning.com	www.cbr.com tagan.adlightning.com
3	www.googletagmanager.com	www.cbr.com www.googletagmanager.com
2	sync.bumlam.com	2 redirects
2	c1.adform.net	2 redirects
2	cr.frontend.weborama.fr	2 redirects
2	sync.crwdcntrl.net	1 redirects
2	pixel-eu.onaudience.com	2 redirects
2	sync-tm.everesttech.net	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	image6.pubmatic.com	1 redirects ads.pubmatic.com
2	ads.pubmatic.com	live.primis.tech
2	eus.rubiconproject.com	live.primis.tech eus.rubiconproject.com
2	match.adsrvr.org	live.primis.tech
2	id5-sync.com	live.primis.tech
2	hbopenbid.pubmatic.com	live.primis.tech
2	ad.360yield.com	2 redirects
2	fonts.googleapis.com	tagan.adlightning.com
2	id.hadron.ad.gt	cdn.hadronid.net
2	ssum.casalemedia.com	1 redirects www.cbr.com
2	geo.privacymanager.io	launchpad.privacymanager.io
2	region1.google-analytics.com	www.googletagmanager.com
2	a.ad.gt	www.cbr.com tagan.adlightning.com
2	unpkg.com	1 redirects www.cbr.com
2	www.google-analytics.com	www.cbr.com www.google-analytics.com
2	tru.am	www.cbr.com tru.am
2	launchpad.privacymanager.io	www.cbr.com launchpad-wrapper.privacymanager.io
2	cdn.adsninja.ca	www.cbr.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	sync.mathtag.com
1	www.storygize.net	1 redirects
1	trc.taboola.com	1 redirects
1	match.adsby.bidtheatre.com	1 redirects
1	pixel-sync.sitescout.com
1	ad.turn.com	1 redirects
1	pubmatic-match.dotomi.com
1	ups.analytics.yahoo.com
1	pr-bh.ybp.yahoo.com
1	um.simpli.fi
1	dmp.adform.net	1 redirects
1	idsync.frontend.weborama.fr
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	green.erne.co	1 redirects
1	ipac.ctnsnet.com	ads.pubmatic.com
1	core.iprom.net	ads.pubmatic.com
1	csync.loopme.me	1 redirects
1	cm-supply-web.gammaplatform.com	1 redirects
1	cm.adgrx.com	ads.pubmatic.com
1	bh.contextweb.com	1 redirects
1	rtb-csync.smartadserver.com	1 redirects
1	t.adx.opera.com	ads.pubmatic.com
1	sync.srv.stackadapt.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	cms.quantserve.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	p.rfihub.com	1 redirects
1	lb.eu-1-id5-sync.com	live.primis.tech
1	id.crwdcntrl.net	live.primis.tech
1	lexicon.33across.com	live.primis.tech
1	images.getadmiral.com
1	ats.rlcdn.com	secure.cdn.fastclick.net
1	prebid-server.rubiconproject.com	live.primis.tech
1	scarfsmash.com	aloofvest.com
1	proc.ad.cpe.dotomi.com	secure.cdn.fastclick.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	www.google.de
1	www.google.com
1	sqs.us-east-1.amazonaws.com	d15kdpgjg3unno.cloudfront.net
1	cdn.id5-sync.com	tagan.adlightning.com
1	cdn.hadronid.net	www.cbr.com
1	cdn-ima.33across.com	tagan.adlightning.com
1	tags.crwdcntrl.net	tagan.adlightning.com
1	dyv1bugovvq1g.cloudfront.net	www.cbr.com
1	rtb.openx.net	www.cbr.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.adsafeprotected.com	www.cbr.com
1	securepubads.g.doubleclick.net	tagan.adlightning.com
1	beacon.tru.am	tru.am
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	seg.ad.gt	www.cbr.com
1	www.googletagservices.com	www.cbr.com
1	d15kdpgjg3unno.cloudfront.net	www.cbr.com
1	cdn.optmn.cloud	www.cbr.com
1	launchpad-wrapper.privacymanager.io	www.cbr.com
1	imasdk.googleapis.com	www.cbr.com
0	api.rlcdn.com Failed	live.primis.tech
189	107

This site contains links to these domains. Also see Links.

Domain
community.cbr.com
www.youtube.com
www.facebook.com
www.instagram.com
twitter.com
www.tiktok.com
linkedin.com
news.google.com
findacomicshop.com
www.eurogamer.net
www.linkedin.com
www.reddit.com
share.flipboard.com
getadmiral.com

Subject Issuer	Validity	Valid
*.cbr.cc R3	`2023-05-30` - `2023-08-28`	3 months	crt.sh
static1.cbrimages.com R3	`2023-06-08` - `2023-09-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
cdn.adsninja.ca R3	`2023-06-03` - `2023-09-01`	3 months	crt.sh
*.adlightning.com Amazon RSA 2048 M01	`2023-02-22` - `2023-07-07`	4 months	crt.sh
*.privacymanager.io Amazon RSA 2048 M02	`2023-02-22` - `2023-09-24`	7 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-11-28` - `2023-11-28`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
aloofvest.com R3	`2023-06-28` - `2023-09-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-02-28` - `2024-02-17`	a year	crt.sh
ssl02.cert.cl01.k8s.mrf.io R3	`2023-06-01` - `2023-08-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.primis.tech Amazon RSA 2048 M01	`2022-10-24` - `2023-11-22`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2022-12-02` - `2023-12-02`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-06` - `2023-09-30`	a year	crt.sh
hadronid.net GTS CA 1P5	`2023-06-09` - `2023-09-07`	3 months	crt.sh
queue.amazonaws.com Amazon RSA 2048 M01	`2023-03-08` - `2024-03-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-06-09` - `2024-07-10`	a year	crt.sh
scarfsmash.com R3	`2023-06-21` - `2023-09-19`	3 months	crt.sh
primis.tech Go Daddy Secure Certificate Authority - G2	`2023-06-19` - `2024-06-18`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
getadmiral.com Cloudflare Inc ECC CA-3	`2023-03-13` - `2024-03-12`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
lexicon.33across.com GTS CA 1D4	`2023-06-09` - `2023-09-07`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.adx.opera.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-22` - `2024-06-20`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-07` - `2023-12-09`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-03` - `2024-03-31`	a year	crt.sh
*.iprom.net R3	`2023-05-23` - `2023-08-21`	3 months	crt.sh
*.ctnsnet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-04` - `2023-11-06`	10 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-29`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Frame ID: A6F625B34636F2EC0624E1934757D8D6
Requests: 105 HTTP requests in this frame

Frame: https://mbid.marfeelrev.com/static/cookie-sync.html
Frame ID: 98E7F7E0A88784681B8336DC67BA7747
Requests: 8 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=108504&subId=[CBR-Reg-Org]&cbuster=1688701889&pubUrlAuto=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Frame ID: BCBFAB55D7D2D6FE8064C746A0067F0B
Requests: 26 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Frame ID: 35AEC3EDF233B0C737F5D1741977BA33
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 67080075769165CB4D08B8174CCA8C07
Requests: 19 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1217755997292288786
Frame ID: 73F7D7C0441A231AA2EC27F5AAF27864
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210825857614064
Frame ID: EBDF63F502BA2C8EA7CD03DAA4BBB6C6
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: BC3B4467DBA5D8EEB0C92CD529AA55C7
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=476EF366-BD9A-4582-8108-E90B173FF3D7&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 85AB843151FCC48E71DE485B69D2A023
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rWIz16M0MdS2YmHVozN_gqNiMdW2YzHVqjUMQ8hD
Frame ID: 8432B9C65C162889BB3AEF11B2AED039
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6489909190653916357&gdpr=0&gdpr_consent=
Frame ID: FB02B945FD665763B37B91C5717E06E5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7252919398838761618&gdpr=0&gdpr_consent=
Frame ID: 4F8B82F158208F1A1ABF43041FD40FFF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ixDaez5AVdZF4DNCFeqHeFD_B2o&gdpr=0&gdpr_consent=
Frame ID: 7F507F56FA086B5444D7EBDDD8591131
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Frame ID: 087DFD83E03333D1E5E487DFF699B9FF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEIE07JTxgAACFDOJhbWQ&gdpr=0&gdpr_consent=
Frame ID: 2E19C9BCDA3145FD156782BFAF7CA4FB
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZKeLxAAXPh79mgAn
Frame ID: 70484C8E2F9574707BD7E8045A9F2140
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 09236A7C14C27B6EE8C9228DD332A114
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1mm99f679e2t
Frame ID: 72F71C1F04D4880EC4B086785FB7E83C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: C5C9E6A8EF84B7B9BDDA5E09F1CB8168
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 3881517AF5551383657F920CD106101B
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 3EB1D5A39182BE8842E1931C1BDE3008
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhSYSXRWbhRXbWUaX&gdpr=0&gdpr_consent=
Frame ID: 97C3626330D28A5C28A00A2FAB76D095
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: A7E3E86697F840EC33E8E887BE61B9B3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Last of Us Part 3 Leaks Ellie's Role, New Main Charactersuser-signalchecklistsettings-toggle-horizontal

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

189
Requests

89 %
HTTPS

34 %
IPv6

74
Domains

107
Subdomains

77
IPs

13
Countries

5301 kB
Transfer

11331 kB
Size

83
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://community.cbr.com/
Title: Community

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/comicbookresources

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ComicBookResources

Search URL Search Domain Scan URL

URL: https://www.instagram.com/comicbookresources

Search URL Search Domain Scan URL

URL: https://twitter.com/cbr

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@comicbookresources

Search URL Search Domain Scan URL

URL: https://linkedin.com/company/comic-book-resources

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKML6lgQswmOL8Ag

Search URL Search Domain Scan URL

URL: https://findacomicshop.com/
Title: Find a Comic Shop

Search URL Search Domain Scan URL

URL: https://www.eurogamer.net/the-last-of-us-part-3-leaks-point-to-new-characters-ellies-role
Title: Eurogamer

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F%2F&src=sdkpreparse
Title: Share

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=The%20Last%20of%20Us%20Part%203%20Leaks%20Reveal%20New%20Main%20Character%20Details&url=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F
Title: Tweet

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&title=The%20Last%20of%20Us%20Part%203%20Leaks%20Reveal%20New%20Main%20Character%20Details&source=www.cbr.com&summary=New%20leaks%20claim%20The%20Last%20of%20Us%20Part%20III%20will%20feature%20a%20new%20setting%20and%20cast%20of%20characters%2C%20along%20with%20the%20return%20of%20Ellie%20Williams.
Title: Share

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F
Title: Share

Search URL Search Domain Scan URL

URL: http://share.flipboard.com/bookmarklet/popout?v=2&title=The%20Last%20of%20Us%20Part%203%20Leaks%20Reveal%20New%20Main%20Character%20Details&url=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&utm_campaign=tools&utm_medium=article-share&utm_source=www.cbr.com
Title: Share

Search URL Search Domain Scan URL

URL: https://getadmiral.com/pb/?utm_source=www.cbr.com&utm_medium=pb&session=5-c8dd29fea02ca182f565418d442f0420-6763652d6575726f70652d7765737431-0
Title: Powered By

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://unpkg.com/web-vitals@3/dist/web-vitals.attribution.iife.js HTTP 302
https://unpkg.com/web-vitals@3.3.2/dist/web-vitals.attribution.iife.js

Request Chain 52

https://ssum.casalemedia.com/usermatchredir?s=184550&cb= HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=184550&cb=&C=1

Request Chain 88

https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmbid.marfeelrev.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526f%253Di%2526uid%253D%2524UID HTTP 302
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6489909190653916357

Request Chain 105

https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=d1e7bfe9-51c1-4090-a78e-0fc20861af04

Request Chain 119

https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID HTTP 302
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6489909190653916357

Request Chain 121

https://sb.scorecardresearch.com/cs/6035391/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 136

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1217755997292288786

Request Chain 137

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210825857614064

Request Chain 139

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=476EF366-BD9A-4582-8108-E90B173FF3D7&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=476EF366-BD9A-4582-8108-E90B173FF3D7&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 140

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rWIz16M0MdS2YmHVozN_gqNiMdW2YzHVqjUMQ8hD

Request Chain 141

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6489909190653916357&gdpr=0&gdpr_consent=

Request Chain 142

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7252919398838761618&gdpr=0&gdpr_consent=

Request Chain 143

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ixDaez5AVdZF4DNCFeqHeFD_B2o&gdpr=0&gdpr_consent=

Request Chain 145

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFSUUwN0pUeGdBQUNGRE9KaGJXUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEIE07JTxgAACFDOJhbWQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2097337869477726173&gdpr=0&gdpr_consent= HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEIE07JTxgAACFDOJhbWQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2097337869477726173%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2097337869477726173&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEIE07JTxgAACFDOJhbWQ&pid=558502&do=add&gdpr=0 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEIE07JTxgAACFDOJhbWQ&gdpr=0&gdpr_consent=

Request Chain 146

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZKeLxAAXPh79mgAn

Request Chain 148

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1mm99f679e2t

Request Chain 149

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 152

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b8382941b9214602/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DwoK5xk2lhSYSXRWbhRXbWUaX%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DwoK5xk2lhSYSXRWbhRXbWUaX%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhSYSXRWbhRXbWUaX&gdpr=0&gdpr_consent=

Request Chain 153

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 154

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R27zZr2aRYKBCOkLFz_z1w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R27zZr2aRYKBCOkLFz_z1w%3D%3D&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 156

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=405081375 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=476EF366-BD9A-4582-8108-E90B173FF3D7

Request Chain 157

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=476EF366-BD9A-4582-8108-E90B173FF3D7 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MzMzazA5eFlBMmFUYTIyVDNoSmVVYXJEQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=618765503633258215&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 158

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDc2RUYzNjYtQkQ5QS00NTgyLTgxMDgtRTkwQjE3M0ZGM0Q3&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDc2RUYzNjYtQkQ5QS00NTgyLTgxMDgtRTkwQjE3M0ZGM0Q3&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 159

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMBGU2z8RmxSHQ22qzaVtl4&google_cver=1

Request Chain 161

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=618765503633258215

Request Chain 165

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=c45c8342-1ac3-468b-804f-f614e29cb519&gdpr=0&gdpr_consent= HTTP 302
https://sync.bumlam.com/?src=bsw2&s_data=CAIQARjEl56lBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEJAWqcAceRHusdoAJZDIJDeqAQhwdWJtYXRpY7IBJGM0NWM4MzQyLTFhYzMtNDY4Yi04MDRmLWY2MTRlMjljYjUxOQ** HTTP 302
https://x.bidswitch.net/sync?dsp_id=476&user_id=9016a9c0-1c79-11ee-b1da-002590c82437&expires=90&ssp=pubmatic&bsw_param=c45c8342-1ac3-468b-804f-f614e29cb519 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c45c8342-1ac3-468b-804f-f614e29cb519&gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 167

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2512322655345238718&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 169

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8993427d-7b23-44a9-8b8d-f2f5abc275f9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 173

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3ZCVVElnTnOv9jxRNPuq1Q&rk=usync-other&gdpr=0 HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=3ZCVVElnTnOv9jxRNPuq1Q&gdpr=0

Request Chain 174

https://trc.taboola.com/sg/MagniteSCoD/1/cm?gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=1013714&nid=5550&put=13a28f68-f11a-45d7-ba4c-a81f700e74ad-tuctba11144

Request Chain 175

https://www.storygize.net/ccm/729e4e94-63c3-438d-8ce4-184eb34e703f?gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=37cf273d-6031-4a9e-b4c2-17b86d952301

Request Chain 176

https://x.bidswitch.net/sync?ssp=rubicon&gdpr=0&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=rubicon&gdpr=0&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=c45c8342-1ac3-468b-804f-f614e29cb519&expires=30

189 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/ 842 KB
175 KB 767ms
518ms Document
text/html 34.201.177.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.201.177.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-201-177-150.compute-1.amazonaws.com

Software

nginx /

Resource Hash

1914f7412eef54bbfcf8789d87329a520d1d12c7f43516e40057b0c7a0e6bed5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: br
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
content-type: text/html; charset=UTF-8
date: Fri, 07 Jul 2023 03:51:27 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 newsletter-popup.965dd031.js Show response
www.cbr.com/public/build/ 6 KB
3 KB 230ms
228ms Script
application/javascript 34.201.177.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cbr.com/public/build/newsletter-popup.965dd031.js

Requested by

Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.201.177.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-201-177-150.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f4036baba5e02b7a3f76419beef5986e6a9dc863fcea9e3806c9bfc10327b304

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 06 Jul 2023 15:14:59 GMT
server: nginx
etag: W/"64a6da73-164a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
expires: Sat, 06 Jul 2024 03:51:28 GMT

GET
H2 200 ellie-the-last-of-us.jpg
static1.cbrimages.com/wordpress/wp-content/uploads/2023/07/ 63 KB
64 KB 212ms
78ms Image
image/avif 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.cbrimages.com/wordpress/wp-content/uploads/2023/07/ellie-the-last-of-us.jpg?q=50&fit=contain&w=1140&h=&dpr=1.5
Requested by: Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: d2ea165bd1a5849931e9f31f95f8dd7781e979a93eaacbcff78284a17ad66871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
cdn-edgestorageid: 1080
cdn-cachedat: 07/05/2023 06:19:28
cdn-pullzone: 1164669
content-disposition: inline; filename="ellie-the-last-of-us.avif"
content-length: 64759
x-request-id: ew9vmOTHNm5WYdcBw-vbZ
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "LshKxc8iS27es6PoR3WaX26CH29z8ncqKh59eqo4K_o/RIjlrRkNQNEg3bHhhUW1iN1BrUkc4bGci"
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1bdb6511-4d52-4155-8068-50426668f87a
cache-control: public, max-age=31919000
cdn-requestid: b8b876c9d59db7ed2ac928e8302a3ee5
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 khand-regular.woff2
www.cbr.com/public/build/fonts/khand/ 14 KB
14 KB 352ms
349ms Font
font/woff2 34.201.177.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cbr.com/public/build/fonts/khand/khand-regular.woff2

Requested by

Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.201.177.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-201-177-150.compute-1.amazonaws.com

Software

nginx /

Resource Hash

84c6093653d1175d1c17556b8888ab71762ad7262de47f329d66db8991e1ae14

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Origin: https://www.cbr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13944
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 06 Jul 2023 15:14:59 GMT
server: nginx
etag: "64a6da73-3678"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
expires: Sat, 06 Jul 2024 03:51:28 GMT

GET
H2 200 khand-bold.woff2
www.cbr.com/public/build/fonts/khand/ 14 KB
14 KB 351ms
349ms Font
font/woff2 34.201.177.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cbr.com/public/build/fonts/khand/khand-bold.woff2

Requested by

Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.201.177.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-201-177-150.compute-1.amazonaws.com

Software

nginx /

Resource Hash

55590528f3843330e079ab923a28a2e8f95b47c9b38d413b98b019b244f6c9cc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Origin: https://www.cbr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 14300
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 06 Jul 2023 15:14:59 GMT
server: nginx
etag: "64a6da73-37dc"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
expires: Sat, 06 Jul 2024 03:51:28 GMT

GET
H2 200 roboto-regular.woff2
www.cbr.com/public/build/fonts/roboto/ 15 KB
16 KB 351ms
348ms Font
font/woff2 34.201.177.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cbr.com/public/build/fonts/roboto/roboto-regular.woff2

Requested by

Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.201.177.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-201-177-150.compute-1.amazonaws.com

Software

nginx /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Origin: https://www.cbr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 15736
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 06 Jul 2023 15:14:59 GMT
server: nginx
etag: "64a6da73-3d78"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
expires: Sat, 06 Jul 2024 03:51:28 GMT

GET
H2 200 roboto-bold.woff2
www.cbr.com/public/build/fonts/roboto/ 15 KB
16 KB 350ms
347ms Font
font/woff2 34.201.177.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cbr.com/public/build/fonts/roboto/roboto-bold.woff2

Requested by

Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.201.177.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-201-177-150.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Origin: https://www.cbr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 15816
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 06 Jul 2023 15:14:59 GMT
server: nginx
etag: "64a6da73-3dc8"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
expires: Sat, 06 Jul 2024 03:51:28 GMT

GET
H2 200 icomoon.woff2
www.cbr.com/public/build/fonts/icons/ 16 KB
16 KB 352ms
350ms Font
font/woff2 34.201.177.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cbr.com/public/build/fonts/icons/icomoon.woff2?v=1.3

Requested by

Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.201.177.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-201-177-150.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c884dfd88281336423bd6589cb522f8b2c68e1776373ca93b21658335a3a9ae4

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Origin: https://www.cbr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 15888
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 06 Jul 2023 15:14:59 GMT
server: nginx
etag: "64a6da73-3e10"
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
expires: Sat, 06 Jul 2024 03:51:28 GMT

GET
H2 200 icomoon.woff
www.cbr.com/public/build/fonts/icons/ 30 KB
31 KB 352ms
350ms Font
font/woff 34.201.177.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cbr.com/public/build/fonts/icons/icomoon.woff?v=1.3

Requested by

Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.201.177.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-201-177-150.compute-1.amazonaws.com

Software

nginx /

Resource Hash

7d8aca4a24e0fc01d9f8627550ae9c05e8163b0c73e51c585e97ca13a0503d23

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Origin: https://www.cbr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 31216
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 06 Jul 2023 15:14:59 GMT
server: nginx
etag: "64a6da73-79f0"
x-frame-options: SAMEORIGIN
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
accept-ranges: bytes
expires: Sat, 06 Jul 2024 03:51:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
83 KB 139ms
49ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0DTR9KMTE

Requested by

Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d0080ee60f244fa722b947096eac634dd0b19159e5d36bf4b249012ae7369a0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84092
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 07 Jul 2023 03:51:28 GMT

GET
H2 200 article-regular.61e4bdb4.css
www.cbr.com/public/build/ 336 KB
45 KB 346ms
344ms Stylesheet
text/css 34.201.177.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cbr.com/public/build/article-regular.61e4bdb4.css

Requested by

Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.201.177.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-201-177-150.compute-1.amazonaws.com

Software

nginx /

Resource Hash

5d79a20f1fff4ebf9885cb826bb770834af7ea80c3230f173857bf07b134fdf0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 06 Jul 2023 15:14:59 GMT
server: nginx
etag: W/"64a6da73-53e1d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000, max-age=31536000, public
expires: Sat, 06 Jul 2024 03:51:28 GMT

GET
H2 200 valnet-header.780ff8b3.js Show response
www.cbr.com/public/build/ 3 KB
1 KB 119ms
119ms Script
application/javascript 34.201.177.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cbr.com/public/build/valnet-header.780ff8b3.js

Requested by

Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.201.177.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-201-177-150.compute-1.amazonaws.com

Software

nginx /

Resource Hash

14b6babace7b8808c7913c02728d3f113b571ca33bd3fa88883eb053f6e980f0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 06 Jul 2023 15:14:59 GMT
server: nginx
etag: W/"64a6da73-a3b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
expires: Sat, 06 Jul 2024 03:51:28 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 344 KB
119 KB 163ms
50ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02e7535563110e913669c43b9233db020deb9a4b0eaff84ab9de1b55b8ad21c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121444
x-xss-protection: 0
expires: Fri, 07 Jul 2023 03:51:28 GMT

GET
H2 200 adsninja_client.js Show response
cdn.adsninja.ca/ 824 KB
198 KB 54ms
48ms Script
application/javascript 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.adsninja.ca/adsninja_client.js?v=1688657800

Requested by

Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

3dedd9c127f377a69e470fd521a31bb80b4aeb039aaf4e82c0ca35c71cb28865

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
cdn-edgestorageid: 1081
strict-transport-security: max-age=31536000; includeSubDomains; preload
cdn-cachedat: 07/07/2023 01:54:51
cdn-pullzone: 1352862
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 06 Jul 2023 15:03:49 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"64a6d7d5-cdf49"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
cdn-uid: 1bdb6511-4d52-4155-8068-50426668f87a
cache-control: public, max-age=31919000
cdn-requestid: 2872274c3a68ba4744ec26228c59dc54
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 op.js Show response
tagan.adlightning.com/valnet/ 43 KB
18 KB 140ms
45ms Script
application/javascript 18.173.187.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/valnet/op.js
Requested by: Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-57.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ce450266ddf891f0406013c3489d6113102842bcdd67a507bae207f9b1c4a8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: N3KRSGw49IyjSGPUGt7txvAs9fZsFC24
content-encoding: gzip
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
date: Fri, 07 Jul 2023 02:59:24 GMT
x-amz-cf-pop: MUC50-P4
age: 3137
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 17564
x-amz-meta-git_commit: e09f10f
last-modified: Thu, 06 Jul 2023 20:31:58 GMT
server: AmazonS3
etag: "d07eb8aa3d0561daa5593c773410a35d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: KPqqNbYWmBcZeo8ltxsSaNxf1t-Z0gSCXoh7bgqAG3-GUBAyeCgNww==

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/latest/ 41 KB
13 KB 138ms
45ms Script
application/x-javascript 143.204.215.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by: Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-114.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc390bc6eb4c9badf29cbf5c495f6bcc941769e1befd9d8799c143e112079ad4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: 5IjvKz0J.50cIikUGQo1jrfh9HyrGtVP
content-encoding: br
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
date: Fri, 07 Jul 2023 03:42:00 GMT
x-amz-cf-pop: FRA53-C1
age: 569
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:25ed2a0f-4360-4a94-a56b-3f7229d7df17
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 4bd975b8fdc81a3349192e248ce3e92f
last-modified: Thu, 22 Jun 2023 08:07:42 GMT
server: AmazonS3
etag: W/"2d5e9fd681541ba76d4e6c18fc669221"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: 38aa63277a2cdadf2140d9dfc174efabc77e6e7e54482e1fd9a3fc32be748916
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: svMUetC38_r53w5jRyRLfKZr7CN_IVwca_PMojWS9TTOJ3j8TOGxXg==

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/b1c80b5e-e909-4d5d-ba94-1d63bb1c4212/ 3 KB
2 KB 136ms
39ms Script
text/javascript 108.138.36.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/b1c80b5e-e909-4d5d-ba94-1d63bb1c4212/launchpad-liveramp.js
Requested by: Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-80.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1fd2f32ff8f7faa45f37f017373f5aed9e8fa2592777558dceb6279d2c6b6c1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 08:14:22 GMT
x-amz-version-id: VvqJVCzWC9cYJoDPVy13QOu8VM9LBxBp
content-encoding: gzip
via: 1.1 46e871af86c897cd369d8d20c90166ec.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 70627
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Thu, 10 Nov 2022 02:33:21 GMT
server: AmazonS3
etag: W/"9d93d6cd945b5e534338bfebd1b8e074"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: c0aidQSk5_RsWsac4nIL8_FGsZQH2tXseF-qTJ5J8_Gykj9OWOcfrg==

GET
H2 200 valnetinccom-adapter.js Show response
cdn.optmn.cloud/hb/ 0
777 B 253ms
154ms Script
text/javascript 2606:4700:3031::ac43:81a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.optmn.cloud/hb/valnetinccom-adapter.js
Requested by: Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:81a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdtLFF2yqjAjTnOsCI9OyrrNTGQ6LoU_BuaKMpow3fdqpN2gu8PogyRkuIxG5nXhz5QX-D5pCyD1gBG_BrKtiE9eAOFaegrI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 0
last-modified: Tue, 30 May 2023 15:06:38 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-goog-generation: 1684335616234938
content-type: text/javascript
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3WU0S0fGhrwBNQaKEnXwVFX38NgLLyRcQ1XRUXV%2FuV%2FS3kW6V3v2b3fWHoornvEVHlA2wXxtfTle2PA66%2FI323fKE21KN4psXksm8wXKijL1jyYsaqM1lH83%2BQfpkC%2BePKmujzKROnJc5S3t6M%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 0
accept-ranges: bytes
cf-ray: 7e2d2113be796964-FRA

GET
H2 200 adsninja_client_style.css
cdn.adsninja.ca/ 69 KB
16 KB 196ms
67ms Stylesheet
text/css 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.adsninja.ca/adsninja_client_style.css?v=1688657800

Requested by

Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),

Reverse DNS

Software

BunnyCDN-DE1-1081 /

Resource Hash

1f1c75422838aaf1ac06897faeb7af3d942a9b0252c40075f476524d648aa333

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
content-encoding: br
x-content-type-options: nosniff
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
cdn-edgestorageid: 1080
strict-transport-security: max-age=31536000; includeSubDomains; preload
cdn-cachedat: 07/07/2023 01:12:14
cdn-pullzone: 1352862
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 06 Jul 2023 15:03:49 GMT
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"64a6d7d5-112df"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1bdb6511-4d52-4155-8068-50426668f87a
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=31919000
cdn-requestid: 1ebb8d52340ca27044ec5fc088b76a5c
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 cbr-logo-full-colored-light.svg
www.cbr.com/public/build/images/ 11 KB
4 KB 125ms
118ms Image
image/svg+xml 34.201.177.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cbr.com/public/build/images/cbr-logo-full-colored-light.svg

Requested by

Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.201.177.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-201-177-150.compute-1.amazonaws.com

Software

nginx /

Resource Hash

666ef09fc39a584564a30f545e0f7d47d789f8629f7c152d77de402dee729881

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 06 Jul 2023 15:14:59 GMT
server: nginx
etag: W/"64a6da73-2d8c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
expires: Sat, 06 Jul 2024 03:51:28 GMT

GET
H2 200 thor_annual_1_cover.jpg
static1.cbrimages.com/wordpress/wp-content/uploads/2023/07/ 12 KB
12 KB 49ms
42ms Image
image/avif 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.cbrimages.com/wordpress/wp-content/uploads/2023/07/thor_annual_1_cover.jpg?q=50&fit=crop&w=145&h=225&dpr=1.5
Requested by: Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: de65ca8feb02517f4832036a101f78c7c9e6b3c2f63a3baf6e88999877b906cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
cdn-edgestorageid: 1080
cdn-cachedat: 07/07/2023 01:56:06
cdn-pullzone: 1164669
content-disposition: inline; filename="thor_annual_1_cover.avif"
content-length: 12081
x-request-id: j6UiDeFspNhdunXgHpT-P
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "zvRvM3BYRKqBguTDYy6aOuBi-OzqEHTCAxv_ZA2Vz4E/RIkdHV1FqZnJUT2JhTHNEUy1IYjJNb1Ei"
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1bdb6511-4d52-4155-8068-50426668f87a
cache-control: public, max-age=31919000
cdn-requestid: 2bbe5d09f1d4ef453d47f2ca1dd43215
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 captain_marvel_dark_tempest_1_cover.jpg
static1.cbrimages.com/wordpress/wp-content/uploads/2023/07/ 15 KB
15 KB 54ms
47ms Image
image/avif 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.cbrimages.com/wordpress/wp-content/uploads/2023/07/captain_marvel_dark_tempest_1_cover.jpg?q=50&fit=crop&w=145&h=225&dpr=1.5
Requested by: Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: a53ba8c8a4c223d534dd7223ac4371e0e8e4714feac507ed2f642b8db1e9c629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
cdn-edgestorageid: 1081
cdn-cachedat: 07/07/2023 01:56:06
cdn-pullzone: 1164669
content-disposition: inline; filename="captain_marvel_dark_tempest_1_cover.avif"
content-length: 14965
x-request-id: 2-FMXnFQ0CWDcorg55qUJ
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "zvRvM3BYRKqBguTDYy6aOuBi-OzqEHTCAxv_ZA2Vz4E/RIkVaVFUzMVMzZERIV1gxeUVUWjNKMXci"
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1bdb6511-4d52-4155-8068-50426668f87a
cache-control: public, max-age=31919000
cdn-requestid: fedd51faf2426418bd164690355e25f2
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 screenshot_2023-03-10_at_4-32-45_pm_1400x700.jpg
static1.cbrimages.com/wordpress/wp-content/uploads/2023/03/ 6 KB
6 KB 56ms
49ms Image
image/avif 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.cbrimages.com/wordpress/wp-content/uploads/2023/03/screenshot_2023-03-10_at_4-32-45_pm_1400x700.jpg?q=50&fit=crop&w=145&h=225&dpr=1.5
Requested by: Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 64a77b28df2e377138e10a62ce14f80ee4b31bab4a5336a6229457bd6d60d79c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
cdn-edgestorageid: 1080
cdn-cachedat: 07/07/2023 01:56:06
cdn-pullzone: 1164669
content-disposition: inline; filename="screenshot_2023-03-10_at_4-32-45_pm_1400x700.avif"
content-length: 6010
x-request-id: SM8OBROZKav3oW2dwL15_
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "zvRvM3BYRKqBguTDYy6aOuBi-OzqEHTCAxv_ZA2Vz4E/RIkc5VU1RZEtnSDhUd2taY1VYRHNWX1Ei"
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1bdb6511-4d52-4155-8068-50426668f87a
cache-control: public, max-age=31919000
cdn-requestid: 21e7d3fa8f59d463e5e64a90514b55de
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 screenshot_2023-03-10_at_4-28-19_pm_1400x700.jpg
static1.cbrimages.com/wordpress/wp-content/uploads/2023/03/ 10 KB
10 KB 59ms
53ms Image
image/avif 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.cbrimages.com/wordpress/wp-content/uploads/2023/03/screenshot_2023-03-10_at_4-28-19_pm_1400x700.jpg?q=50&fit=crop&w=145&h=225&dpr=1.5
Requested by: Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 68c497873d01206e34fc462c5bc13f0680c834579be0990368665b2abf30639e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
cdn-edgestorageid: 1082
cdn-cachedat: 07/07/2023 01:56:06
cdn-pullzone: 1164669
content-disposition: inline; filename="screenshot_2023-03-10_at_4-28-19_pm_1400x700.avif"
content-length: 9815
x-request-id: d0deMNTDkN0Q8Ev_UjPO5
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "zvRvM3BYRKqBguTDYy6aOuBi-OzqEHTCAxv_ZA2Vz4E/RImREako2d1pHU3JMN3RuaTRTZkxJNVEi"
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1bdb6511-4d52-4155-8068-50426668f87a
cache-control: public, max-age=31919000
cdn-requestid: 4464873b1ec37374a944e5b4bb57d8ad
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 video-game-villains-who-hide-in-plain-sight-featured-image.jpg
static1.cbrimages.com/wordpress/wp-content/uploads/2023/06/ 5 KB
6 KB 61ms
54ms Image
image/avif 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.cbrimages.com/wordpress/wp-content/uploads/2023/06/video-game-villains-who-hide-in-plain-sight-featured-image.jpg?q=50&fit=crop&w=200&h=140&dpr=1.5
Requested by: Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 14ea20d8743df422e4c9241a7e88da9754b2cec8d64a054e2c8d9576ea637ba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
cdn-edgestorageid: 1080
cdn-cachedat: 07/02/2023 17:14:58
cdn-pullzone: 1164669
content-disposition: inline; filename="video-game-villains-who-hide-in-plain-sight-featured-image.avif"
content-length: 5326
x-request-id: 13lqF38C5gJmhV-kvAKlU
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "Ph2_7wmaJrqFz3murR-aMzoOEKSPs9ard-qehJty6DQ/RIkFfMGtzb1FVV0h2b3V0X3FkLXhnNHci"
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1bdb6511-4d52-4155-8068-50426668f87a
cache-control: public, max-age=31919000
cdn-requestid: c38cf06095cebf07827de40dd1a9b2f2
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 10-darkest-nintendo-games-ranked.jpg
static1.cbrimages.com/wordpress/wp-content/uploads/2023/07/ 6 KB
7 KB 66ms
59ms Image
image/avif 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.cbrimages.com/wordpress/wp-content/uploads/2023/07/10-darkest-nintendo-games-ranked.jpg?q=50&fit=crop&w=200&h=140&dpr=1.5
Requested by: Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: 18f235f67be1da44b4b446ca0741a35337941c1fdb0f78e07e8d03cb7b3a952d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
cdn-edgestorageid: 1080
cdn-cachedat: 07/07/2023 02:07:55
cdn-pullzone: 1164669
content-disposition: inline; filename="10-darkest-nintendo-games-ranked.avif"
content-length: 6116
x-request-id: 2v34IpElvp_lZN6kpnOA5
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "Ph2_7wmaJrqFz3murR-aMzoOEKSPs9ard-qehJty6DQ/RIjBZbTFSUG5uVlA0YUN0SmtPMVA3REEi"
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1bdb6511-4d52-4155-8068-50426668f87a
cache-control: public, max-age=31919000
cdn-requestid: f06d13657d931eba8915b9e067a71d7e
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 mickey-mouse-overlayed-over-disney-illusion-island-gameplay.jpg
static1.cbrimages.com/wordpress/wp-content/uploads/2023/07/ 7 KB
7 KB 67ms
60ms Image
image/avif 2400:52e0:1e00::1081:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static1.cbrimages.com/wordpress/wp-content/uploads/2023/07/mickey-mouse-overlayed-over-disney-illusion-island-gameplay.jpg?q=50&fit=crop&w=200&h=140&dpr=1.5
Requested by: Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1081:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1081 /
Resource Hash: dd22a2ce53426fa17d1c872fdb351b64e32e5b4880a23c1e3e5476210e047483

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
cdn-edgestorageid: 1081
cdn-cachedat: 07/07/2023 03:11:42
cdn-pullzone: 1164669
content-disposition: inline; filename="mickey-mouse-overlayed-over-disney-illusion-island-gameplay.avif"
content-length: 6970
x-request-id: 1ZwiTSeNmE3LqJCqafphu
server: BunnyCDN-DE1-1081
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: "Ph2_7wmaJrqFz3murR-aMzoOEKSPs9ard-qehJty6DQ/RImxpMjZmMXExclRBNkJVYkRZUFVENGci"
access-control-allow-methods: GET, OPTIONS
content-type: image/avif
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 1bdb6511-4d52-4155-8068-50426668f87a
cache-control: public, max-age=31919000
cdn-requestid: a10758de12fd444a1ebd92c16707ba13
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 valnet-footer.4d9b1b1e.js Show response
www.cbr.com/public/build/ 37 KB
10 KB 126ms
120ms Script
application/javascript 34.201.177.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cbr.com/public/build/valnet-footer.4d9b1b1e.js

Requested by

Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.201.177.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-201-177-150.compute-1.amazonaws.com

Software

nginx /

Resource Hash

1f76a066cd078dbf5578ee07a0b3cf398474a47b8616016ca1797cbcd9f90ffe

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 06 Jul 2023 15:14:59 GMT
server: nginx
etag: W/"64a6da73-958a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
expires: Sat, 06 Jul 2024 03:51:28 GMT

GET
H2 200 splide.min.js Show response
www.cbr.com/public/build/ 29 KB
13 KB 127ms
121ms Script
application/javascript 34.201.177.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cbr.com/public/build/splide.min.js

Requested by

Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.201.177.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-201-177-150.compute-1.amazonaws.com

Software

nginx /

Resource Hash

fd62e97ce1efec8f038643c0fa0a54cff911926b8eab345bb14b1514c68e5c3d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 06 Jul 2023 15:14:59 GMT
server: nginx
etag: W/"64a6da73-746b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
expires: Sat, 06 Jul 2024 03:51:28 GMT

GET
H2 200 valnet-footer-article.3b1f122d.js Show response
www.cbr.com/public/build/ 34 KB
9 KB 125ms
119ms Script
application/javascript 34.201.177.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cbr.com/public/build/valnet-footer-article.3b1f122d.js

Requested by

Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.201.177.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-201-177-150.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bb836ef399a57e0c7ba44b8fd7f45d1c74c6801c8c85460fb529a7e95aa2f74b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 06 Jul 2023 15:14:59 GMT
server: nginx
etag: W/"64a6da73-874f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, max-age=31536000, public
expires: Sat, 06 Jul 2024 03:51:28 GMT

GET
H2 200 valnet.js Show response
tru.am/scripts/custom/ 1 KB
1 KB 156ms
53ms Script
application/javascript 2606:4700:20::681a:274
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/custom/valnet.js
Requested by: Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 613b77472fe1bb53990f483b4a2f1ac45da23bba147b2cd3c01acdebb83b361d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 107206
x-guploader-uploadid: ADPycdvE4Tky94QpNLD6yrwcE8KCRIEouahyJ8xrd3M0JzSIq21ocxs7eVEzoX4u2QtueGmROR8lZSjnncx1S5vFBdWMO0_DzSZs
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 03 Apr 2023 22:04:27 GMT
server: cloudflare
etag: W/"ba4976d9927734a55fdb44dd745dbe0c"
vary: Accept-Encoding
x-goog-generation: 1680559467336795
content-type: application/javascript
x-goog-hash: crc32c=cO3DtA==, md5=ukl22ZJ3NKVf20TddF2+DA==
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RiQJSoMnZXj13U76jsP7S55Mvn0zu%2BGEd8%2FDIKE91XvP4Ax19oYQhoL3L2ypUeCE2NTZs7frK1s%2BCLR%2FEs7ULk%2Fa8UXvb4fFEAoE5mTlak9qgWwjr1fuRLZm2De%2BbJHsteODyg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 1208
cf-ray: 7e2d2113c9099b8c-FRA
expires: Thu, 04 Jul 2024 22:04:42 GMT

GET
H2 200 oPS.js Show response
d15kdpgjg3unno.cloudfront.net/ 111 KB
24 KB 170ms
47ms Script
text/javascript 2600:9000:237d:6400:11:b309:9100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=76
Requested by: Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:6400:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c7a36408f0134e6646ca510586a5442ca584b80d5e6fc1a28e53e2097fddebe8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: c0WSdVB2.2Jk3GQka2AdcYC210ejXlrw
content-encoding: gzip
via: 1.1 a1d3f4e4f5c5940d2f1eea05f736c3ee.cloudfront.net (CloudFront)
date: Thu, 06 Jul 2023 16:28:38 GMT
last-modified: Tue, 27 Jun 2023 20:42:40 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 40977
x-amz-server-side-encryption: AES256
etag: W/"44d676fc84fff66e4d66087662a090e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=84600
x-amz-cf-id: CUF7o45FGNPvhisLHbz7GuSxa1Scb8xtwwlTV76pi_D2zm3TnQDxKA==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 133ms
39ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Jul 2023 03:04:37 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2811
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 07 Jul 2023 05:04:37 GMT

GET
H2

200

web-vitals.attribution.iife.js Show response
unpkg.com/web-vitals@3.3.2/dist/
Redirect Chain

https://unpkg.com/web-vitals@3/dist/web-vitals.attribution.iife.js
https://unpkg.com/web-vitals@3.3.2/dist/web-vitals.attribution.iife.js

10 KB
4 KB

48ms
47ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.3.2/dist/web-vitals.attribution.iife.js

Requested by

Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/

Protocol

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5cd15052f401e674a9cea67de971c439a14dd45736f8b22d099844b95512930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3332100
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01H1KXW3FN4213CR9BVV111CH5-fra
server: cloudflare
etag: W/"27e8-2gWdI0YqrvA4gfZD06zv9JAk+cY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7e2d21140ca418c7-FRA

Redirect headers

date: Fri, 07 Jul 2023 03:51:28 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01H4Q7KB80HXW4A8BWM3H4822D-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 15
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@3.3.2/dist/web-vitals.attribution.iife.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 7e2d2113bc2718c7-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 162 KB
59 KB 75ms
65ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PWXXCF2

Requested by

Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

efe99140f165ad1d7a7737817657f967135d1e8f07498306b4e75f74f4bce0be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59891
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Jul 2023 03:51:28 GMT

GET
H2 200 v2fflEQop-cqjeSFfKfosPhBrq6CaMl43uxJGSEqLdadWGrWuj4IjGjg Show response
aloofvest.com/ 602 KB
103 KB 189ms
67ms Script
text/javascript 2600:1901:0:4277::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aloofvest.com/v2fflEQop-cqjeSFfKfosPhBrq6CaMl43uxJGSEqLdadWGrWuj4IjGjg

Requested by

Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

1d47d5e787391abf80d345dad6406690d5f2a549bd2f9387f2505d22b47405de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Fri, 07 Jul 2023 03:51:28 GMT
x-datacenter: gce-europe-west1
etag: "d9fca70eadfd86f12ecf369695cdd48e20db626bdceafb7402eeb6747c8beaaa"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-btwc
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 912179704
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 v2mkdpQPEaAyvSrTASwfpJ0y5L4GLUFex1O2P5qYhPJSV9Y4G815sFg7wbk032C1M_VCjNwIy Show response
aloofvest.com/ 9 KB
4 KB 170ms
52ms Script
text/javascript 2600:1901:0:4277::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aloofvest.com/v2mkdpQPEaAyvSrTASwfpJ0y5L4GLUFex1O2P5qYhPJSV9Y4G815sFg7wbk032C1M_VCjNwIy

Requested by

Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

64a8a922a6f43dc6b97f4ab30e104e385d95790d5598d899b068eea2801a76d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
via: 1.1 google
date: Fri, 07 Jul 2023 03:51:28 GMT
x-datacenter: gce-europe-west1
etag: "f362d8f05fc8a91dbfed081e8dade314de13f4dc3fc55f9eebb6840caf578c27"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-btwc
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
x-buildnumber: 912179704
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 269 Show response
a.ad.gt/api/v1/u/matches/ 11 KB
4 KB 351ms
226ms Script
application/javascript 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/269?url=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&ref=
Requested by: Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7915bdd360552e230a1a42811225f7e7a098d1358206af638852da7c9f701cc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
last-modified: Fri, 07 Jul 2023 03:41:48 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 7e2d2114dab330f6-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
26 KB 196ms
76ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2773e13c4fefcefa5801f219a4d286ccfc1841f02798447c020ea5a02ed7e4b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26405
x-xss-protection: 0
server: cafe
etag: 189 / 19545 / m202306280101 / config-hash: 154671031251390638
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 07 Jul 2023 03:51:28 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 236 KB
58 KB 168ms
52ms Script
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:35:13 GMT
content-encoding: gzip
via: 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront), 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 21:03:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P3
age: 976
x-amz-server-side-encryption: AES256
etag: W/"9352f20e556bff9fea6fd0461aac850d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 1tC5VVPkPED84rW49mtk8_BH-O8R3Ux4vb4DstN0Q2ynMXHTSr7h9g==

GET
H2 204 segments.js Show response
seg.ad.gt/api/v1/ 0
131 B 499ms
382ms Script
text/html 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v1/segments.js?partner_id=269&url=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F
Requested by: Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:29 GMT
cache-control: max-age=14400
cf-cache-status: MISS
server: cloudflare
cf-ray: 7e2d2114ebf79a1d-FRA
vary: Accept-Encoding
content-type: text/html; charset=utf-8

GET
H2 200 cookie-sync.html Show response
mbid.marfeelrev.com/static/ Frame 98E7 6 KB
3 KB 156ms
40ms Document
text/html 144.76.226.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mbid.marfeelrev.com/static/cookie-sync.html
Requested by: Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.226.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy05.cl01.het.mrf.io
Software: istio-envoy /
Resource Hash: c97fc82429a0a8c24a88c64213782da0c325bebc3fc3293235c5c5bd79cb0aa0

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Fri, 07 Jul 2023 00:51:28 ART
expires: 0
last-modified: Fri, 28 Apr 2023 06:11:19 ART
pragma: no-cache
server: istio-envoy
vary: accept-encoding
x-envoy-upstream-service-time: 0

GET
H2 200 cbr-logo-full-white.91e2aee0.svg
www.cbr.com/public/build/images/ 6 KB
2 KB 118ms
118ms Image
image/svg+xml 34.201.177.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.cbr.com/public/build/images/cbr-logo-full-white.91e2aee0.svg

Requested by

Host: www.cbr.com
URL: https://www.cbr.com/public/build/article-regular.61e4bdb4.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.201.177.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-201-177-150.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c9571d9345e61bb97e3090ffb2cf4f4773ede5191fea96bc86b4f05c521a3396

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/public/build/article-regular.61e4bdb4.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-xss-protection: 1; mode=block
pragma: public
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 06 Jul 2023 15:14:59 GMT
server: nginx
etag: W/"64a6da73-16b7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, max-age=31536000, public
expires: Sat, 06 Jul 2024 03:51:28 GMT

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/1/ 25 KB
9 KB 43ms
42ms Script
application/x-javascript 143.204.215.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Requested by: Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/b1c80b5e-e909-4d5d-ba94-1d63bb1c4212/launchpad-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-114.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: IBczV1acfLsLLKzHm11PkizTXPxE9_cH
content-encoding: gzip
via: 1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
date: Fri, 07 Jul 2023 03:21:10 GMT
x-amz-cf-pop: FRA53-C1
age: 1819
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:f09170b2-5416-4e55-be91-38e5eec207ec
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: a78f2a5a4864424e54348ce47b156abb
last-modified: Thu, 10 Mar 2022 13:10:48 GMT
server: AmazonS3
etag: W/"3e312624cdc2445a38a716f92dc3c0cd"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: e4ad213b137401d20a50fe1692169cc5f8b39867b6fe39afed7e307e1b9c967e
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: -kxRdpjF95lha-a8EnmU_HiDAtwAnxk4FfvJzdL23LI75KcUgUOxuQ==

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
436 B 173ms
48ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cbr.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
82 KB 55ms
54ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0DTR9KMTE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWXXCF2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

26d2faea8778e1dcca85bc25d9792b0d811cfe8fde241dadd297b63ca83db765

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84225
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 07 Jul 2023 03:51:28 GMT

GET
H2 200 ta-pagesocial-sdk.js Show response
tru.am/scripts/ 27 KB
11 KB 61ms
61ms Script
text/javascript 2606:4700:20::681a:274
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by: Host: tru.am
URL: https://tru.am/scripts/custom/valnet.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a20b371f96093be0c049b07134deb9bec533817ce791e865aaab7b60dfe4beb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 382792
x-guploader-uploadid: ADPycdvVwq-KDKfGBJ5Og9mq52ibLlmtv0__hVaheqBNR6uTKcl-eDTVu5XKO2l0-mxn0utDRiK18DrTSTBw4d7mQ91r
x-goog-storage-class: REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Jul 2022 07:45:14 GMT
server: cloudflare
etag: W/"2925c8da90d1d29f7899fa52629fe37d"
vary: Accept-Encoding
x-goog-hash: crc32c=TsbXyg==, md5=KSXI2pDR0p94mfpSYp/jfQ==
x-goog-generation: 1658389514760491
content-type: text/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qz5ZbALfWJRYEHnGGMLhQgtOTRJWXWcNwdrNMC3Nh%2FydGpDYPpsXFMXlsQj4O8vSOZ4Jie8MsS%2Fvasz7HF5KTbJzERqJIeuaELJ5RMEu0yJvjrzOvKpbPIibJqQTaNMZlSK1Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2678400
x-goog-stored-content-length: 27860
cf-ray: 7e2d211489c59b8c-FRA
expires: Sun, 02 Jul 2023 17:31:46 GMT

POST
H2 200 cookie_sync Show response
mbid.marfeelrev.com/ Frame 98E7 1 KB
685 B 41ms
41ms XHR
application/json 144.76.226.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mbid.marfeelrev.com/cookie_sync
Requested by: Host: mbid.marfeelrev.com
URL: https://mbid.marfeelrev.com/static/cookie-sync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.226.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy05.cl01.het.mrf.io
Software: istio-envoy /
Resource Hash: 369b6a06cf0598a92b22182eb79ecc4387aff4c5507cdf798d5febccb1f5656d

Request headers

Referer: https://mbid.marfeelrev.com/static/cookie-sync.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:28 GMT
content-encoding: gzip
server: istio-envoy
content-type: application/json
access-control-allow-origin: https://mbid.marfeelrev.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
content-length: 435
expires: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 140ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0DTR9KMTE&gtm=45je3750&_p=1969631236&cid=915841126.1688701889&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1688701888&sct=1&seg=0&dl=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&dt=The%20Last%20of%20Us%20Part%203%20Leaks%20Ellie%27s%20Role%2C%20New%20Main%20Characters&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.post_id=4075999&ep.article_template=article&ep.browser_user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36&ep.author=lance-gose&ep.jr_editor=julia-anderson&ep.sr_editor=emily-zogbi&ep.primary_category=%7CGames%7C&ep.tags=%7CThe%20Last%20of%20Us%7C&ep.payment_category=news&ep.content_type=News&ep.intent=Short-Term&ep.network_category=aaa_games_non_service&ep.is_amp_traffic=false&ep.template=content-all&ep.is_ad_block=false&ep.classification=Standard&ep.is_subscribed_premium=false&ep.subscription_plan=free&ep.ip_address=80.255.7.106&ep.date_published=20230704&ep.date_republished=20230704&ep.first_view=true&ep.first_visit=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0DTR9KMTE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cbr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
606 B 41ms
41ms Fetch
application/json 13.32.99.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-59.fra60.r.cloudfront.net
Software: /
Resource Hash: 3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

Accept: application/json
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Jul 2023 01:13:33 GMT
via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront), 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA60-P3
age: 9476
x-amzn-requestid: 267f33e9-211d-4562-badd-7b6a7a6a4d03
x-amzn-trace-id: Root=1-64a766bd-5ba00a1e7ea0f997066af844;Sampled=0;lineage=06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: Hqz9mH13DoEFv8A=
content-length: 28
x-amz-cf-id: eRjvqKUunPkGVyImkNKD7AQU3q39YKQLGEm7eryv1IGJSAPiCjG-YQ==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 229ms
113ms Preflight
application/json 13.32.99.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-59.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.cbr.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Fri, 07 Jul 2023 03:51:28 GMT
via: 1.1 5c79308f72e53cdf81a950b478a7e144.cloudfront.net (CloudFront), 1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-apigw-id: HrLGMGS6DoEF1HA=
x-amz-cf-id: gyraH-QIwrjcORktjhoky6xec6DRsO5UEqwiIIohm9SFbQ4lFEgJ9g==
x-amz-cf-pop: FRA56-P3 FRA60-P3
x-amzn-requestid: d8df1c2b-38cf-4c28-957f-a921212185a6
x-cache: Miss from cloudfront

GET
H2 200 b-e09f10f-d93d43bf.js Show response
tagan.adlightning.com/valnet/ 76 KB
29 KB 46ms
45ms Script
application/javascript 18.173.187.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/valnet/b-e09f10f-d93d43bf.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-57.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15c8a0708e3db7938bb7d7a63b5c67abad96dde683cccef9b5254e82e203cf62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 05 Jun 2023 16:35:58 GMT
content-encoding: gzip
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
x-amz-version-id: Zv9.b8J7cZOfuJGJyhlkBF6T85xjCqrA
x-amz-cf-pop: MUC50-P4
age: 2718930
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 28870
x-amz-meta-git_commit: e09f10f
last-modified: Mon, 05 Jun 2023 16:35:39 GMT
server: AmazonS3
etag: "82cf001d792438020a87c24097f91aa6"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: Kg-IU0QSE7auJfrreatbareX9ow5W21JF2nI3RsPODQjuPUTLqayVg==

GET
H2 200 bl-1e0054c-701c4408.js Show response
tagan.adlightning.com/valnet/ 136 KB
43 KB 58ms
57ms Script
application/javascript 18.173.187.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/valnet/bl-1e0054c-701c4408.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-57.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ff7dfd29448564b605d0b90bd9fd27a2596ecf57fb6f10806f0a4466ea5f7b61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 20:45:21 GMT
content-encoding: gzip
via: 1.1 512a3ed98fa59f06791d5919b48bcde0.cloudfront.net (CloudFront)
x-amz-version-id: op64BA9fGxEjJKWhI9un.vJjA.WPcNGX
x-amz-cf-pop: MUC50-P4
age: 25568
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 43696
x-amz-meta-git_commit: 1e0054c
last-modified: Thu, 06 Jul 2023 20:31:25 GMT
server: AmazonS3
etag: "cc2d085ef225c687afe22b85c267e2db"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: d1LPST2nNvkNOJ5tfCbbxhfbrQ0sMqHtg4lF7KgNiTEGgFverq7CBA==

GET
H/1.1

200
OK

usermatchredir
ssum.casalemedia.com/ Frame 98E7
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=184550&cb=
https://ssum.casalemedia.com/usermatchredir?s=184550&cb=&C=1

43 B
766 B

43ms
43ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum.casalemedia.com/usermatchredir?s=184550&cb=&C=1
Requested by: Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbid.marfeelrev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Jul 2023 03:51:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 07 Jul 2023 03:51:29 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /usermatchredir?s=184550&cb=&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
365 B 201ms
82ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 07 Jul 2023 03:51:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.cbr.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

POST
H2 204 beacon
beacon.tru.am/ 0
0 259ms
159ms Fetch 2606:4700:20::681a:274
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.tru.am/beacon
Requested by: Host: tru.am
URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:29 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
surrogate-control: no-store
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRhotYwl1fqr%2FGWwgnuA4Zyo0Wqfsofy481aCgKasycb%2BRHXHcB07JZkVget7fwaSv9hYbuyGbpbIbs8JjvYuyrkdBZ4eyDme4ZENSebxkjqTMP%2FMBY33VCOiLr3IiUGB8J3rtH3T3ILEjE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray: 7e2d2116ed4c3637-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 120ms
40ms XHR
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 05:41:30 GMT
x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 79800
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 7ITgXmiktghSRRmtQMU-40z7JCm-Y7ry1UiQNsmvsFWNmLu5g_br6Q==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/ 392 KB
125 KB 160ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 06:03:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78457
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127514
x-xss-protection: 0
server: cafe
etag: 13498126467117012333
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 05 Jul 2024 06:03:52 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
481 B 151ms
39ms Image
image/gif 2600:9000:26da:7400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adslot=mjoqz_728x90_
Requested by: Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:7400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 28 May 2023 02:26:58 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 3a5ebe10b769db9444c2df2c2e8a76a8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 3461071
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: nrPWinb24XO921hqMObKeFbHI73kc8-UC4QiL9x8asrSHOE7gf0-kQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
206 B 51ms
47ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1969631236&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&ul=en-us&de=UTF-8&dt=The%20Last%20of%20Us%20Part%203%20Leaks%20Ellie%27s%20Role%2C%20New%20Main%20Characters&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAQCACAAI~&jid=1670703490&gjid=631708012&cid=915841126.1688701889&tid=UA-2762275-1&_gid=2122753804.1688701889&_r=1&_slc=1&cd1=4075999&cd2=lance-gose&cd3=&cd4=Games&cd5=Games&cd6=regular&cd7=1&cd8=all&cd9=&cd10=&cd11=false&cd12=native&cd13=article&cd14=4075999&cd15=lance-gose&cd16=julia-anderson&cd17=emily-zogbi&cd18=regular&cd19=all&cd20=false&cd21=1&cd22=false&cd23=native&cd24=desktop&cd25=80.255.7.106&cd26=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36&cd27=20-24&cd28=20230704&cd29=&cd30=news&cd31=%7CGames%7C&cd32=%7CThe%20Last%20of%20Us%7C&cd33=N&cd34=showAds&cd35=false&cd36=content-all&cd38=aaa_games_non_service&cd39=News&cd40=Short-Term&cd41=20230704&cd44=Standard&cd45=free&z=1261157688

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cbr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
346 B 157ms
49ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2762275-1&cid=915841126.1688701889&jid=1670703490&gjid=631708012&_gid=2122753804.1688701889&_u=IADAAEAAAAQCACAAI~&z=1085562381

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 07 Jul 2023 03:51:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cbr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prebid
rtb.openx.net/sync/ Frame 98E7 43 B
245 B 158ms
48ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/prebid?gdpr=&gdpr_consent=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24%7BUID%7D
Requested by: Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbid.marfeelrev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:29 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H2 200 strpixel.png Show response
www.cbr.com/ 103 B
441 B 134ms
133ms XHR
image/png 34.201.177.150
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cbr.com/strpixel.png?time=1688701889727&type=pageVisit&permalink=/the-last-of-us-part-3-leak-ellie-new-characters/

Requested by

Host: www.cbr.com
URL: https://www.cbr.com/public/build/valnet-footer.4d9b1b1e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.201.177.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-201-177-150.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d4ed5bd20c3036042165e91001bd91497551164b0e34c76cb8a6eb15c33f3c15

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:29 GMT
content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Mar 2023 20:21:18 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: "64064b3e-67"
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
content-length: 103
x-xss-protection: 1; mode=block

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 4 KB
5 KB 43ms
43ms XHR
application/json 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3741&u=https%3A%2F%2Fwww.cbr.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 31132c72c7fdd9ec6a227fa1eaf04d17c9b2c0381cf20de780c6027a56a4a23e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:27:28 GMT
via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
age: 1440
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.cbr.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 4300
x-amz-cf-id: pKwmEFZht8sPR7Y64Hn7prcWj9k8gUKZMW1GY1li-E8RzM9AoYG5Bw==

GET
H2 200 .js Show response
dyv1bugovvq1g.cloudfront.net/76/www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/ 54 KB
2 KB 161ms
59ms XHR
application/json 2600:9000:237d:8200:5:82fd:2500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyv1bugovvq1g.cloudfront.net/76/www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/.js
Requested by: Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:8200:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f545cb836815f9d4f7cb6d5c2aecc8b97bc18224f372f3c8de693ab62617f94

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 07 Jul 2023 03:47:07 GMT
content-encoding: gzip
via: 1.1 e33c4b19512a86c5972c18d1c60d21f8.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
age: 263
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1382
x-amz-expiration: expiry-date="Wed, 06 Sep 2023 00:00:00 GMT", rule-id="cleanup"
last-modified: Fri, 07 Jul 2023 03:34:19 GMT
server: AmazonS3
etag: "7b455ffaa21fb39203e087a65a77489c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cbr.com
cache-control: max-age=300
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: Ux9ewFKZ77JC5SgjE2TsgKx0Mxzw1azpJNixWvjVRalyooS23ZgTug==

GET
H2 200 liveView.php Show response
live.primis.tech/live/ 46 KB
17 KB 169ms
55ms Script
text/javascript 2600:9000:2251:b000:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?s=108504&subId=[CBR-Reg-Org]
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 62317653aec8072f08482c2dce044e9ce7da85536e67b01109571c65f96d8603

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:29 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-id: bVD1xYIjxtlRC0KyQ_IBf-1yfqplb8OxXb8XCuHMgdrpHomYfdpJ2g==

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 14 KB
5 KB 156ms
58ms Script
application/javascript 23.67.137.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-67-137-210.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:29 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "38c0-5e92054540ea5-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 5252
expires: Fri, 07 Jul 2023 04:06:29 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 151ms
55ms Script
application/javascript 23.67.137.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-67-137-210.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:29 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Fri, 07 Jul 2023 04:06:29 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ 38 KB
12 KB 138ms
45ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e91aaec2cb3510b97bb0655abdb08942dbefd617b169d0cd97b23fc48e68b2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:29:55 GMT
content-encoding: gzip
via: 1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 1295
x-amz-server-side-encryption: AES256
etag: W/"560498a44e7d42477433425cdafd6a16"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 3oXJ8YrLdmDimyLtYJoAIrBxJVOB3eIXcYbJ0H310ZSfSgbQ6lphAg==

GET
H2 200 ima.js Show response
cdn-ima.33across.com/ 10 KB
4 KB 155ms
52ms Script
application/javascript 172.64.152.222
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ima.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.222 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22f242ff812c8a2ce97a04475df3970476d556a9391984b907a1f0d87fbe824b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:29 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 15 Jun 2023 16:15:13 GMT
server: cloudflare
age: 28361
etag: W/"648b3911-286a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400
cf-ray: 7e2d211be9b93737-FRA
expires: Sat, 08 Jul 2023 03:51:29 GMT

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ 55 KB
10 KB 157ms
56ms Script
application/javascript 2606:4700:10::6816:35ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&ref=&_it=amazon&partner_id=269
Requested by: Host: www.cbr.com
URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:29 GMT
content-encoding: gzip
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 22 May 2023 16:51:11 GMT
server: cloudflare
x-amz-request-id: D9H0BKD49BT4VXPH
age: 1639
etag: W/"82b3b53182a6a8dbe6684806275e839a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7e2d211befe218df-FRA
x-amz-id-2: NYMqTPppEBiG4bbM2+rgByDV6NSeJDUeioacPP/TyAP0fbAmvOO4RCVRrzA/p/xpSBZuJnb15Hs=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 101 KB
25 KB 154ms
59ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: BD40DJT7KN67EDSE
age: 1904
etag: W/"bb626f116ff54963039a9ea05c53620b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7e2d211bdd4ebb8f-FRA
x-amz-id-2: BXq2klHOlDwCQitMv5cAqNz27G3QILBAm+E5fpwK1vk8nK0iqTKXMrSNSyhsQlr93LqAyyqiSSk=

POST
H/1.1 200
OK Test_oPS_Script_Loads Show response
sqs.us-east-1.amazonaws.com/397719490216/ 378 B
658 B 480ms
121ms XHR
text/xml 3.236.169.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D76%26bt%3Dnull
Requested by: Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=76
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.236.169.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-236-169-87.compute-1.amazonaws.com
Software: /
Resource Hash: e231ed36d335957a2a4266860151d48215e4c59f56ab3efd66e470ef6e391aaa

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date: Fri, 07 Jul 2023 03:51:30 GMT
x-amzn-RequestId: 4f50f7d8-31d9-5d00-bd03-aaf9bfdb19ca
Content-Length: 378
Content-Type: text/xml

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 181ms
75ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2762275-1&cid=915841126.1688701889&jid=1670703490&_u=IADAAEAAAAQCACAAI~&z=1528163963

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 160ms
68ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2762275-1&cid=915841126.1688701889&jid=1670703490&_u=IADAAEAAAAQCACAAI~&z=1528163963

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 98E7 0
239 B 233ms
42ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-marfeel&gdpr=&gdpr_consent=&us_privacy=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbid.marfeelrev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H3 200 c41d16ea5284ec423d8d57f4cc93fa95d5aaa2 Show response
aloofvest.com/send/1ceb7f5d242e35/ 206 B
233 B 180ms
73ms Fetch
application/json 2600:1901:0:4277::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aloofvest.com/send/1ceb7f5d242e35/c41d16ea5284ec423d8d57f4cc93fa95d5aaa2

Requested by

Host: aloofvest.com
URL: https://aloofvest.com/v2fflEQop-cqjeSFfKfosPhBrq6CaMl43uxJGSEqLdadWGrWuj4IjGjg

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

1f06b09e19ec355d3b2f5b6189428e24c583533ab9acaaa3bcd7d04af1d3c1a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Fri, 07 Jul 2023 03:51:30 GMT
via: 1.1 google
x-buildnumber: 912179704
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cbr.com
x-hostname: fen-hoothoot-europe-west1-spot-btwc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Fri, 07 Jul 2023 03:51:29 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
331 B 205ms
55ms XHR
application/json 52.30.150.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.150.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-150-15.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: cb96f9ccdcbf6028838eca33f7fcb41af5e8fad19fd36faf5d9e6eb3402341db

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:30 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.cbr.com
cache-control: no-cache
x-server: 10.45.4.23
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame BCBF 5 KB
2 KB 71ms
70ms Script
text/javascript 2600:9000:2251:b000:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?s=108504&subId=[CBR-Reg-Org]&cbuster=1688701889&pubUrlAuto=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108504&subId=[CBR-Reg-Org]
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8da1b18e309ebca5864b3ca167ddc8ca77b987b42a9e693514038ef5bfa69d85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:29 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-id: 6_ITtJe2iututM_OffyNTeub5Zg1pdTFhhNScGslH4B6YzkeHqdlMg==

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ 92 B
283 B 148ms
147ms XHR
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=269&sync=0&domain=www.cbr.com&url=https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&ref=&_it=amazon&partner_id=269
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d42b231c0e17b420d1f4387bfcb912f4e3f36dda20bf24b096e380e48ae1ef50

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Jul 2023 03:51:30 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private,max-age=30
access-control-allow-credentials: true
debug: NON-OPTIONS
access-control-allow-headers: authorization
cf-ray: 7e2d211e2cc13623-FRA

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 253ms
137ms Preflight
application/json 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=269&sync=0&domain=www.cbr.com&url=https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.cbr.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cache-control: max-age=31536000 public, no-transform
cf-cache-status: DYNAMIC
cf-ray: 7e2d211d4c193623-FRA
content-length: 0
content-type: application/json
date: Fri, 07 Jul 2023 03:51:30 GMT
debug: OPTIONS block
expires: Sat, 06 Jul 2024 03:51:30 GMT
server: cloudflare

GET
H2 200 iab_consent_sdk.v1.0.js Show response
live.primis.tech/content/ClientDetections/ Frame BCBF 19 KB
8 KB 52ms
50ms Script
application/javascript 2600:9000:2251:b000:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108504&subId=[CBR-Reg-Org]&cbuster=1688701889&pubUrlAuto=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:29 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Wed, 12 Feb 2020 15:01:36 GMT
server: nginx
x-amz-cf-pop: FRA60-P3
etag: W/"5e441350-4be0"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: TJzpmHsb-ZES0NYre52v7sJstKZMsxxJeRnmwnbKxOkKnVSiF-jmgg==
expires: Sat, 06 Jul 2024 03:51:29 GMT

GET
H2 200 DetectGDPR2.v1.1.js Show response
live.primis.tech/content/ClientDetections/ Frame BCBF 9 KB
4 KB 52ms
51ms Script
application/javascript 2600:9000:2251:b000:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108504&subId=[CBR-Reg-Org]&cbuster=1688701889&pubUrlAuto=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:29 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Thu, 11 Feb 2021 09:45:48 GMT
server: nginx
x-amz-cf-pop: FRA60-P3
etag: W/"6024fccc-228f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: k_5rAx-MMsPMdEUXUI2P-sTjNV_X8mYGgLyaEBTEEHJhx_R4QjG1uA==
expires: Sat, 06 Jul 2024 03:51:29 GMT

GET
H2 200 DetectGDPR.v1.1.js Show response
live.primis.tech/content/ClientDetections/ Frame BCBF 8 KB
3 KB 64ms
63ms Script
application/javascript 2600:9000:2251:b000:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108504&subId=[CBR-Reg-Org]&cbuster=1688701889&pubUrlAuto=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:29 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Thu, 11 Feb 2021 09:45:48 GMT
server: nginx
x-amz-cf-pop: FRA60-P3
etag: W/"6024fccc-1ef8"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: ezmiOv7qyblkqPDHDScvhOWOZ-SfCm7GWwsn21nNHqwRi0R0FQWmJg==
expires: Sat, 06 Jul 2024 03:51:29 GMT

GET
H2 200 hls.0.12.4_3.min.js Show response
live.primis.tech/content/video/hls/ Frame BCBF 258 KB
115 KB 59ms
58ms Script
application/javascript 2600:9000:2251:b000:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108504&subId=[CBR-Reg-Org]&cbuster=1688701889&pubUrlAuto=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:29 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Wed, 23 Mar 2022 12:48:36 GMT
server: nginx
x-amz-cf-pop: FRA60-P3
etag: W/"623b1724-409bc"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: PxSk7QZVJlMyLjZ2e16JTbNsgMsUf_5xdOrme7YdpNYxnZEAkqhj2g==
expires: Sat, 06 Jul 2024 03:51:29 GMT

GET
H2 200 prebidVid.7.16.0_11.min.js Show response
live.primis.tech/content/prebid/ Frame BCBF 511 KB
257 KB 62ms
61ms Script
application/javascript 2600:9000:2251:b000:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_11.min.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108504&subId=[CBR-Reg-Org]&cbuster=1688701889&pubUrlAuto=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8dfee02c6420dfddb8ea89f50f382e993c891f62400b1a02b7cb8314510f1ab4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:29 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 13:15:19 GMT
server: nginx
x-amz-cf-pop: FRA60-P3
etag: W/"649d83e7-7fc5c"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-amz-cf-id: H-FsxQZ5TDp9ZSlvRoKDUwx0cKiYiqZiNOCvuylyZJn_D0MCL6xN0g==
expires: Sat, 06 Jul 2024 03:51:29 GMT

GET
H2 200 liveVideo.php Show response
live.primis.tech/live/ Frame BCBF 614 KB
259 KB 189ms
188ms Script
text/html 2600:9000:2251:b000:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30372D30375F30367D7B7331363734393939387D7B4335377D7B5359324A794C584A6C5A793176636D6466643364334C6D4E696369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583732387D7B593431307D7B66317D7B4C31313433357DFEFE&userIpAddr=2a01%3A4a0%3A1338%3A92%3A%3A7&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.198+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=25&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1688701889&csuuid=64a78bc1ee701&debugInfo=16749998_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749998&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4eixkownml&secondaryContent=&x=728&y=410&pubUrl=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5235&geoLong=13.3556&vpTemplate=11435&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BCBR-Reg-Org%5D&appName=&appBundleId=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=108504&subId=[CBR-Reg-Org]&cbuster=1688701889&pubUrlAuto=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fe244632378c904202503d2b49d0d1e83133143f11f2e89c1bab5c03c9e98525

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:29 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
x-amz-cf-id: vw7VO0r-ZSE-COs0SEqqRHtSx3Jvl23n7mzIkEcm2acKXcIH65gHGw==

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 49 KB
17 KB 49ms
49ms Script
application/javascript 23.67.137.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-67-137-210.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:30 GMT
content-encoding: gzip
last-modified: Tue, 20 Sep 2022 18:52:26 GMT
server: Apache
etag: "c4b6-5e920545406d3-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17042
expires: Fri, 07 Jul 2023 04:06:30 GMT

POST
H3 200 f5b1b38aef935c6c34f087f1149ead931f2f175b0e89 Show response
aloofvest.com/81b3b1c1/ 2 KB
814 B 54ms
54ms Fetch
application/json 2600:1901:0:4277::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aloofvest.com/81b3b1c1/f5b1b38aef935c6c34f087f1149ead931f2f175b0e89

Requested by

Host: aloofvest.com
URL: https://aloofvest.com/v2fflEQop-cqjeSFfKfosPhBrq6CaMl43uxJGSEqLdadWGrWuj4IjGjg

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

d0706457807f4878af05eca2139e9fc785a17d548ee5217484fe5d4cf8cf518f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
via: 1.1 google
date: Fri, 07 Jul 2023 03:51:30 GMT
x-buildnumber: 912179704
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cbr.com
x-hostname: fen-hoothoot-europe-west1-spot-btwc
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H2

200

setuid
mbid.marfeelrev.com/ Frame 98E7
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fmbid.marfeelrev.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D%2526gdpr_consent%253D%2526us_privacy%253D%2526f%253Di%2526uid%253D%2524UID
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6489909190653916357

86 B
571 B

40ms
40ms

Image
image/png

144.76.226.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6489909190653916357
Protocol: H2
Server: 144.76.226.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy05.cl01.het.mrf.io
Software: istio-envoy /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbid.marfeelrev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:29 GMT
content-encoding: gzip
server: istio-envoy
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 0
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:30 GMT
an-x-request-uuid: 5c31dcdf-bfc4-49a6-bfc4-28b3d927bffe
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6489909190653916357
x-proxy-origin: 80.255.7.106; 80.255.7.106; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 190 B
394 B 165ms
41ms XHR
application/json 2a02:fa8:8806:13::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:29 GMT
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.cbr.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 190
expires: Fri, 07 Jul 2023 04:21:30 GMT

GET
H2 200 ConsentManager,Sticky2 Show response
scarfsmash.com/files/217421b4046cebc/93f3373354fb3915b38d8aca2fb/ 283 KB
82 KB 189ms
59ms Script
text/javascript 2600:1901:0:d733::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://scarfsmash.com/files/217421b4046cebc/93f3373354fb3915b38d8aca2fb/ConsentManager,Sticky2

Requested by

Host: aloofvest.com
URL: https://aloofvest.com/v2fflEQop-cqjeSFfKfosPhBrq6CaMl43uxJGSEqLdadWGrWuj4IjGjg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

73c8fb58b7c51fbd48a0b5aa403faaabd31a0d4984edee4104592832d50a98f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Origin: https://www.cbr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Fri, 07 Jul 2023 03:51:30 GMT
x-buildnumber: 912179704
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-datacenter: gce-europe-west1
etag: "825f706c4a77366248ce35f39f382548156da8bd82d07a48d05fa78117723b55"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language, Origin
access-control-allow-methods: POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://www.cbr.com
x-hostname: fen-hoothoot-europe-west1-spot-btwc
cache-control: private, must-revalidate, max-age=21600
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H2 200 primisslate.css
live.primis.tech/content/video/css/ 18 KB
7 KB 51ms
50ms Stylesheet
text/css 2600:9000:2251:b000:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/content/video/css/primisslate.css
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:29 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
last-modified: Mon, 05 Jun 2023 10:07:38 GMT
server: nginx
x-amz-cf-pop: FRA60-P3
etag: W/"647db3ea-469b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: mClJETZ6ux13r7BCayOIhf6lWTKT77npaxHe-OrXdRIm6yUdWFiKcw==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame BCBF 236 KB
58 KB 45ms
44ms Script
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30372D30375F30367D7B7331363734393939387D7B4335377D7B5359324A794C584A6C5A793176636D6466643364334C6D4E696369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583732387D7B593431307D7B66317D7B4C31313433357DFEFE&userIpAddr=2a01%3A4a0%3A1338%3A92%3A%3A7&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.198+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=25&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1688701889&csuuid=64a78bc1ee701&debugInfo=16749998_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749998&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4eixkownml&secondaryContent=&x=728&y=410&pubUrl=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5235&geoLong=13.3556&vpTemplate=11435&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BCBR-Reg-Org%5D&appName=&appBundleId=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:35:13 GMT
content-encoding: gzip
via: 1.1 fd4a8fa7c304171992e7f22fc8894904.cloudfront.net (CloudFront), 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
last-modified: Thu, 29 Jun 2023 21:03:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P3
age: 978
x-amz-server-side-encryption: AES256
etag: W/"9352f20e556bff9fea6fd0461aac850d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 1CZeWSFHo28qVs7lkzPCoOY8jonQuWbakS6sBl9eFXaZVXbYhpNrMQ==

GET
H2 200 css
fonts.googleapis.com/ 1 KB
853 B 166ms
50ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins&display=swap

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Jul 2023 03:51:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 02:18:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jul 2023 03:51:30 GMT

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame BCBF 86 KB
10 KB 81ms
81ms XHR
application/json 2600:9000:2251:b000:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwQyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMmA4NmUyMxZ2nWRyo182MTM1YmxjMwt3MDt0ODx4OTQ5MwxlJTJGqzyxNwRuNwA2NWRxYWFwNmI4MTYlNTx0OS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcJMEjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu6TURaM05TOTJuV1JfYwE4Mx1UTTFZrzg3TWcaM01EZmBPRGf0T1RRNU1dn3yMM1cjWxRZMFyUWXqOnyZeWxqGnFy6Y3yPREUlTWcVNU5En3VvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnzp0TzcwM01dQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx9EZmROrx00TWcBS2ZRLz4lNzRenXZxTx84TU5mRTqOTyFaUaqLn1NIT0gSS3JGrzZEWVRKMU1BrWpzqzyxX2NioaRyoaRsnWQ9MmQkODxlMlZ2nWRsY29hqGVhqF9xZXNwPVFVSVbyM0EeVW5lYXZyoCg0nGUeQW1uoGquoSgDo21cY3MeTWFmnC11pHMeJTImU2uipaRmJaZcZF9wo250ZW50X3RcqGkyPVFVSVbyM0EeVW5lYXZyoCg0nGUeQW1uoGquoSgDo21cY3MeTWFmnC11pHMeJTImU2uipaRmJaZcZF9wo250ZW50X2R1pzF0nW9hPTQlJaBfYWNyoWVhqFN0pzVuoVR5pGU9MSZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTEjODMjJat9NmI4Jax9NDEjJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5wYaIhY29gJTJGqGuyLWkup3Qgo2YgqXMgpGFlqC0mLWkyYWfgZWkfnWUgozV3LWNbYXJuY3RypaMyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMmJEMmAmNmJEMmAmNmVGMmAmNwqEN0I3MmMkMmYmNmM0MmxmOTM5Mmt3RDqCNDMmNTM3N0Q3QwUmNTxmMwRBNmx0QmU4NEE2QmVBNmxmMTp2NwM2RDY0NwY2NDMmNwQmMmRDNxQ0RTY5NwM2OTM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNmMlMmt3RDqCNTxmNDMkMmA3RDqCNwYmMTqEN0I0QmMkMmEmNDMmMmU3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGq3q3LzNvpv5wo20yMxZ0nGUgoGFmqC1iZv11pl1jYXJ0LTMgoGVunl1yoGkcZS1hZXpgY2uupzFwqGVlplUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NTIhNTImNSZaZW9Mo25aPTEmLwM1NTYzqXNypxyjQWRxpw0lYTAkJTNBNGEjJTNBMTMmOCUmQTxlJTNBJTNBNlZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTE0LwAhNTpmNS4kOTteU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJaN1YxyxPSU1QxNCUv1SZWpgT3JaJTVEJzNmqXVcZD02NGE3OGJwMWVyNmAkJzNvqXN0ZXI9MTY4ODpjMTt5MDMkNSZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30372D30375F30367D7B7331363734393939387D7B4335377D7B5359324A794C584A6C5A793176636D6466643364334C6D4E696369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583732387D7B593431307D7B66317D7B4C31313433357DFEFE&userIpAddr=2a01%3A4a0%3A1338%3A92%3A%3A7&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.198+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=25&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1688701889&csuuid=64a78bc1ee701&debugInfo=16749998_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749998&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4eixkownml&secondaryContent=&x=728&y=410&pubUrl=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5235&geoLong=13.3556&vpTemplate=11435&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BCBR-Reg-Org%5D&appName=&appBundleId=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e4eaf119e43bfb9506bfe39549f4972e6c3cf14508a03c9cb0c57a516f216456

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:29 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.cbr.com
content-type: application/json; charset=utf-8
cache-control: no-store
access-control-allow-credentials: true
content-length: 9792
x-amz-cf-id: ZbuUE5JPKu-73F2u0RanHrKpOnXIKspy6bR6Yprb7UmxokSpNs8erg==

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame BCBF 69 KB
9 KB 79ms
79ms XHR
application/json 2600:9000:2251:b000:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwQyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMmA4NmUyMxZ2nWRyo182MTM1YmxjMwt3MDt0ODx4OTQ5MwxlJTJGqzyxNwRuNwA2NWRxYWFwNmI4MTYlNTx0OS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcJMEjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu6TURaM05TOTJuV1JfYwE4Mx1UTTFZrzg3TWcaM01EZmBPRGf0T1RRNU1dn3yMM1cjWxRZMFyUWXqOnyZeWxqGnFy6Y3yPREUlTWcVNU5En3VvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnzp0TzcwM01dQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx9EZmROrx00TWcBS2ZRLz4lNzRenXZxTx84TU5mRTqOTyFaUaqLn1NIT0gSS3JGrzZEWVRKMU1BrWpzqzyxX2NioaRyoaRsnWQ9MmQkODxlMlZ2nWRsY29hqGVhqF9xZXNwPVFVSVbyM0EeVW5lYXZyoCg0nGUeQW1uoGquoSgDo21cY3MeTWFmnC11pHMeJTImU2uipaRmJaZcZF9wo250ZW50X3RcqGkyPVFVSVbyM0EeVW5lYXZyoCg0nGUeQW1uoGquoSgDo21cY3MeTWFmnC11pHMeJTImU2uipaRmJaZcZF9wo250ZW50X2R1pzF0nW9hPTQlJaBfYWNyoWVhqFN0pzVuoVR5pGU9MSZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTEjODMjJat9NmI4Jax9NDEjJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5wYaIhY29gJTJGqGuyLWkup3Qgo2YgqXMgpGFlqC0mLWkyYWfgZWkfnWUgozV3LWNbYXJuY3RypaMyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMmJEMmAmNmJEMmAmNmVGMmAmNwqEN0I3MmMkMmYmNmM0MmxmOTM5Mmt3RDqCNDMmNTM3N0Q3QwUmNTxmMwRBNmx0QmU4NEE2QmVBNmxmMTp2NwM2RDY0NwY2NDMmNwQmMmRDNxQ0RTY5NwM2OTM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNmMlMmt3RDqCNTxmNDMkMmA3RDqCNwYmMTqEN0I0QmMkMmEmNDMmMmU3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGq3q3LzNvpv5wo20yMxZ0nGUgoGFmqC1iZv11pl1jYXJ0LTMgoGVunl1yoGkcZS1hZXpgY2uupzFwqGVlplUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NTIhNTImNSZaZW9Mo25aPTEmLwM1NTYzqXNypxyjQWRxpw0lYTAkJTNBNGEjJTNBMTMmOCUmQTxlJTNBJTNBNlZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTE0LwAhNTpmNS4kOTteU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJaN1YxyxPSU1QxNCUv1SZWpgT3JaJTVEJzNmqXVcZD02NGE3OGJwMWVyNmAkJzNvqXN0ZXI9MTY4ODpjMTt5MDMkNvZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30372D30375F30367D7B7331363734393939387D7B4335377D7B5359324A794C584A6C5A793176636D6466643364334C6D4E696369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583732387D7B593431307D7B66317D7B4C31313433357DFEFE&userIpAddr=2a01%3A4a0%3A1338%3A92%3A%3A7&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.198+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=25&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1688701889&csuuid=64a78bc1ee701&debugInfo=16749998_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749998&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4eixkownml&secondaryContent=&x=728&y=410&pubUrl=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5235&geoLong=13.3556&vpTemplate=11435&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BCBR-Reg-Org%5D&appName=&appBundleId=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 163578ef55638a23ba71f5dfadf9b78f1bc2c0a623514904b074432e615d9fa1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:29 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.cbr.com
content-type: application/json; charset=utf-8
cache-control: no-store
access-control-allow-credentials: true
content-length: 8322
x-amz-cf-id: x5tUj6KSdFW3dCbRes2BzvzNyh_o-kC8WSJK6QqbptZnMU5mXFLoAw==

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame BCBF 86 KB
10 KB 81ms
81ms XHR
application/json 2600:9000:2251:b000:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwQyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMmA4NmUyMxZ2nWRyo182MTM1YmxjMwt3MDt0ODx4OTQ5MwxlJTJGqzyxNwRuNwA2NWRxYWFwNmI4MTYlNTx0OS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcJMEjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu6TURaM05TOTJuV1JfYwE4Mx1UTTFZrzg3TWcaM01EZmBPRGf0T1RRNU1dn3yMM1cjWxRZMFyUWXqOnyZeWxqGnFy6Y3yPREUlTWcVNU5En3VvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnzp0TzcwM01dQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx9EZmROrx00TWcBS2ZRLz4lNzRenXZxTx84TU5mRTqOTyFaUaqLn1NIT0gSS3JGrzZEWVRKMU1BrWpzqzyxX2NioaRyoaRsnWQ9MmQkODxlMlZ2nWRsY29hqGVhqF9xZXNwPVFVSVbyM0EeVW5lYXZyoCg0nGUeQW1uoGquoSgDo21cY3MeTWFmnC11pHMeJTImU2uipaRmJaZcZF9wo250ZW50X3RcqGkyPVFVSVbyM0EeVW5lYXZyoCg0nGUeQW1uoGquoSgDo21cY3MeTWFmnC11pHMeJTImU2uipaRmJaZcZF9wo250ZW50X2R1pzF0nW9hPTQlJaBfYWNyoWVhqFN0pzVuoVR5pGU9MlZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTEjODMjJat9NmI4Jax9NDEjJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5wYaIhY29gJTJGqGuyLWkup3Qgo2YgqXMgpGFlqC0mLWkyYWfgZWkfnWUgozV3LWNbYXJuY3RypaMyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMmJEMmAmNmJEMmAmNmVGMmAmNwqEN0I3MmMkMmYmNmM0MmxmOTM5Mmt3RDqCNDMmNTM3N0Q3QwUmNTxmMwRBNmx0QmU4NEE2QmVBNmxmMTp2NwM2RDY0NwY2NDMmNwQmMmRDNxQ0RTY5NwM2OTM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNmMlMmt3RDqCNTxmNDMkMmA3RDqCNwYmMTqEN0I0QmMkMmEmNDMmMmU3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGq3q3LzNvpv5wo20yMxZ0nGUgoGFmqC1iZv11pl1jYXJ0LTMgoGVunl1yoGkcZS1hZXpgY2uupzFwqGVlplUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NTIhNTImNSZaZW9Mo25aPTEmLwM1NTYzqXNypxyjQWRxpw0lYTAkJTNBNGEjJTNBMTMmOCUmQTxlJTNBJTNBNlZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTE0LwAhNTpmNS4kOTteU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJaN1YxyxPSU1QxNCUv1SZWpgT3JaJTVEJzNmqXVcZD02NGE3OGJwMWVyNmAkJzNvqXN0ZXI9MTY4ODpjMTt5MDMkNlZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30372D30375F30367D7B7331363734393939387D7B4335377D7B5359324A794C584A6C5A793176636D6466643364334C6D4E696369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583732387D7B593431307D7B66317D7B4C31313433357DFEFE&userIpAddr=2a01%3A4a0%3A1338%3A92%3A%3A7&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.198+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=25&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1688701889&csuuid=64a78bc1ee701&debugInfo=16749998_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749998&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4eixkownml&secondaryContent=&x=728&y=410&pubUrl=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5235&geoLong=13.3556&vpTemplate=11435&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BCBR-Reg-Org%5D&appName=&appBundleId=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f01fd574c6d2306155fbb5eb35641e87cc75b30df8d491f2f83654d39a085738

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:29 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.cbr.com
content-type: application/json; charset=utf-8
cache-control: no-store
access-control-allow-credentials: true
content-length: 10228
x-amz-cf-id: EmnfeHHbY8Ez6T0mirsM-U4O6_WX1pdGUfw3ujEUZ6EE2rX9nZSktA==

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame BCBF 78 KB
10 KB 87ms
87ms XHR
application/json 2600:9000:2251:b000:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwQyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMmA4NmUyMxZ2nWRyo182MTM1YmxjMwt3MDt0ODx4OTQ5MwxlJTJGqzyxNwRuNwA2NWRxYWFwNmI4MTYlNTx0OS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcJMEjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu6TURaM05TOTJuV1JfYwE4Mx1UTTFZrzg3TWcaM01EZmBPRGf0T1RRNU1dn3yMM1cjWxRZMFyUWXqOnyZeWxqGnFy6Y3yPREUlTWcVNU5En3VvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnzp0TzcwM01dQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx9EZmROrx00TWcBS2ZRLz4lNzRenXZxTx84TU5mRTqOTyFaUaqLn1NIT0gSS3JGrzZEWVRKMU1BrWpzqzyxX2NioaRyoaRsnWQ9MmQkODxlMlZ2nWRsY29hqGVhqF9xZXNwPVFVSVbyM0EeVW5lYXZyoCg0nGUeQW1uoGquoSgDo21cY3MeTWFmnC11pHMeJTImU2uipaRmJaZcZF9wo250ZW50X3RcqGkyPVFVSVbyM0EeVW5lYXZyoCg0nGUeQW1uoGquoSgDo21cY3MeTWFmnC11pHMeJTImU2uipaRmJaZcZF9wo250ZW50X2R1pzF0nW9hPTQlJaBfYWNyoWVhqFN0pzVuoVR5pGU9MlZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTEjODMjJat9MmQjJax9MTxkJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5wYaIhY29gJTJGqGuyLWkup3Qgo2YgqXMgpGFlqC0mLWkyYWfgZWkfnWUgozV3LWNbYXJuY3RypaMyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMmJEMmAmNmJEMmAmNmVGMmAmNwqEN0I3MmMkMmYmNmM0MmxmOTM5Mmt3RDqCNDMmNTM3N0Q3QwUmNTxmMwRBNmx0QmU4NEE2QmVBNmxmMTp2NwM2RDY0NwY2NDMmNwQmMmRDNxQ0RTY5NwM2OTM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNmMlMmt3RDqCNTxmNDMkMmA3RDqCNwYmMTqEN0I0QmMkMmEmNDMmMmU3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGq3q3LzNvpv5wo20yMxZ0nGUgoGFmqC1iZv11pl1jYXJ0LTMgoGVunl1yoGkcZS1hZXpgY2uupzFwqGVlplUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NTIhNTImNSZaZW9Mo25aPTEmLwM1NTYzqXNypxyjQWRxpw0lYTAkJTNBNGEjJTNBMTMmOCUmQTxlJTNBJTNBNlZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTE0LwAhNTpmNS4kOTteU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJaN1YxyxPSU1QxNCUv1SZWpgT3JaJTVEJzNmqXVcZD02NGE3OGJwMWVyNmAkJzNvqXN0ZXI9MTY4ODpjMTt5MDMkNlZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30372D30375F30367D7B7331363734393939387D7B4335377D7B5359324A794C584A6C5A793176636D6466643364334C6D4E696369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583732387D7B593431307D7B66317D7B4C31313433357DFEFE&userIpAddr=2a01%3A4a0%3A1338%3A92%3A%3A7&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.198+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=25&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1688701889&csuuid=64a78bc1ee701&debugInfo=16749998_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749998&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4eixkownml&secondaryContent=&x=728&y=410&pubUrl=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5235&geoLong=13.3556&vpTemplate=11435&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BCBR-Reg-Org%5D&appName=&appBundleId=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ec82f03978c9134b7be27ba170d8a76468a394ec76ea738221984d6cac8bebb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:29 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.cbr.com
content-type: application/json; charset=utf-8
cache-control: no-store
access-control-allow-credentials: true
content-length: 10017
x-amz-cf-id: syg0i2lRyxl3JkWiRnDcukUOkYVmDXEgTG8To39XR2HNhsF5ik_Lxw==

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame BCBF 78 KB
10 KB 81ms
81ms XHR
application/json 2600:9000:2251:b000:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwQyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMmA4NmUyMxZ2nWRyo182MTM1YmxjMwt3MDt0ODx4OTQ5MwxlJTJGqzyxNwRuNwA2NWRxYWFwNmI4MTYlNTx0OS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcJMEjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu6TURaM05TOTJuV1JfYwE4Mx1UTTFZrzg3TWcaM01EZmBPRGf0T1RRNU1dn3yMM1cjWxRZMFyUWXqOnyZeWxqGnFy6Y3yPREUlTWcVNU5En3VvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnzp0TzcwM01dQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx9EZmROrx00TWcBS2ZRLz4lNzRenXZxTx84TU5mRTqOTyFaUaqLn1NIT0gSS3JGrzZEWVRKMU1BrWpzqzyxX2NioaRyoaRsnWQ9MmQkODxlMlZ2nWRsY29hqGVhqF9xZXNwPVFVSVbyM0EeVW5lYXZyoCg0nGUeQW1uoGquoSgDo21cY3MeTWFmnC11pHMeJTImU2uipaRmJaZcZF9wo250ZW50X3RcqGkyPVFVSVbyM0EeVW5lYXZyoCg0nGUeQW1uoGquoSgDo21cY3MeTWFmnC11pHMeJTImU2uipaRmJaZcZF9wo250ZW50X2R1pzF0nW9hPTQlJaBfYWNyoWVhqFN0pzVuoVR5pGU9MSZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTEjODMjJat9MmQjJax9MTxkJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5wYaIhY29gJTJGqGuyLWkup3Qgo2YgqXMgpGFlqC0mLWkyYWfgZWkfnWUgozV3LWNbYXJuY3RypaMyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMmJEMmAmNmJEMmAmNmVGMmAmNwqEN0I3MmMkMmYmNmM0MmxmOTM5Mmt3RDqCNDMmNTM3N0Q3QwUmNTxmMwRBNmx0QmU4NEE2QmVBNmxmMTp2NwM2RDY0NwY2NDMmNwQmMmRDNxQ0RTY5NwM2OTM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNmMlMmt3RDqCNTxmNDMkMmA3RDqCNwYmMTqEN0I0QmMkMmEmNDMmMmU3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGq3q3LzNvpv5wo20yMxZ0nGUgoGFmqC1iZv11pl1jYXJ0LTMgoGVunl1yoGkcZS1hZXpgY2uupzFwqGVlplUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NTIhNTImNSZaZW9Mo25aPTEmLwM1NTYzqXNypxyjQWRxpw0lYTAkJTNBNGEjJTNBMTMmOCUmQTxlJTNBJTNBNlZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTE0LwAhNTpmNS4kOTteU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJaN1YxyxPSU1QxNCUv1SZWpgT3JaJTVEJzNmqXVcZD02NGE3OGJwMWVyNmAkJzNvqXN0ZXI9MTY4ODpjMTt5MDMkNlZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30372D30375F30367D7B7331363734393939387D7B4335377D7B5359324A794C584A6C5A793176636D6466643364334C6D4E696369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583732387D7B593431307D7B66317D7B4C31313433357DFEFE&userIpAddr=2a01%3A4a0%3A1338%3A92%3A%3A7&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.198+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=25&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1688701889&csuuid=64a78bc1ee701&debugInfo=16749998_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749998&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4eixkownml&secondaryContent=&x=728&y=410&pubUrl=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5235&geoLong=13.3556&vpTemplate=11435&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BCBR-Reg-Org%5D&appName=&appBundleId=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 71b1eea9c67c144f641bc97fd39e882291e9b911f803f144e501b8d309341b64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:29 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.cbr.com
content-type: application/json; charset=utf-8
cache-control: no-store
access-control-allow-credentials: true
content-length: 9496
x-amz-cf-id: s7F3sp71WK_LeYza_pd9Eh5a7KhtVGlz1mELWZDbah6mSnYvqGikZQ==

GET
H2 200 liveView.php Show response
live.primis.tech/live/ Frame BCBF 37 KB
7 KB 74ms
74ms XHR
application/json 2600:9000:2251:b000:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMwQyMxZ2nWRyolUlRaVmZXJmJTJGY29hqzVlqGVxJTJGMmA4NmUyMxZ2nWRyo182MTM1YmxjMwt3MDt0ODx4OTQ5MwxlJTJGqzyxNwRuNwA2NWRxYWFwNmI4MTYlNTx0OS5gpDQyM0Z0o2fyM0Ryq29aSUNBZ0ygRaNnrUx2SUNKSVV6STFOnUymQ2yBZ0yDQWyxSGk3SWciZ0yepFuWQ0yLZyEhZXqiZ0yDQWqJoWk6Y3yJNxyDSyFwoWk0YVuNnUkBo2qJQ0FaSW5OMVycSTZJQ0y2ZFuCp2IlRzgwrTydYzcJMEjmWaBnR1Z2TDNWrycYSacMMx52Yz5noGNhUzknQmu6TURaM05TOTJuV1JfYwE4Mx1UTTFZrzg3TWcaM01EZmBPRGf0T1RRNU1dn3yMM1cjWxRZMFyUWXqOnyZeWxqGnFy6Y3yPREUlTWcVNU5En3VvWEEjSWy3S0yDQWqJQ0c1WW1ZnU9cQXuOnzp0TzcwM01dQXqMQW9aSUNBZ0ygVwRwQ0x2SURFMx9EZmROrx00TWcBS2ZRLz4lNzRenXZxTx84TU5mRTqOTyFaUaqLn1NIT0gSS3JGrzZEWVRKMU1BrWpzqzyxX2NioaRyoaRsnWQ9MmQkODxlMlZ2nWRsY29hqGVhqF9xZXNwPVFVSVbyM0EeVW5lYXZyoCg0nGUeQW1uoGquoSgDo21cY3MeTWFmnC11pHMeJTImU2uipaRmJaZcZF9wo250ZW50X3RcqGkyPVFVSVbyM0EeVW5lYXZyoCg0nGUeQW1uoGquoSgDo21cY3MeTWFmnC11pHMeJTImU2uipaRmJaZcZF9wo250ZW50X2R1pzF0nW9hPTQlJaBfYWNyoWVhqFN0pzVuoVR5pGU9MlZxZWJ1Z0yhZz9loWF0nW9hPSZjoGF5oGymqEyxPTEjODMjJat9NmI4Jax9NDEjJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5wYaIhY29gJTJGqGuyLWkup3Qgo2YgqXMgpGFlqC0mLWkyYWfgZWkfnWUgozV3LWNbYXJuY3RypaMyMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMmJEMmAmNmJEMmAmNmVGMmAmNwqEN0I3MmMkMmYmNmM0MmxmOTM5Mmt3RDqCNDMmNTM3N0Q3QwUmNTxmMwRBNmx0QmU4NEE2QmVBNmxmMTp2NwM2RDY0NwY2NDMmNwQmMmRDNxQ0RTY5NwM2OTM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNmMlMmt3RDqCNTxmNDMkMmA3RDqCNwYmMTqEN0I0QmMkMmEmNDMmMmU3REZFRxUzYXBjTzFgZT0znXNBpHA9MCZupHBJZD0zZGyunWQ9JzFjpEJ1ozRfZUyxPWu0qHBmJTNBJTJGJTJGq3q3LzNvpv5wo20yMxZ0nGUgoGFmqC1iZv11pl1jYXJ0LTMgoGVunl1yoGkcZS1hZXpgY2uupzFwqGVlplUlRvZupHBTqG9lZVVloD0zYXBjUHJcqzFwrVBioGywrT0zYXBjSXNQYWyxPSZupHBWZXJmnW9hPSZmZGg2PSZupHBEZXZyoG9jZXI9Jzqyo0kuqGx9NTIhNTImNSZaZW9Mo25aPTEmLwM1NTYzqXNypxyjQWRxpw0lYTAkJTNBNGEjJTNBMTMmOCUmQTxlJTNBJTNBNlZ1p2VlVUE9TW96nWkfYSUlRwUhMCfyMwuXnW5xo3qmK05UKmEjLwAyM0IeV2yhNwQyM0IerDY0JTI5K0FjpGkyV2VvS2y0JTJGNTM3LwM2KlUlOEgIVE1MJTJDK2kcn2UeR2Vwn28yMwxeQ2ulo21yJTJGMTE0LwAhNTpmNS4kOTteU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZuqzFcoENuoXBunWqhpm0znXNBpHBKpm0jJaN1YxyxPSU1QxNCUv1SZWpgT3JaJTVEJzNmqXVcZD02NGE3OGJwMWVyNmAkJzNvqXN0ZXI9MTY4ODpjMTt5MDMlMCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0j
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032332D30372D30375F30367D7B7331363734393939387D7B4335377D7B5359324A794C584A6C5A793176636D6466643364334C6D4E696369356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583732387D7B593431307D7B66317D7B4C31313433357DFEFE&userIpAddr=2a01%3A4a0%3A1338%3A92%3A%3A7&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F114.0.5735.198+Safari%2F537.36&debugInformation=&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=25&c2pWaitTime=5&sdkv=&isSinglePageFloatSupport=0&availCampaigns=&isAmpIframe=0&tagKeywords=&cbuster=1688701889&csuuid=64a78bc1ee701&debugInfo=16749998_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16749998&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed2a4eixkownml&secondaryContent=&x=728&y=410&pubUrl=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=0&flow_bottomOffset=0&impGap=1&flow_width=340&flow_height=192&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=52.5235&geoLong=13.3556&vpTemplate=11435&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=%5BCBR-Reg-Org%5D&appName=&appBundleId=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&appStoreUrl=&diaid=&appPrivacyPolicy=&appIsPaid=&appDeveloper=&appId=&appVersion=&sdkv=&enableResizeObserverInapp=0&isAppJs=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1066d05ee93adf2b380cb5e78b62f7161cbba2ef60c58d9296a06288532c118b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:29 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
x-cache: Miss from cloudfront
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: https://www.cbr.com
content-type: application/json; charset=utf-8
cache-control: no-store
access-control-allow-credentials: true
content-length: 6334
x-amz-cf-id: UylLu6e2j7-HJc2jOVOJno4JXuDq7KI_Ml7VFmnxEhSozJrksn4PuQ==

GET
H2 200 logo_11435.png
video.primis.tech/uploads/video/users/logo/30875/ 68 KB
68 KB 191ms
49ms Image
image/png 185.167.96.10
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/video/users/logo/30875/logo_11435.png?cbuster=1631180526
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 887e954bfaddbebd52b8c4e0ce96381745c9f9c04f2f579e6a31a1a7c47351be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sun, 09 Jul 2023 03:51:30 GMT
date: Fri, 07 Jul 2023 03:51:30 GMT
via: 1.1 12a5bcdb54ede5fbaec3241f3c798938.cloudfront.net (CloudFront)
last-modified: Thu, 09 Sep 2021 09:42:06 GMT
server: Tengine
x-amz-cf-pop: LAX3-C4
etag: "ecae18b5c78fd456ab0052351b147bd3"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
content-length: 69129
x-amz-cf-id: 0h4a8RnObFpCDmY0OIiAxVBlpLLy0rjvn0QYU0IkydsNkBWqHqADDQ==
x-proxy-cache: HIT

GET
H2 200 liveView.php
live.primis.tech/live/ 0
422 B 53ms
53ms Image
text/html 2600:9000:2251:b000:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY4ODpjMTt5MCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA4NTA0JaN0YT0jJat9NmI4Jax9NDEjJaZcZF9jYXNmRG9gYWyhPXq3ql5wYaIhY29gJaN1YxyxPWNvpv1lZWpgo3JaX3q3ql5wYaIhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMmJEMmAmNmJEMmAmNmVGMmAmNwqEN0I3MmMkMmYmNmM0MmxmOTM5Mmt3RDqCNDMmNTM3N0Q3QwUmNTxmMwRBNmx0QmU4NEE2QmVBNmxmMTp2NwM2RDY0NwY2NDMmNwQmMmRDNxQ0RTY5NwM2OTM1NxE2MwMlMmAmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNmMlMmt3RDqCNTxmNDMkMmA3RDqCNwYmMTqEN0I0QmMkMmEmNDMmMmU3REZFRxUzZGyunWQ9JaVmZXJJpEFxZHI9MzEjMSUmQTRuMCUmQTEmMmtyM0E5MvUmQSUmQTpzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGMTE0LwAhNTpmNS4kOTtyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTY0YTp4YzMkZWU3MDEzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY4ODpjMTt5MDMjNSZ1nWQ9U2VenW5xo1NQoGF5ZXI2NGE3OGJwMwFvZTBxJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5wYaIhY29gJTJGqGuyLWkup3Qgo2YgqXMgpGFlqC0mLWkyYWfgZWkfnWUgozV3LWNbYXJuY3RypaMyMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:29 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-id: pZpW2SYpmn8O9Uyc4YDMnChZow5XIiWTGYHqCP0X3ow9iaSKPxwY1w==

GET
H2 200 vid64a6065ddaac7281625949.jpg
video.primis.tech/uploads/cn24/video/users/converted/30875/video_6135c90287084898949292/ 19 KB
20 KB 282ms
141ms Image
image/jpeg 185.167.96.10
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn24/video/users/converted/30875/video_6135c90287084898949292/vid64a6065ddaac7281625949.jpg?cbuster=1688602397
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 59d01cb122b1839c1141c637e4a9b92004179468af8b2d518414cfd980b6546a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sun, 09 Jul 2023 03:51:30 GMT
date: Fri, 07 Jul 2023 03:51:30 GMT
via: 1.1 52024f34763d4eab9553defd68a51a20.cloudfront.net (CloudFront)
last-modified: Thu, 06 Jul 2023 00:14:27 GMT
server: Tengine
x-amz-cf-pop: DFW56-P2
etag: "1e3d9a44d0b980d5d75e3f91f886e449"
x-amz-server-side-encryption: AES256
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
content-length: 19814
x-amz-cf-id: sGtINfIZuGMnXuvY9QYYlrsDxXLDao-p9FwINRylR8Iv6nL0PIpOmA==
x-proxy-cache: HIT

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 197 KB
58 KB 41ms
40ms Script
application/javascript 23.67.137.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.67.137.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-67-137-210.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: bf5b5a4196e2df193d794a6e8b0228e41b49e6bcc4531179b8ed8d5293300586

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:30 GMT
content-encoding: gzip
last-modified: Thu, 13 Oct 2022 18:23:24 GMT
server: Apache
etag: "31332-5eaee9adb933b-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 59461
expires: Fri, 07 Jul 2023 04:06:30 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame BCBF 6 KB
3 KB 47ms
47ms XHR
application/javascript 52.222.208.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-208-154.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 06 Jul 2023 05:41:30 GMT
x-amz-version-id: rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding: gzip
via: 1.1 33febf2d58aeb0618cba096d54cae018.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 79801
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jun 2023 09:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: TuVHGL5R0v6lvuCztuisXh4fzCMkivy62-5iaqXn14GR4_xD2nXDug==

GET
H2

200

setuid
mbid.marfeelrev.com/ Frame 98E7
Redirect Chain

https://ad.360yield.com/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid...
https://ad.360yield.com/ul_cb/server_match?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di...
https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=d1e7bfe9-51c1-4090-a78e-0fc20861af04

86 B
703 B

41ms
41ms

Image
image/png

144.76.226.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=d1e7bfe9-51c1-4090-a78e-0fc20861af04
Protocol: H2
Server: 144.76.226.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy05.cl01.het.mrf.io
Software: istio-envoy /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbid.marfeelrev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:30 GMT
content-encoding: gzip
server: istio-envoy
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
expires: 0

Redirect headers

location: https://mbid.marfeelrev.com/setuid?bidder=improvedigital&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=d1e7bfe9-51c1-4090-a78e-0fc20861af04
access-control-allow-origin: *
date: Fri, 07 Jul 2023 03:51:30 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H/1.1 200
OK auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame BCBF 186 B
471 B 375ms
157ms XHR
application/json 69.173.144.137
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_11.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: f780b7b024db7340ae4027101c89aebc0303ff40c0d5e510a4454f6b6558bb73

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
content-encoding: gzip
x-prebid: pbs-java/1.123.0
Content-Type: application/json
access-control-allow-origin: https://www.cbr.com
Cache-Control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 175
Expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame BCBF 0
110 B 256ms
128ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_11.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.cbr.com
date: Fri, 07 Jul 2023 03:51:30 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame BCBF 0
54 B 264ms
136ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_11.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.cbr.com
date: Fri, 07 Jul 2023 03:51:30 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 liveInternalSsp.php Show response
live.primis.tech/live/ Frame BCBF 25 B
487 B 355ms
355ms XHR
text/html 2600:9000:2251:b000:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://live.primis.tech/live/liveInternalSsp.php?sspData=%7B%22enc%22%3Atrue%2C%22data%22%3A%22%5C%22JTqCJTIlqzVlJTIlJTNBJTIlqzVlXmEhNSUlMvUlQlUlMz1coxJcZCUlMvUmQTAyMxMyMwJvqXc6ZXIyMwIyM0EyN0IyMwJwo3VhqCUlMvUmQTAyMxMyMwJ0nXRfZUkyovUlMvUmQTEjMCUlQlUlMapyMwIyM0ElMDAyMxMyMwJbJTIlJTNBMTYjJTqEJTJDJTIlq2yxqGtyMwIyM0E3MwtyMxMyMwJbZWyanHQyMwIyM0E0MTAyMxMyMwJmpGFwZUyxJTIlJTNBJTIlNTtjNTpyMwIyMxMyMwJmpGFwZVR5pGUyMwIyM0EyMwJ2YXN0JTIlJTJDJTIlqzyxZW9QoGFwZW1yoaRUrXByJTIlJTNBMlUlQlUlMzyjJTIlJTNBJTIlMzEjMSUmQTRuMCUmQTEmMmtyM0E5MvUmQSUmQTpyMwIyMxMyMwJaZW9JZCUlMvUmQTU3JTJDJTIlYWkjnGElR2ViJTIlJTNBJTIlREUyMwIyMxMyMwJxZXZcY2V0rXByJTIlJTNBMvUlQlUlMaR4qERyqzywZXR5pGUyMwIyM0EyMwJxZXNeqG9jJTIlJTJDJTIlYaJiq3NypvUlMvUmQSUlMzNbpz9gZSUlMvUlQlUlMz9mJTIlJTNBJTIlV2yhZG93plUlMvUlQlUlMaR4qE9mJTIlJTNBJTIlq2yhZG93plUlMvUlQlUlMzRyqzywZU1iZGVfJTIlJTNBJTIlJTIlJTJDJTIlo3NWZXJmnW9hJTIlJTNBJTIlMTAhMCUlMvUlQlUlMzRyqzywZU1uoaVzYWN0qXJypvUlMvUmQSUlMvUlMvUlQlUlMzRyqzywZUNiZGVOYW1yJTIlJTNBJTIlJTIlJTJDJTIlqXNypxFaZW50JTIlJTNBJTIlTW96nWkfYSUlRwUhMCUlMCuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQcJTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAbS0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28cJTIjQ2ulo21yJTJGMTE0LwAhNTpmNS4kOTtyMwBTYWZupzxyMxY1MmphMmYyMwIyMxMyMwJfYXQyMwIyM0EyMwI1Mv41MwM1JTIlJTJDJTIloG9hJTIlJTNBJTIlMTMhMmU1NvUlMvUlQlUlMzFjpE5uoWUyMwIyM0EyMwIyMwIyMxMyMwJupHBJZCUlMvUmQSUlMvUlMvUlQlUlMzymQXBjJTIlJTNBMCUlQlUlMzFjpEJ1ozRfZUyxJTIlJTNBJTIlnHR0pHMyM0EyMxYyMxZ3q3phY2JlLzNioSUlRaRbZS1fYXN0LW9zLXVmLXBupaQgMl1fZWFeLWVfoGyyLW5yql1wnGFlYWN0ZXJmJTJGJTIlJTJDJTIlYXBjU3RipzVVpzjyMwIyM0EyMwIyMwIyMxMyMwJupHBQpzy2YWN5UG9fnWN5JTIlJTNBJTIlJTIlJTJDJTIlYXBjSXNQYWyxJTIlJTNBJTIlJTIlJTJDJTIlYXBjRGV2ZWkipGVlJTIlJTNBJTIlJTIlJTJDJTIlnWZuJTIlJTNBJTIlJTIlJTJDJTIlnWZ2JTIlJTNBJTIlJTIlJTJDJTIlYXR0plUlMvUmQTAyMxMyMwJupHBWZXJmnW9hJTIlJTNBJTIlJTIlJTJDJTIlpzVzZXJlZXIyMwIyM0EyMwJbqHRjplUmQSUlRvUlRaq3ql5wYaIhY29gJTJGqGuyLWkup3Qgo2YgqXMgpGFlqC0mLWkyYWfgZWkfnWUgozV3LWNbYXJuY3RypaMyMxYyMwIyMxMyMwJjYWqyJTIlJTNBJTIlnHR0pHMyM0EyMxYyMxZ3q3phY2JlLzNioSUlRaRbZS1fYXN0LW9zLXVmLXBupaQgMl1fZWFeLWVfoGyyLW5yql1wnGFlYWN0ZXJmJTJGJTIlJTJDJTIlZ2RjpvUlMvUmQTEyMxMyMwJaZHBlQ29hp2VhqCUlMvUmQSUlMvUlMvUlQlUlMzymV2VQYXNmR2RjpvUlMvUmQSUlMwAyMwIyMxMyMwJwY3BuJTIlJTNBMCUlQlUlMzNwpGFDo25mZW50JTIlJTNBJTIlJTIlJTJDJTIlZG9gYWyhJTIlJTNBJTIlq3q3LzNvpv5wo20yMwIyMxMyMwJ3ZWJmnXRyJTIlJTNBJTIlq3q3LaNyn2yhZG8hY29gJTIlJTJDJTIlp2VwqXJyJTIlJTNBMSUlQlUlMzqyo1NiqXJwZSUlMvUmQSUlMxyQJTIlJTJDJTIlY29jpGEyMwIyM0EjJTJDJTIlqXVcZCUlMvUmQSUlMwY0YTp4YzMkZWU3MDEyMwIyMxMyMwJvoG9wn0JlYW5xplUlMvUmQSU1QvU1RCUlQlUlMzV4qFVmZXJJZHMyMwIyM0EyNUIyN0IyMwJmo3VlY2UyMwIyM0EyMwJjqWJwnWQho3JaJTIlJTJDJTIlqWyxplUlMvUmQSU1QvU3QvUlMzyxJTIlJTNBJTIlZzZxYmE4ZzEgZDI5NS00NmtjLTx3NDQgNwMkNwVzNwZzMmpjJTIlJTJDJTIlYXR5pGUyMwIyM0EkJTqEJTVEJTqEJTVEJTJDJTIloXJunWRBoGkiq2VxJTIlJTNBMCUlQlUlMzRyYaVaSW5zo3JgYXRco24yMwIyM0EyMwIyMwIyMxMyMwJmnXRySWQyMwIyM0EkMDt1MDQyMxMyMwJjqWJfnXNbZXJJZCUlMvUmQTMjODp1JTJDJTIlp2NbYWyhJTIlJTNBJTqCJTIlqzVlJTIlJTNBJTIlMS4jJTIlJTJDJTIlY29gpGkyqGUyMwIyM0EkJTJDJTIloz9xZXMyMwIyM0EyNUIyN0IyMwJup2xyMwIyM0EyMwJjpzygnXMhqGVwnCUlMvUlQlUlMaNcZCUlMvUmQSUlMwMjODp1JTIlJTJDJTIlnHAyMwIyM0EkJTqEJTVEJTqEJTJDJTIlpzVanW9hJTIlJTNBJTIlRyIyMwIyMxMyMwJwYW1jYWyaoaMyMwIyM0EyN0IyMwI4MmQkNCUlMvUmQSU3QvUlMaRlYWNeZXIyMwIyM0EyMwJwYW1jYWyaoxZlZXFDYXAyM0QjJTI1MxYjJTI2Y2FgpGFcZ25JZCUmRDtmNDE0JTI2p3BuY2UlQWRJZCUmRDE3MwU2OTU1JTIlJTJDJTIlpHJyYzyxTaNmpEyhZGV4JTIlJTNBMCUlQlUlMaNjYWNyMxFxSWQyMwIyM0EyMwIkNmI1Nwx1NSUlMvUlQlUlMzRyYWjyMwIyM0EyN0IyMwJcp1J0YxRyYWjyMwIyM0EjJTJDJTIlpaRvRGVuoEyxJTIlJTNBJTIlJTIlJTJDJTIlpaRvU2VuqEyxJTIlJTNBJTIlJTIlJTqEJTJDJTIlpaRvV1NyYXQyMwIyM0EyMwIyMwIyMxMyMwJwYW1jYWyaoxyxJTIlJTNBODM0MTQyMxMyMwJwYW1jYWyaoyNwo3ByJTIlJTNBJTIlpHVvoGywJTIlJTJDJTIlnW50ZXJhYWkCqXyypyVcZCUlMvUmQSUlMvUlMvUlQlUlMzVcZE5uoWUyMwIyM0EyMwJ0pzyjoGVfnWZ0LzNioSUlMvUlQlUlMzFxVXNypxyxJTIlJTNBMmEjMwIyMxMyMwJvY2F0JTIlJTNBJTIlJTIlJTJDJTIlYzFmZUZfo29lJTIlJTNBMC44MDUyMxMyMwJyrHQyMwIyM0EyN0IyMwJjYXJ0ozVlJTIlJTNBJTIlMTIkJTIlJTJDJTIlpzV2U2uupzUyMwIyM0EyMwIjLwxlJTIlJTJDJTIlpGkuY2VgZW50SWQyMwIyM0EyMwJQpzygnXNsUx9OX291qHN0pzVuoSUlMvUlQlUlMaN1pHBfnWVlX2yxJTIlJTNBJTIlNDIyMwIyN0QyMxMyMwJvqXyypyVcZCUlMvUmQSUlMvUlMvUlQlUlMaJyZzVlZW5wZUyxJTIlJTNBMCUlQlUlMzJcZGZfo29lJTIlJTNBMC44MDUyMxMyMwJmY2uunW4yMwIyM0EyN0IyMwJ2ZXIyMwIyM0EyMwIkLwAyMwIyMxMyMwJwo21joGV0ZSUlMvUmQTEyMxMyMwJho2RyplUlMvUmQSU1QvU3QvUlMzFmnSUlMvUmQSUlMaBlnW1cpl50ZWNbJTIlJTJDJTIlp2yxJTIlJTNBJTIlMmA4NmUyMwIyMxMyMwJbpCUlMvUmQTEyN0QyNUQyN0QyN0QyN0QyMxMyMwJjoGFwZW1yoaRDYXQyMwIyM0EyNUIyMwJJQUIkLTUyMwIyNUQyMxMyMwJjoGF5YzFwn21yqGuiZCUlMvUmQSU1QwYyNUQyMxMyMwJapGyxJTIlJTNBJTIlJTJGUFJNJTJGMTA4NTA0JTJGq3q3X2Nvpy9wo20yMwIyMxMyMwJhYXZcZ2F0o3JMYW5aqWFaZSUlMvUmQSUlMzVhJTIlJTJDJTIlpGFaZWNuqCUlMvUmQSU1QvUlMxyBQwEgNSUlMvU1RCUlQlUlMzNioaRyoaRwYXQyMwIyM0EyNUIyMwJJQUIkLTIyMwIyNUQyN0Q%3D%5C%22%22%7D
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_11.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:30 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.cbr.com
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
access-control-allow-credentials: true
x-amz-cf-id: _HMnbqye0ic5wMBcHm1Xqtfyxa4bdyBl1AOxevoNPgK7GzykCfRdvw==

GET
H2 200 269 Show response
a.ad.gt/api/v1/u/matches/ 11 KB
4 KB 50ms
50ms Script
application/javascript 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/269?_it=amazon
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71d7d0632c415746c786d0ede9663fc8c6f674b384ce88e2a5a24799f3bdb01f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:30 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 07 Jul 2023 03:50:54 GMT
server: cloudflare
age: 36
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=14400
cross-origin-resource-policy: cross-origin
cf-ray: 7e2d211f5b6c30f6-FRA

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 131ms
40ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cbr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 18:19:00 GMT
x-content-type-options: nosniff
age: 120750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jul 2024 18:19:00 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 236 KB
73 KB 161ms
46ms Script
text/javascript 143.204.98.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-16.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: L2Uqg18UIi_4fqt_LD1.VZwHoDyvOGyd
content-encoding: br
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
date: Thu, 06 Jul 2023 10:31:35 GMT
last-modified: Thu, 08 Jun 2023 08:56:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 62396
x-amz-server-side-encryption: AES256
etag: W/"a23e5e8674928ef24c6825d63b8d2927"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: gigWPVf5q8e1Ipim9VVwxlxy7ghLyYPMkDzRtSSDoK26oMWyblQuFA==

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
760 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/valnet/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

97c8bb4133b21d068c91c167ff7db637248e2bd5d3d069308a4353af0be8a691

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Jul 2023 03:51:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Jul 2023 03:18:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jul 2023 03:51:30 GMT

GET
H3 200 acv.json Show response
aloofvest.com/ 81 KB
17 KB 51ms
50ms Fetch
application/json 2600:1901:0:4277::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aloofvest.com/acv.json

Requested by

Host: aloofvest.com
URL: https://aloofvest.com/v2fflEQop-cqjeSFfKfosPhBrq6CaMl43uxJGSEqLdadWGrWuj4IjGjg

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

c4650b58465a55f3d663bca634f08b6ac44b63053752457add5a2c13e7648b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
via: 1.1 google
date: Fri, 07 Jul 2023 03:51:30 GMT
x-buildnumber: 912179704
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Thu, 29 Jun 2023 19:14:44 GMT
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.cbr.com
x-hostname: fen-hoothoot-europe-west1-spot-btwc
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie

GET
H2 200 MywxNDNmNmUwMTE3ZjQ
images.getadmiral.com/ 763 B
1 KB 172ms
62ms Image
image/png 2606:4700:3037::ac43:c1e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.getadmiral.com/MywxNDNmNmUwMTE3ZjQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:c1e6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2880fbb26ad5becd41ec25a5c37da351ac77225bbf30d5a9ab8accf5728591cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:30 GMT
strict-transport-security: max-age=15552000; preload
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-buildnumber: 834213734
alt-svc: h3=":443"; ma=86400
content-length: 763
server: cloudflare
x-datacenter: gce-europe-west1
etag: "2c607cb7"
x-buildname: dank
vary: Accept-Encoding
x-hostname: backend-europe-west1-spot-2mww
content-type: image/png
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OV4kOFS5eFtlesKXjC8VdmZcal7tQHJ4IgKMHw17e11%2B5%2BBDufFC6vr8GOsxLExoFj2tDyRxvGK5xvn6hkbegutd10D38mMm8BD%2B2%2FcB2wWm7G7y2zRuPT0PZ7Thvk%2FZdInZ2UFU9bQDt3DHjhFUCCVtCzE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, must-revalidate, max-age=3600
cf-ray: 7e2d21219c2f3a9e-FRA

GET
H2 200 vid64a6065ddaac7281625949.jpg
video.primis.tech/uploads/cn24/video/users/converted/30875/video_6135c90287084898949292/ 19 KB
20 KB 48ms
48ms Image
image/jpeg 185.167.96.10
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://video.primis.tech/uploads/cn24/video/users/converted/30875/video_6135c90287084898949292/vid64a6065ddaac7281625949.jpg?cbuster=1688602397
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 59d01cb122b1839c1141c637e4a9b92004179468af8b2d518414cfd980b6546a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Sun, 09 Jul 2023 03:51:30 GMT
date: Fri, 07 Jul 2023 03:51:30 GMT
via: 1.1 52024f34763d4eab9553defd68a51a20.cloudfront.net (CloudFront)
last-modified: Thu, 06 Jul 2023 00:14:27 GMT
server: Tengine
x-amz-cf-pop: DFW56-P2
etag: "1e3d9a44d0b980d5d75e3f91f886e449"
x-amz-server-side-encryption: AES256
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
content-length: 19814
x-amz-cf-id: sGtINfIZuGMnXuvY9QYYlrsDxXLDao-p9FwINRylR8Iv6nL0PIpOmA==
x-proxy-cache: HIT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
37 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cbr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 08:10:17 GMT
x-content-type-options: nosniff
age: 157273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jul 2024 08:10:17 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ 37 KB
37 KB 82ms
81ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@300;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cbr.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 08:10:17 GMT
x-content-type-options: nosniff
age: 157273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 Jul 2024 08:10:17 GMT

GET
H2

200

setuid
mbid.marfeelrev.com/ Frame 98E7
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fmbid.marfeelrev.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26f%3Di%26uid%3D%24UID
https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6489909190653916357

86 B
703 B

44ms
44ms

Image
image/png

144.76.226.28
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6489909190653916357
Protocol: H2
Server: 144.76.226.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: haproxy05.cl01.het.mrf.io
Software: istio-envoy /
Resource Hash: c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mbid.marfeelrev.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:30 GMT
content-encoding: gzip
server: istio-envoy
content-type: image/png
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:30 GMT
an-x-request-uuid: 48f7a615-cb8c-43b5-8682-e6679393d1ca
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://mbid.marfeelrev.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&f=i&uid=6489909190653916357
x-proxy-origin: 80.255.7.106; 80.255.7.106; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 liveView.php
live.primis.tech/live/ 0
421 B 53ms
52ms Image
text/html 2600:9000:2251:b000:1a:5235:f980:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTQ5JaNypaZypyRcoWU9MTY4ODpjMTt5MCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA4NTA0JaN0YT0jJat9NmI4Jax9NDEjJaZcZF9jYXNmRG9gYWyhPXq3ql5wYaIhY29gJaN1YxyxPWNvpv1lZWpgo3JaX3q3ql5wYaIhY29gJzRyYaVaSW5zo3JgYXRco249JzymQXBjPTAzp2Reqw0zqXNypxyjQWRxpw0lYTAkJTNBNGEjJTNBMTMmOCUmQTxlJTNBJTNBNlZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxYkMTQhMC41NmM1LwE5OCUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwRuNmuvYmFyZTpjMSZ2SW1jT3Bjo3J0qW5cqHyNqWk0nXBfnWVlPTUzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY4ODpjMTt5MDtjNlZ1nWQ9U2VenW5xo1NQoGF5ZXI2NGE3OGJwMwFvZTBxJaB1YyVloD1bqHRjplUmQSUlRvUlRaq3ql5wYaIhY29gJTJGqGuyLWkup3Qgo2YgqXMgpGFlqC0mLWkyYWfgZWkfnWUgozV3LWNbYXJuY3RypaMyMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:30 GMT
content-encoding: gzip
via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
age: 0
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-store
x-amz-cf-id: -YFWdBMTWuTX35mTgzgHAh7p9yyObndzHyA2wJ_d9e_eAu9RWD6nwA==

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/6035391/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

42ms
42ms

Script
application/javascript

13.32.99.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Protocol: H2
Server: 13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-23.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 00:19:02 GMT
content-encoding: gzip
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jul 2023 14:00:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 12753
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 5kJQucJttfzr5G0QW2Xok7jBKj55z8tbxEmspdX12LcJb0lxY8tYCg==

Redirect headers

date: Fri, 07 Jul 2023 03:51:30 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: aq-LSS17OGj837SpC07ynwh7inObdN8BzhhrWoDZZk0LFmfqqUgKvQ==

POST
H3 200 c41d16ea5284ec423d8d57f4cc93fa95d5aaa2 Show response
aloofvest.com/send/1ceb7f5d242e35/ 193 B
220 B 85ms
84ms Fetch
application/json 2600:1901:0:4277::1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aloofvest.com/send/1ceb7f5d242e35/c41d16ea5284ec423d8d57f4cc93fa95d5aaa2

Requested by

Host: aloofvest.com
URL: https://aloofvest.com/v2fflEQop-cqjeSFfKfosPhBrq6CaMl43uxJGSEqLdadWGrWuj4IjGjg

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:4277::1 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e84b41017d8f192bfc925154f11700f2da78b3b9c732d298e5fd9b413b803021

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
date: Fri, 07 Jul 2023 03:51:30 GMT
via: 1.1 google
x-buildnumber: 912179704
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 193
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cbr.com
x-hostname: fen-hoothoot-europe-west1-spot-btwc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires: Fri, 07 Jul 2023 03:51:29 GMT

GET
H2 204 b2
sb.scorecardresearch.com/ 0
226 B 46ms
45ms Image
text/plain 13.32.99.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035391&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1688701891041&ns_c=UTF-8&cs_ucfr=1&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=0&cs_cmp_id=9&cs_cmp_sv=4&cs_cmp_rt=0&cs_fpcd=1&c7=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&c8=The%20Last%20of%20Us%20Part%203%20Leaks%20Ellie%27s%20Role%2C%20New%20Main%20Characters&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-23.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:31 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: WE7SY6JTDDXFDPHN8DyM1Q_6I-Nr7JN69yOFsPtlUcU5LDE9tCfFvg==
x-cache: Miss from cloudfront

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ Frame BCBF 49 B
247 B 487ms
402ms XHR
application/json 35.244.193.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0015a00002l61KYAAY&gdpr=0&us_privacy=1---
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_11.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.193.244.35.bc.googleusercontent.com
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 07 Jul 2023 03:51:31 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.cbr.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ Frame BCBF 135 B
540 B 131ms
40ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_11.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.cbr.com
date: Fri, 07 Jul 2023 03:51:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ Frame BCBF 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ Frame BCBF 43 B
314 B 64ms
55ms XHR
application/json 52.30.150.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_11.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.150.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-150-15.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:31 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.cbr.com
cache-control: no-cache
x-server: 10.45.11.110
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame BCBF 63 B
387 B 178ms
56ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=j6w8ta9&fmt=json
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_11.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 77fc2d516c59cc4481a8a449d21bc9a992baec854e4f13b0c1f5d7148ceda830

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 07 Jul 2023 03:51:31 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.cbr.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 06 Aug 2023 03:51:31 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 35AE 281 B
554 B 145ms
45ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_11.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 07 Jul 2023 03:51:31 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 6708 16 KB
6 KB 149ms
49ms Document
text/html 184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_11.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=18710
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Fri, 07 Jul 2023 03:51:31 GMT
expires: Fri, 07 Jul 2023 09:03:21 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame BCBF 33 B
398 B 140ms
41ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_11.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

c28e9ef84f4bf39a14ea5d88883771f5c10a33860cda64821afb493382da0b04

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.cbr.com
date: Fri, 07 Jul 2023 03:51:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 35AE 34 KB
10 KB 46ms
45ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 9f6410ae85726ec4d2345689acf227ea4559ab9a03510fcc04b0c86bc6ee7aa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 07 Jul 2023 03:51:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 06 Jul 2023 07:36:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=13400
Connection: keep-alive
Content-Length: 10153
Expires: Fri, 07 Jul 2023 07:34:51 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 6708 5 KB
6 KB 149ms
42ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75970867&p=156595&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: b0c143d00d56f99292dce9e0484cd3325fb7ff5ae299e555edd0a918ce0f5880

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Fri, 07 Jul 2023 03:51:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 35AE 284 B
536 B 175ms
41ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=0&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H/1.1 200 212.json Show response
id5-sync.com/g/v2/ Frame BCBF 241 B
646 B 129ms
45ms XHR
application/json 162.19.138.116
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/212.json

Requested by

Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.7.16.0_11.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533567.ip-162-19-138.eu

Software

Resource Hash

b3c3d01e93c22a32559827f1539c73c3e84bad4b1b45b9c092f4e379cea2ca95

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.cbr.com
date: Fri, 07 Jul 2023 03:51:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 73F7
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1217755997292288786

42 B
274 B

101ms
47ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1217755997292288786
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 07 Jul 2023 03:51:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1217755997292288786
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame EBDF
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210825857614064

42 B
273 B

66ms
45ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210825857614064
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 07 Jul 2023 03:51:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Fri, 07 Jul 2023 03:51:32 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5141210825857614064
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame BC3B 43 B
363 B 153ms
43ms Document
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=&us_privacy=1---

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Fri, 07 Jul 2023 03:51:31 GMT
expires: Fri, 07 Jul 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 217848
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 85AB
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=476EF366-BD9A-4582-8108-E90B173FF3D7&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=476EF366-BD9A-4582-8108-E90B173FF3D7&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

229ms
215ms

Document
image/gif

67.220.224.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=476EF366-BD9A-4582-8108-E90B173FF3D7&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=&us_privacy=1---

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.224.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 07 Jul 2023 03:51:32 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: ZB94BDDM816VY4N1NP14

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 07 Jul 2023 03:51:32 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=476EF366-BD9A-4582-8108-E90B173FF3D7&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: MEWDMR0NH63X989A00YH

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 8432
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rWIz16M0MdS2YmHVozN_gqNiMdW2YzHVqjUMQ8hD

42 B
570 B

165ms
44ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rWIz16M0MdS2YmHVozN_gqNiMdW2YzHVqjUMQ8hD
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 07 Jul 2023 03:51:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Fri, 07 Jul 2023 03:51:32 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=rWIz16M0MdS2YmHVozN_gqNiMdW2YzHVqjUMQ8hD
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame FB02
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6489909190653916357&gdpr=0&gdpr_consent=

42 B
448 B

180ms
47ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6489909190653916357&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 07 Jul 2023 03:51:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: d78defdc-03c0-4863-9079-e9320778e6aa
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Fri, 07 Jul 2023 03:51:32 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6489909190653916357&gdpr=0&gdpr_consent=
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 80.255.7.106; 80.255.7.106; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4F8B
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7252919398838761618&gdpr=0&gdpr_consent=

42 B
219 B

84ms
48ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7252919398838761618&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 07 Jul 2023 03:51:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Fri, 07 Jul 2023 03:51:32 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7252919398838761618&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 7F50
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ixDaez5AVdZF4DNCFeqHeFD_B2o&gdpr=0&gdpr_consent=

42 B
377 B

49ms
48ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ixDaez5AVdZF4DNCFeqHeFD_B2o&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 07 Jul 2023 03:51:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 188
Content-Type: text/html; charset=utf-8
Date: Fri, 07 Jul 2023 03:51:32 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=ixDaez5AVdZF4DNCFeqHeFD_B2o&gdpr=0&gdpr_consent=

GET
H2 400 sync Show response
t.adx.opera.com/pub/ Frame 087D 0
412 B 150ms
41ms Document
text/plain 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to

Full URL: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Fri, 07 Jul 2023 03:51:32 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: nginx

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 2E19
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFSUUwN0pUeGdBQUNGRE9KaGJXUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEIE07JTxgAACFDOJhbWQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2097337869477726173&gdpr=0&gdpr_consent=
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEIE07JTxgAACFDOJhbWQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D2097337869477726173%26gdpr%3D0%26gdpr_consen...
https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=2097337869477726173&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAEIE07...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEIE07JTxgAACFDOJhbWQ&gdpr=0&gdpr_consent=

42 B
200 B

42ms
41ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEIE07JTxgAACFDOJhbWQ&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 07 Jul 2023 03:51:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Fri, 07 Jul 2023 03:51:33 GMT
Server: gunicorn
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEIE07JTxgAACFDOJhbWQ&gdpr=0&gdpr_consent=
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

b9pj45k4 Show response
sync-tm.everesttech.net/ct/upi/pid/ Frame 7048
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...

85 B
236 B

139ms
139ms

Document
image/png

151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZKeLxAAXPh79mgAn
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 85
content-type: image/png
date: Fri, 07 Jul 2023 03:51:32 GMT
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230088-FRA
x-timer: S1688701892.444112,VS0,VE99

Redirect headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
date: Fri, 07 Jul 2023 03:51:32 GMT
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZKeLxAAXPh79mgAn
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma: no-cache
server: Jetty(9.4.35.v20201120)
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230088-FRA
x-timer: S1688701892.304061,VS0,VE99

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame 0923 43 B
283 B 199ms
46ms Document
image/gif 173.231.181.122
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.181.122 Secaucus, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 43
content-type: image/gif
date: Fri, 07 Jul 2023 03:51:32 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-3

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 72F7
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1mm99f679e2t

42 B
230 B

42ms
42ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1mm99f679e2t
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 07 Jul 2023 03:51:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-encoding: utf-8
cache-control: no-cache, no-store
content-length: 0
date: Fri, 07 Jul 2023 03:51:32 GMT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1mm99f679e2t
lws: 42
strict-transport-security: max-age=31536000; includeSubDomains
time-ms: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame C5C9
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
93 B

52ms
48ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 07 Jul 2023 03:51:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Fri, 07 Jul 2023 03:51:32 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H/1.1 200
OK cookiesync Show response
core.iprom.net/ Frame 3881 43 B
277 B 264ms
78ms Document
image/gif 195.5.165.20
IPROM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Length: 43
Content-Type: image/gif
Date: Fri, 07 Jul 2023 03:51:32 GMT
Vary: Accept-Encoding
X-adserver-worker: erebus-496995cdc2fa@version_1.561
X-core-time: 0ms
X-server-arch: v2

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame 3EB1 43 B
369 B 143ms
48ms Document
image/gif 35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Fri, 07 Jul 2023 03:51:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 97C3
Redirect Chain

https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=b8382941b9214602/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhSYSXRWbhRXbWUaX&gdpr=0&gdpr_consent=

42 B
202 B

42ms
42ms

Document
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhSYSXRWbhRXbWUaX&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 07 Jul 2023 03:51:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=woK5xk2lhSYSXRWbhRXbWUaX&gdpr=0&gdpr_consent=

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame A7E3
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
415 B

244ms
227ms

Document
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7e2d212c2dac90e6-FRA
content-length: 43
content-type: image/gif; charset=utf-8
date: Fri, 07 Jul 2023 03:51:32 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7e2d212adc9290e6-FRA
content-type: text/html
date: Fri, 07 Jul 2023 03:51:32 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 328

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6708
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R27zZr2aRYKBCOkLFz_z1w%3D%3D&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R27zZr2aRYKBCOkLFz_z1w%3D%3D&gdpr=0&gdpr_consent=&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

45ms
44ms

Image
text/html

184.30.16.195
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol: H2
Server: 184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-16-195.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:32 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=18709
accept-ranges: bytes
content-length: 5554
expires: Fri, 07 Jul 2023 09:03:21 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame 6708 49 B
265 B 187ms
54ms Image
image/gif 54.77.229.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=476EF366-BD9A-4582-8108-E90B173FF3D7&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.229.78 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-229-78.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:32 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.4.23
content-length: 49
expires: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame 6708
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=405081375
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=476EF366-BD9A-4582-8108-E90B173FF3D7

0
284 B

157ms
48ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=476EF366-BD9A-4582-8108-E90B173FF3D7
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:31 GMT
via: 1.1 google
last-modified: Fri, 07 Jul 2023 03:51:32 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=476EF366-BD9A-4582-8108-E90B173FF3D7
date: Fri, 07 Jul 2023 03:51:31 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200

p
a.audrte.com/ Frame 6708
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=476EF366-BD9A-4582-8108-E90B173FF3D7
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MzMzazA5eFlBMmFUYTIyVDNoSmVVYXJEQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=618765503633258215&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

118ms
118ms

Image
image/png

52.205.237.64
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Protocol: HTTP/1.1
Server: 52.205.237.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-237-64.compute-1.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 07 Jul 2023 03:51:33 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Fri, 07 Jul 2023 03:51:33 GMT
Server: nginx/1.18.0
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6708
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDc2RUYzNjYtQkQ5QS00NTgyLTgxMDgtRTkwQjE3M0ZGM0Q3&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDc2RUYzNjYtQkQ5QS00NTgyLTgxMDgtRTkwQjE3M0ZGM0Q3&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

67ms
50ms

Image
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 07 Jul 2023 03:51:32 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6708
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMBGU2z8RmxSHQ22qzaVtl4&google_cver=1

42 B
298 B

64ms
49ms

Image
image/gif

198.47.127.205
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMBGU2z8RmxSHQ22qzaVtl4&google_cver=1
Protocol: H2
Server: 198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 07 Jul 2023 03:51:31 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMBGU2z8RmxSHQ22qzaVtl4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 6708 43 B
610 B 159ms
45ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:32 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 06 Jul 2023 03:51:32 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6708
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=618765503633258215

42 B
241 B

47ms
47ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=618765503633258215
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 07 Jul 2023 03:51:32 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=618765503633258215
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6708 70 B
264 B 62ms
57ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 07 Jul 2023 03:51:32 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 476EF366-BD9A-4582-8108-E90B173FF3D7
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 6708 43 B
426 B 199ms
56ms Image
image/gif 2a05:d018:d29:3601:3520:f97d:1648:35a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/476EF366-BD9A-4582-8108-E90B173FF3D7?gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:3520:f97d:1648:35a1 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58292/ Frame 6708 0
125 B 170ms
43ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=476EF366-BD9A-4582-8108-E90B173FF3D7&redir=true&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:32 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6708
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://sync.bumlam.com/?src=bsw2&bsw_ssp=pubmatic&bsw_param=c45c8342-1ac3-468b-804f-f614e29cb519&gdpr=0&gdpr_consent=
https://sync.bumlam.com/?src=bsw2&s_data=CAIQARjEl56lBloJCgRnZHByEgEwWg4KDGdkcHJfY29uc2VudKIBEJAWqcAceRHusdoAJZDIJDeqAQhwdWJtYXRpY7IBJGM0NWM4MzQyLTFhYzMtNDY4Yi04MDRmLWY2MTRlMjljYjUxOQ**
https://x.bidswitch.net/sync?dsp_id=476&user_id=9016a9c0-1c79-11ee-b1da-002590c82437&expires=90&ssp=pubmatic&bsw_param=c45c8342-1ac3-468b-804f-f614e29cb519
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c45c8342-1ac3-468b-804f-f614e29cb519&gdpr=&gdpr_consent=&gdpr_pd=

1 B
246 B

47ms
47ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c45c8342-1ac3-468b-804f-f614e29cb519&gdpr=&gdpr_consent=&gdpr_pd=
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Fri, 07 Jul 2023 03:51:33 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c45c8342-1ac3-468b-804f-f614e29cb519&gdpr=&gdpr_consent=&gdpr_pd=
date: Fri, 07 Jul 2023 03:51:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame 6708 0
104 B 256ms
89ms Image
text/plain 2a02:fa8:8806:16::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=476EF366-BD9A-4582-8108-E90B173FF3D7&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:32 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6708
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2512322655345238718&gdpr=0&gdpr_consent=&us_privacy=

1 B
175 B

48ms
47ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2512322655345238718&gdpr=0&gdpr_consent=&us_privacy=
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Fri, 07 Jul 2023 03:51:31 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2512322655345238718&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Fri, 07 Jul 2023 03:51:32 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 6708 0
187 B 155ms
43ms Image
text/plain 98.98.134.241
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Fri, 07 Jul 2023 03:51:32 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 6708
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8993427d-7b23-44a9-8b8d-f2f5abc275f9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
95 B

48ms
47ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8993427d-7b23-44a9-8b8d-f2f5abc275f9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 07 Jul 2023 03:51:31 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8993427d-7b23-44a9-8b8d-f2f5abc275f9&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Fri, 07 Jul 2023 03:51:32 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 35AE 0
214 B 47ms
41ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=25470&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 35AE 0
214 B 91ms
42ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=36584&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 35AE 0
214 B 134ms
42ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 35AE
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3ZCVVElnTnOv9jxRNPuq1Q&rk=usync-other&gdpr=0
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=3ZCVVElnTnOv9jxRNPuq1Q&gdpr=0

43 B
479 B

62ms
61ms

Image
image/gif

67.220.224.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=3ZCVVElnTnOv9jxRNPuq1Q&gdpr=0

Protocol

HTTP/1.1

Server

67.220.224.150 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Jul 2023 03:51:32 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: M1A57VD853G8BYNP4Y7W
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=3ZCVVElnTnOv9jxRNPuq1Q&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 35AE
Redirect Chain

https://trc.taboola.com/sg/MagniteSCoD/1/cm?gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=1013714&nid=5550&put=13a28f68-f11a-45d7-ba4c-a81f700e74ad-tuctba11144

0
239 B

41ms
40ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=1013714&nid=5550&put=13a28f68-f11a-45d7-ba4c-a81f700e74ad-tuctba11144
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-vcl-time-ms: 2
date: Fri, 07 Jul 2023 03:51:32 GMT
via: 1.1 varnish
x-served-by: cache-ams21048-AMS
server: nginx
x-timer: S1688701892.435247,VS0,VE2
x-fastly-to-nlb-rtt: 770
x-cache: MISS
location: https://pixel.rubiconproject.com/tap.php?v=1013714&nid=5550&put=13a28f68-f11a-45d7-ba4c-a81f700e74ad-tuctba11144
accept-ranges: bytes
content-length: 0
x-service-version: v2
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 35AE
Redirect Chain

https://www.storygize.net/ccm/729e4e94-63c3-438d-8ce4-184eb34e703f?gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=37cf273d-6031-4a9e-b4c2-17b86d952301

0
239 B

41ms
41ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=37cf273d-6031-4a9e-b4c2-17b86d952301
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=37cf273d-6031-4a9e-b4c2-17b86d952301
Pragma: no-cache
P3P: CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
cache-control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
expires: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 35AE
Redirect Chain

https://x.bidswitch.net/sync?ssp=rubicon&gdpr=0&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=rubicon&gdpr=0&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=c45c8342-1ac3-468b-804f-f614e29cb519&expires=30

0
239 B

85ms
41ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=c45c8342-1ac3-468b-804f-f614e29cb519&expires=30
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: //pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=c45c8342-1ac3-468b-804f-f614e29cb519&expires=30
date: Fri, 07 Jul 2023 03:51:32 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame 35AE 43 B
442 B 165ms
47ms Image
image/gif 185.29.132.241
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.241 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MT3 1031 59fd23a master zrh zrh-pixel-x7 config_version:"1524" /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 07 Jul 2023 03:51:32 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x7 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 43
Expires: Fri, 07 Jul 2023 03:51:31 GMT

GET
H2 200 chunklist_480.m3u8 Show response
video.primis.tech/uploads/cn24/video/users/hls/30875/video_6135c90287084898949292/vid64a6065ddaac7281625949.mp4/ 344 B
825 B 145ms
49ms XHR
application/vnd.apple.mpegurl 185.167.96.10
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn24/video/users/hls/30875/video_6135c90287084898949292/vid64a6065ddaac7281625949.mp4/chunklist_480.m3u8
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: b83c09c17f7811d77be9513ba713b21f74c4b19ee9ee2fa4c02be7eb466bd731

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Fri, 07 Jul 2023 03:51:32 GMT
via: 1.1 c67ae9899d89f9402837da3a0ead9442.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C1
x-amz-server-side-encryption: AES256
content-length: 344
last-modified: Thu, 06 Jul 2023 00:24:48 GMT
server: Tengine
etag: "ac04747ddf29d1205156150ac8055eb9"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
x-amz-cf-id: 2bD5gjK-p3_HT9L3VsdfYGW7GoM-WxUY_9C5EY_xHQBkFhTxjIHWpw==
expires: Sun, 09 Jul 2023 03:51:32 GMT

GET
H2 200 w_480_00000.ts Show response
video.primis.tech/uploads/cn24/video/users/hls/30875/video_6135c90287084898949292/vid64a6065ddaac7281625949.mp4/ 410 KB
410 KB 97ms
92ms XHR
video/mp2t 185.167.96.10
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn24/video/users/hls/30875/video_6135c90287084898949292/vid64a6065ddaac7281625949.mp4/w_480_00000.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 2feffd6205841482bd0d509cd7ba1f9f632a2dd3bb9c789bbe68b0f85faf5b1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Fri, 07 Jul 2023 03:51:32 GMT
via: 1.1 c1a6a510f3f008881a299e0b31f8558c.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX3-C4
x-amz-server-side-encryption: AES256
content-length: 419428
last-modified: Thu, 06 Jul 2023 00:24:48 GMT
server: Tengine
etag: "1a91c7a1e2600c6fbdae3f5ffd7df1b0"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
x-amz-cf-id: NY0mhPhFRP4vWnmzfFB9PiiF67fYnkSj9eTQyL5VQPPkYJmuyYYW8A==
expires: Sun, 09 Jul 2023 03:51:32 GMT

GET
BLOB 200
OK 081ee336-ba2a-4cfc-9afe-c10ad8c90a83
https://www.cbr.com/ 67 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.cbr.com/081ee336-ba2a-4cfc-9afe-c10ad8c90a83
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length: 68465
Content-Type: text/javascript

GET
H2 200 w_480_00001.ts Show response
video.primis.tech/uploads/cn24/video/users/hls/30875/video_6135c90287084898949292/vid64a6065ddaac7281625949.mp4/ 384 KB
385 KB 47ms
47ms XHR
video/mp2t 185.167.96.10
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn24/video/users/hls/30875/video_6135c90287084898949292/vid64a6065ddaac7281625949.mp4/w_480_00001.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: dfd4f28a4f333ca511b0847795a55f431350b7f87aadd776af9c4c880a165742

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Fri, 07 Jul 2023 03:51:32 GMT
via: 1.1 117ba34fde3b271fec940af3fdfd86d4.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX3-C4
x-amz-server-side-encryption: AES256
content-length: 393484
last-modified: Thu, 06 Jul 2023 00:24:48 GMT
server: Tengine
etag: "b2337882acff088321a449f429894423"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
x-amz-cf-id: -oYaed9DDF183swVp6lQ4AasySS5j1st8EaR1B7AF0QlfK9v7mjeLQ==
expires: Sun, 09 Jul 2023 03:51:32 GMT

GET
H2 200 w_480_00002.ts Show response
video.primis.tech/uploads/cn24/video/users/hls/30875/video_6135c90287084898949292/vid64a6065ddaac7281625949.mp4/ 386 KB
387 KB 49ms
49ms XHR
video/mp2t 185.167.96.10
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn24/video/users/hls/30875/video_6135c90287084898949292/vid64a6065ddaac7281625949.mp4/w_480_00002.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 4c5c3d088f105dc933782c5bbcfdd835138dc950d35c9d090de7cbab9d8675c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Fri, 07 Jul 2023 03:51:32 GMT
via: 1.1 063a9ddbb93cf698306df937132cd318.cloudfront.net (CloudFront)
x-amz-cf-pop: SFO5-C1
x-amz-server-side-encryption: AES256
content-length: 395740
last-modified: Thu, 06 Jul 2023 00:24:48 GMT
server: Tengine
etag: "ddfea3c096d13b2663f51e8c8ffc3f2c"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
x-amz-cf-id: p60avWtU92eudFN8Lq4m7UyH4Bim1wXppk3wveFJIp5yM89t6jKuTg==
expires: Sun, 09 Jul 2023 03:51:32 GMT

GET
H2 200 w_480_00003.ts Show response
video.primis.tech/uploads/cn24/video/users/hls/30875/video_6135c90287084898949292/vid64a6065ddaac7281625949.mp4/ 382 KB
383 KB 46ms
46ms XHR
video/mp2t 185.167.96.10
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn24/video/users/hls/30875/video_6135c90287084898949292/vid64a6065ddaac7281625949.mp4/w_480_00003.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: b9bf38dd93c6004812c67d07173be1fd7c20ffa55ff406f6faa3891ec7486b6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Fri, 07 Jul 2023 03:51:32 GMT
via: 1.1 5da2b11dd2bb5c70272d19e1377be656.cloudfront.net (CloudFront)
x-amz-cf-pop: SFO5-C1
x-amz-server-side-encryption: AES256
content-length: 390852
last-modified: Thu, 06 Jul 2023 00:24:49 GMT
server: Tengine
etag: "0a03c4ed37e75ca2662835092566c286"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
x-amz-cf-id: jQJIqNaD3V_1gypu1_IG7euuhvYZ_oCxDlU0qG3F9wpTEfRZPSszFw==
expires: Sun, 09 Jul 2023 03:51:32 GMT

GET
H2 200 w_480_00004.ts Show response
video.primis.tech/uploads/cn24/video/users/hls/30875/video_6135c90287084898949292/vid64a6065ddaac7281625949.mp4/ 386 KB
387 KB 49ms
49ms XHR
video/mp2t 185.167.96.10
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn24/video/users/hls/30875/video_6135c90287084898949292/vid64a6065ddaac7281625949.mp4/w_480_00004.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: a9db2fa89cdbc3154f5de42cf3a28a33cef46c1ea5455f07f249f982b8d862a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Fri, 07 Jul 2023 03:51:33 GMT
via: 1.1 f2ad4c9e4965b7bc2c9a79d4afc8fc1e.cloudfront.net (CloudFront)
x-amz-cf-pop: IAH50-C3
x-amz-server-side-encryption: AES256
content-length: 394988
last-modified: Thu, 06 Jul 2023 00:24:49 GMT
server: Tengine
etag: "da4fa16059c2113083f74385139fbf7d"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
x-amz-cf-id: rn8XEunHCqcLemJwrOlLi7b4ML1u_UOzS2SrFLN4Kvij6RBUDnj1CA==
expires: Sun, 09 Jul 2023 03:51:33 GMT

GET
H2 200 w_480_00005.ts Show response
video.primis.tech/uploads/cn24/video/users/hls/30875/video_6135c90287084898949292/vid64a6065ddaac7281625949.mp4/ 414 KB
415 KB 54ms
53ms XHR
video/mp2t 185.167.96.10
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.primis.tech/uploads/cn24/video/users/hls/30875/video_6135c90287084898949292/vid64a6065ddaac7281625949.mp4/w_480_00005.ts
Requested by: Host: live.primis.tech
URL: https://live.primis.tech/content/video/hls/hls.0.12.4_3.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software: Tengine /
Resource Hash: 6f1730779be7205a4d135685baf605c7f26fd86a9021be8500d9d8fd27e724d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Fri, 07 Jul 2023 03:51:33 GMT
via: 1.1 7f822cbc5468903ff5582a7c6af4c024.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C1
x-amz-server-side-encryption: AES256
content-length: 424128
last-modified: Thu, 06 Jul 2023 00:24:49 GMT
server: Tengine
etag: "0993d8f31b35796889d8b1b188daf7ba"
access-control-max-age: 604800
access-control-allow-methods: GET, HEAD
content-type: video/mp2t
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: max-age=172800
accept-ranges: bytes
x-amz-cf-id: qHCms4J7_ILoqkEX-K_odDlJz0IXF0JvSeVuKw22hb9xhuEEFTpxfw==
expires: Sun, 09 Jul 2023 03:51:33 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 47ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0DTR9KMTE&gtm=45je3750&_p=1969631236&cid=915841126.1688701889&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&sid=1688701888&sct=1&seg=0&dl=https%3A%2F%2Fwww.cbr.com%2Fthe-last-of-us-part-3-leak-ellie-new-characters%2F&dt=The%20Last%20of%20Us%20Part%203%20Leaks%20Ellie%27s%20Role%2C%20New%20Main%20Characters&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0DTR9KMTE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 07 Jul 2023 03:51:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cbr.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 6708 0
260 B 163ms
42ms Script
text/plain 198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156595&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Fri, 07 Jul 2023 03:51:32 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=34

Verdicts & Comments Add Verdict or Comment

453 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

83 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.cbr.com/	1969-12-31 23:59:59	Name: viewType Value: direct
.cbr.com/	1970-01-20 22:33:49	Name: usprivacy Value: 1---
.casalemedia.com/	1970-01-20 21:50:37	Name: CMID Value: ZKeLwYDcpUllgcoMU8FiwgAA
.casalemedia.com/	1970-01-20 15:14:37	Name: CMPS Value: 1172
.casalemedia.com/	1970-01-20 15:14:37	Name: CMPRO Value: 1172
.cbr.com/	1970-01-20 13:05:05	Name: AMP_TOKEN Value: %24NOT_FOUND
.cbr.com/	1970-01-20 22:41:01	Name: _ga Value: GA1.2.915841126.1688701889
.cbr.com/	1970-01-20 13:06:28	Name: _gid Value: GA1.2.2122753804.1688701889
.cbr.com/	1970-01-20 13:05:01	Name: _gat Value: 1
.cbr.com/	1970-01-20 22:41:01	Name: _ga_Z0DTR9KMTE Value: GS1.1.1688701888.1.0.1688701889.0.0.0
.cbr.com/	1970-01-20 13:05:01	Name: lotame_domain_check Value: cbr.com
.cbr.com/	1970-01-20 22:33:49	Name: _awl Value: 2.1688701890.5-c8dd29fea02ca182f565418d442f0420-6763652d6575726f70652d7765737431-0
.adnxs.com/	1970-01-20 15:14:37	Name: uuid2 Value: 6489909190653916357
www.cbr.com/	1970-01-20 13:48:13	Name: _pbjs_userid_consent_data Value: 3524755945110770
.360yield.com/	1970-01-20 15:14:37	Name: tuuid Value: d1e7bfe9-51c1-4090-a78e-0fc20861af04
.360yield.com/	1970-01-20 15:14:37	Name: tuuid_lu Value: 1688701890
.mbid.marfeelrev.com/	1970-01-20 15:14:37	Name: uids Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYWRueHMiOnsidWlkIjoiNjQ4OTkwOTE5MDY1MzkxNjM1NyIsImV4cGlyZXMiOiIyMDIzLTA3LTIxVDAzOjUxOjMwLjg1N1oifSwiaW1wcm92ZWRpZ2l0YWwiOnsidWlkIjoiZDFlN2JmZTktNTFjMS00MDkwLWE3OGUtMGZjMjA4NjFhZjA0IiwiZXhwaXJlcyI6IjIwMjMtMDctMjFUMDM6NTE6MzAuNzQ5WiJ9fSwiYmRheSI6IjIwMjMtMDctMDdUMDM6NTE6MzAuMzU0WiJ9
www.cbr.com/	1970-01-20 13:05:05	Name: _lr_retry_request Value: true
www.cbr.com/	1970-01-20 13:48:13	Name: _lr_env_src_ats Value: false
www.cbr.com/	1970-01-20 14:31:25	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-07-07T03%3A51%3A31%22%7D
www.cbr.com/	1970-01-20 14:31:25	Name: pbjs-unifiedid_last Value: Fri%2C%2007%20Jul%202023%2003%3A51%3A31%20GMT
.pubmatic.com/	1970-01-20 21:50:37	Name: KADUSERCOOKIE Value: 476EF366-BD9A-4582-8108-E90B173FF3D7
.pubmatic.com/	1970-01-20 15:14:37	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 13:06:28	Name: pi Value: 156595:2
.pubmatic.com/	1970-01-20 15:14:37	Name: DPSync3 Value: 1689897600%3A245_241_235_201
.pubmatic.com/	1970-01-20 15:14:37	Name: SyncRTB3 Value: 1691280000%3A203%7C1689897600%3A214_264_81_8_161_220_71_165_234_21_55_251_22_56_46_233_166_88_176_13_3_254_238_54%7C1689292800%3A15_223_2%7C1689552000%3A63%7C1689984000%3A35
.quantserve.com/	1970-01-20 15:14:37	Name: d Value: EN0BCwG0KfijAA
.quantserve.com/	1970-01-20 22:35:16	Name: mc Value: 64a78bc4-4358e-b84c5-5c51c
.adfarm1.adition.com/	1970-01-20 15:14:37	Name: UserID1 Value: 7252919398838761618
.de17a.com/	1970-01-20 21:43:25	Name: guid Value: 1.1217755997292288786
.adx.opera.com/	1970-01-20 21:50:37	Name: UID Value: OPU2535b2c07c384cfa8aeb922c3f9f5de9
.ctnsnet.com/	1970-01-20 21:50:37	Name: cid_ca72776440134082835cf02f7fdfe971 Value: 1
.weborama.fr/	1970-01-20 22:30:57	Name: AFFICHE_W Value: sjLP2pLIlQey61
.csync.loopme.me/	1970-01-20 15:17:30	Name: viewer_token Value: 018ad40e-e90a-44dd-9220-f62f4ad7dede
.simpli.fi/	1970-01-20 21:52:04	Name: suid Value: DA5285522905468B9FB57681F38841DF
.pubmatic.com/	1970-01-20 13:48:13	Name: KRTBCOOKIE_57 Value: 22776-6489909190653916357&KRTB&23339-6489909190653916357
.pubmatic.com/	1970-01-20 13:48:13	Name: KRTBCOOKIE_1101 Value: 23040-7252919398838761618&KRTB&23369-7252919398838761618
.rfihub.com/	1970-01-20 22:26:37	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMrUwNTczNDEwMxHiM9RNdzUNME0KLSwO9M4AAKXnHwIlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMrUwNTczNDEwMxHiM9RNdzUNME0KLSwO9M4AAKXnHwIlAAAA
.rfihub.com/	1970-01-20 22:26:37	Name: eud Value: H4sIAAAAAAAA_9vEyGtoZmFhbmBoYWlkbGEJAO7yjbEQAAAA
.doubleclick.net/	1970-01-20 22:26:37	Name: IDE Value: AHWqTUly_aMfyXJfGV3rxy5NlqT9mTXhjtq8GsTOQZgdjij9D85xtzhPTamzkqzrNhg
.everesttech.net/	1970-01-20 21:50:37	Name: everest_g_v2 Value: g_surferid~ZKeLxAAXPh79mgAn
.adform.net/	1970-01-20 13:49:40	Name: C Value: 1
.pubmatic.com/	1970-01-20 13:48:13	Name: KRTBCOOKIE_153 Value: 1923-rWIz16M0MdS2YmHVozN_gqNiMdW2YzHVqjUMQ8hD&KRTB&19420-rWIz16M0MdS2YmHVozN_gqNiMdW2YzHVqjUMQ8hD&KRTB&22979-rWIz16M0MdS2YmHVozN_gqNiMdW2YzHVqjUMQ8hD&KRTB&23403-rWIz16M0MdS2YmHVozN_gqNiMdW2YzHVqjUMQ8hD
.pubmatic.com/	1970-01-20 13:48:13	Name: KRTBCOOKIE_18 Value: 22947-5141210825857614064
.pubmatic.com/	1970-01-20 13:48:13	Name: KRTBCOOKIE_336 Value: 5844-1217755997292288786
.pubmatic.com/	1970-01-20 13:48:13	Name: KRTBCOOKIE_80 Value: 22987-CAESEMBGU2z8RmxSHQ22qzaVtl4&KRTB&16514-CAESEMBGU2z8RmxSHQ22qzaVtl4&KRTB&23025-CAESEMBGU2z8RmxSHQ22qzaVtl4&KRTB&23386-CAESEMBGU2z8RmxSHQ22qzaVtl4
.bidr.io/	1970-01-20 22:33:35	Name: bito Value: AAEIE07JTxgAACFDOJhbWQ
.bidr.io/	1970-01-20 22:33:35	Name: bitoIsSecure Value: ok
.adform.net/	1970-01-20 14:31:25	Name: uid Value: 618765503633258215
.onaudience.com/	1970-01-20 21:50:37	Name: cookie Value: b8382941b9214602
.onaudience.com/	1970-01-20 13:06:28	Name: done_redirects104 Value: 1
.pubmatic.com/	1970-01-20 13:48:13	Name: KRTBCOOKIE_391 Value: 22924-618765503633258215&KRTB&23263-618765503633258215&KRTB&23481-618765503633258215
.adsby.bidtheatre.com/	1970-01-20 13:15:06	Name: __kuid Value: 8993427d-7b23-44a9-8b8d-f2f5abc275f9.457915892
.amazon-adsystem.com/	1970-01-20 22:41:01	Name: ad-privacy Value: 0
sync.srv.stackadapt.com/	1970-01-20 21:50:37	Name: sa-user-id Value: s%3A0-8b10da7b-3e40-55d6-45e0-334215ea8778.NrFVdA%2FNaZ4%2FprvyJPqinKSMtufiyR6E%2BpueMO%2BP6d4
sync.srv.stackadapt.com/	1970-01-20 21:50:37	Name: sa-user-id-v2 Value: s%3AixDaez5AVdZF4DNCFeqHeFD_B2o.jvvh9MlaI297iaYlxK4PPt90bMHJhJcDBuGI3et2UqI
.srv.stackadapt.com/	1970-01-20 21:50:37	Name: sa-user-id-v2 Value: s%3AixDaez5AVdZF4DNCFeqHeFD_B2o.jvvh9MlaI297iaYlxK4PPt90bMHJhJcDBuGI3et2UqI
.bidswitch.net/	1970-01-20 21:50:37	Name: c Value: 1688701892
.bidswitch.net/	1970-01-20 21:50:37	Name: tuuid_lu Value: 1688701892
.bidswitch.net/	1970-01-20 21:50:37	Name: tuuid Value: c45c8342-1ac3-468b-804f-f614e29cb519
.pubmatic.com/	1970-01-20 13:48:13	Name: KRTBCOOKIE_409 Value: 22966-woK5xk2lhSYSXRWbhRXbWUaX
.audrte.com/	1970-01-20 13:26:37	Name: arcki2 Value: 333k09xYA2aTa22T3hJeUarDA!20220908!1688701892621!ip#80.255.7.106
.audrte.com/	1970-01-20 13:26:37	Name: arcki2_pubmatic Value: 476EF366-BD9A-4582-8108-E90B173FF3D7!20220908!1688701892624
.amazon-adsystem.com/	1970-01-20 19:32:23	Name: ad-id Value: A0a-gGlKlkbfgUlLd6Rakzg
.pubmatic.com/	1970-01-20 13:48:13	Name: KRTBCOOKIE_860 Value: 16335-ixDaez5AVdZF4DNCFeqHeFD_B2o&KRTB&23334-ixDaez5AVdZF4DNCFeqHeFD_B2o&KRTB&23417-ixDaez5AVdZF4DNCFeqHeFD_B2o&KRTB&23426-ixDaez5AVdZF4DNCFeqHeFD_B2o
.tribalfusion.com/	1970-01-20 15:14:37	Name: ANON_ID Value: amnseFy4ZawFBA9MAJP7ckZcZcGvRfvOyD6RrWcFgQc6b3LMZbtKwW2qybyhZaSA8gIeKQqVRj00tTfY8bl5flD1t
.smartadserver.com/	1970-01-20 22:36:42	Name: pid Value: 2097337869477726173
.smartadserver.com/	1970-01-20 22:36:42	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 21:52:04	Name: csync Value: 127:AAEIE07JTxgAACFDOJhbWQ
.turn.com/	1970-01-20 17:24:13	Name: uid Value: 2512322655345238718
.audrte.com/	1970-01-20 13:26:37	Name: arcki2_ddp2 Value: 333k09xYA2aTa22T3hJeUarDA!20220908!1688701892803
.gammaplatform.com/	1970-01-20 13:06:28	Name: _aGeoIp Value: JP\|Nagoya
.gammaplatform.com/	1970-01-20 22:41:01	Name: _aUID Value: 1mm99f679e2t
.pubmatic.com/	1970-01-20 13:48:13	Name: KRTBCOOKIE_22 Value: 14911-2512322655345238718&KRTB&23150-2512322655345238718
.bumlam.com/	1970-01-20 22:41:01	Name: suuid3 Value: IiQ5MDE2YTljMC0xYzc5LTExZWUtYjFkYS0wMDI1OTBjODI0Mzc*
.pubmatic.com/	1970-01-20 13:48:13	Name: KRTBCOOKIE_1310 Value: 23431-1mm99f679e2t&KRTB&23446-1mm99f679e2t&KRTB&23465-1mm99f679e2t
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 08553ccb3bfd2d9e
.audrte.com/	1970-01-20 13:26:37	Name: arcki2_adform Value: 618765503633258215!20220908!1688701893001
.pubmatic.com/	1970-01-20 13:48:13	Name: KRTBCOOKIE_466 Value: 16530-c45c8342-1ac3-468b-804f-f614e29cb519
.pubmatic.com/	1970-01-20 13:48:13	Name: KRTBCOOKIE_699 Value: 22727-AAEIE07JTxgAACFDOJhbWQ
.pubmatic.com/	1970-01-20 13:48:13	Name: PugT Value: 1688701890
.pubmatic.com/	1970-01-20 13:48:13	Name: SPugT Value: 1688701892

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.cbr.com/the-last-of-us-part-3-leak-ellie-new-characters/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=34' from origin 'https://www.cbr.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=34 Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=476EF366-BD9A-4582-8108-E90B173FF3D7&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.pubmatic.com
aloofvest.com
ampcid.google.com
ampcid.google.de
api.rlcdn.com
ats.rlcdn.com
bcp.crwdcntrl.net
beacon.tru.am
bh.contextweb.com
c.amazon-adsystem.com
c1.adform.net
cdn-ima.33across.com
cdn.adsninja.ca
cdn.hadronid.net
cdn.id5-sync.com
cdn.optmn.cloud
cm-supply-web.gammaplatform.com
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
core.iprom.net
cr.frontend.weborama.fr
csync.loopme.me
d15kdpgjg3unno.cloudfront.net
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dyv1bugovvq1g.cloudfront.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
green.erne.co
hbopenbid.pubmatic.com
ib.adnxs.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
images.getadmiral.com
imasdk.googleapis.com
ipac.ctnsnet.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lb.eu-1-id5-sync.com
lexicon.33across.com
live.primis.tech
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mbid.marfeelrev.com
p.rfihub.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
proc.ad.cpe.dotomi.com
pubmatic-match.dotomi.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.openx.net
s.tribalfusion.com
sb.scorecardresearch.com
scarfsmash.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
seg.ad.gt
simage2.pubmatic.com
simage4.pubmatic.com
sqs.us-east-1.amazonaws.com
ssum.casalemedia.com
static.adsafeprotected.com
static1.cbrimages.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.bumlam.com
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
t.adx.opera.com
tagan.adlightning.com
tags.crwdcntrl.net
token.rubiconproject.com
trc.taboola.com
tru.am
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
video.primis.tech
www.cbr.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.storygize.net
x.bidswitch.net
api.rlcdn.com
108.138.36.80
13.32.99.23
13.32.99.59
141.94.171.216
141.95.171.139
142.250.186.98
143.204.215.114
143.204.98.16
144.76.226.28
151.101.130.49
162.19.138.116
172.64.152.222
173.231.181.122
178.250.1.9
18.173.187.57
18.185.50.28
184.30.16.195
185.167.96.10
185.29.132.241
185.64.189.112
185.64.190.80
185.80.39.216
185.86.138.153
185.89.210.20
188.166.17.21
193.0.160.131
195.5.165.20
198.47.127.19
198.47.127.20
198.47.127.205
2001:4860:4802:34::36
208.93.169.131
213.155.156.165
23.67.137.210
2400:52e0:1e00::1081:1
2600:1901:0:4277::1
2600:1901:0:d733::1
2600:9000:2251:b000:1a:5235:f980:93a1
2600:9000:237d:6400:11:b309:9100:21
2600:9000:237d:8200:5:82fd:2500:21
2600:9000:26da:7400:8:48e:53c0:93a1
2606:4700:10::6816:35ad
2606:4700:10::6816:445
2606:4700:10::ac43:17ea
2606:4700:10::ac43:266a
2606:4700:20::681a:274
2606:4700:3031::ac43:81a1
2606:4700:3037::ac43:c1e6
2606:4700::6810:7daf
2606:4700::6812:19ad
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:806::2003
2a00:1450:4001:808::200a
2a00:1450:4001:812::200e
2a00:1450:4001:828::2002
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9b
2a02:fa8:8806:13::1460
2a02:fa8:8806:16::1370
2a04:4e42:200::300
2a05:d018:d29:3601:3520:f97d:1648:35a1
3.236.169.87
3.75.62.37
31.172.81.160
34.111.129.221
34.111.131.239
34.201.177.150
34.91.62.186
35.186.193.173
35.186.253.211
35.214.138.110
35.244.193.51
35.71.131.137
37.157.5.84
44.235.174.246
46.228.164.11
52.205.237.64
52.220.229.2
52.222.208.154
52.3.201.139
52.30.150.15
54.217.171.212
54.76.252.247
54.77.229.78
65.9.66.97
67.220.224.150
69.173.144.137
69.173.144.139
69.173.144.165
82.145.213.8
85.114.159.118
95.101.149.233
98.98.134.241
02e7535563110e913669c43b9233db020deb9a4b0eaff84ab9de1b55b8ad21c4
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
1066d05ee93adf2b380cb5e78b62f7161cbba2ef60c58d9296a06288532c118b
14b6babace7b8808c7913c02728d3f113b571ca33bd3fa88883eb053f6e980f0
14ea20d8743df422e4c9241a7e88da9754b2cec8d64a054e2c8d9576ea637ba1
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
15c8a0708e3db7938bb7d7a63b5c67abad96dde683cccef9b5254e82e203cf62
163578ef55638a23ba71f5dfadf9b78f1bc2c0a623514904b074432e615d9fa1
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18f235f67be1da44b4b446ca0741a35337941c1fdb0f78e07e8d03cb7b3a952d
1914f7412eef54bbfcf8789d87329a520d1d12c7f43516e40057b0c7a0e6bed5
1d16d42e33c80a00df5f4c6a514edbfaa985a2cdf0d33b4f76f90a6625b773b7
1d47d5e787391abf80d345dad6406690d5f2a549bd2f9387f2505d22b47405de
1f06b09e19ec355d3b2f5b6189428e24c583533ab9acaaa3bcd7d04af1d3c1a3
1f1c75422838aaf1ac06897faeb7af3d942a9b0252c40075f476524d648aa333
1f76a066cd078dbf5578ee07a0b3cf398474a47b8616016ca1797cbcd9f90ffe
1fd2f32ff8f7faa45f37f017373f5aed9e8fa2592777558dceb6279d2c6b6c1f
22f242ff812c8a2ce97a04475df3970476d556a9391984b907a1f0d87fbe824b
25359cb3d49c2e00cb2e97f95643ee30748d54c33daa11c9c6fb0d2b519dfffa
26d2faea8778e1dcca85bc25d9792b0d811cfe8fde241dadd297b63ca83db765
2773e13c4fefcefa5801f219a4d286ccfc1841f02798447c020ea5a02ed7e4b0
2880fbb26ad5becd41ec25a5c37da351ac77225bbf30d5a9ab8accf5728591cf
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2feffd6205841482bd0d509cd7ba1f9f632a2dd3bb9c789bbe68b0f85faf5b1c
31132c72c7fdd9ec6a227fa1eaf04d17c9b2c0381cf20de780c6027a56a4a23e
369b6a06cf0598a92b22182eb79ecc4387aff4c5507cdf798d5febccb1f5656d
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3dedd9c127f377a69e470fd521a31bb80b4aeb039aaf4e82c0ca35c71cb28865
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c5c3d088f105dc933782c5bbcfdd835138dc950d35c9d090de7cbab9d8675c9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
55590528f3843330e079ab923a28a2e8f95b47c9b38d413b98b019b244f6c9cc
59d01cb122b1839c1141c637e4a9b92004179468af8b2d518414cfd980b6546a
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5d79a20f1fff4ebf9885cb826bb770834af7ea80c3230f173857bf07b134fdf0
613b77472fe1bb53990f483b4a2f1ac45da23bba147b2cd3c01acdebb83b361d
62317653aec8072f08482c2dce044e9ce7da85536e67b01109571c65f96d8603
64a77b28df2e377138e10a62ce14f80ee4b31bab4a5336a6229457bd6d60d79c
64a8a922a6f43dc6b97f4ab30e104e385d95790d5598d899b068eea2801a76d0
666ef09fc39a584564a30f545e0f7d47d789f8629f7c152d77de402dee729881
68c497873d01206e34fc462c5bc13f0680c834579be0990368665b2abf30639e
6e91aaec2cb3510b97bb0655abdb08942dbefd617b169d0cd97b23fc48e68b2b
6f1730779be7205a4d135685baf605c7f26fd86a9021be8500d9d8fd27e724d4
71b1eea9c67c144f641bc97fd39e882291e9b911f803f144e501b8d309341b64
71d7d0632c415746c786d0ede9663fc8c6f674b384ce88e2a5a24799f3bdb01f
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
73c8fb58b7c51fbd48a0b5aa403faaabd31a0d4984edee4104592832d50a98f0
77fc2d516c59cc4481a8a449d21bc9a992baec854e4f13b0c1f5d7148ceda830
7915bdd360552e230a1a42811225f7e7a098d1358206af638852da7c9f701cc1
7a20b371f96093be0c049b07134deb9bec533817ce791e865aaab7b60dfe4beb
7d8aca4a24e0fc01d9f8627550ae9c05e8163b0c73e51c585e97ca13a0503d23
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f545cb836815f9d4f7cb6d5c2aecc8b97bc18224f372f3c8de693ab62617f94
84c6093653d1175d1c17556b8888ab71762ad7262de47f329d66db8991e1ae14
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
887e954bfaddbebd52b8c4e0ce96381745c9f9c04f2f579e6a31a1a7c47351be
8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154
8ce450266ddf891f0406013c3489d6113102842bcdd67a507bae207f9b1c4a8a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da1b18e309ebca5864b3ca167ddc8ca77b987b42a9e693514038ef5bfa69d85
8dfee02c6420dfddb8ea89f50f382e993c891f62400b1a02b7cb8314510f1ab4
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
97c8bb4133b21d068c91c167ff7db637248e2bd5d3d069308a4353af0be8a691
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9f6410ae85726ec4d2345689acf227ea4559ab9a03510fcc04b0c86bc6ee7aa9
a20010b26bce05ea3cfc83cf3a162b7c16b5d2fa2bcf2253b0394b0eb322347a
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a53ba8c8a4c223d534dd7223ac4371e0e8e4714feac507ed2f642b8db1e9c629
a5cd15052f401e674a9cea67de971c439a14dd45736f8b22d099844b95512930
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a9db2fa89cdbc3154f5de42cf3a28a33cef46c1ea5455f07f249f982b8d862a0
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0c143d00d56f99292dce9e0484cd3325fb7ff5ae299e555edd0a918ce0f5880
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3c3d01e93c22a32559827f1539c73c3e84bad4b1b45b9c092f4e379cea2ca95
b3e57eb372e8b405c816875571e184854b2846261c7477c6c9bdb7782faa1a30
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b83c09c17f7811d77be9513ba713b21f74c4b19ee9ee2fa4c02be7eb466bd731
b9bf38dd93c6004812c67d07173be1fd7c20ffa55ff406f6faa3891ec7486b6b
bb836ef399a57e0c7ba44b8fd7f45d1c74c6801c8c85460fb529a7e95aa2f74b
bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19
bf5b5a4196e2df193d794a6e8b0228e41b49e6bcc4531179b8ed8d5293300586
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c28e9ef84f4bf39a14ea5d88883771f5c10a33860cda64821afb493382da0b04
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c4650b58465a55f3d663bca634f08b6ac44b63053752457add5a2c13e7648b2b
c7a36408f0134e6646ca510586a5442ca584b80d5e6fc1a28e53e2097fddebe8
c884dfd88281336423bd6589cb522f8b2c68e1776373ca93b21658335a3a9ae4
c9571d9345e61bb97e3090ffb2cf4f4773ede5191fea96bc86b4f05c521a3396
c97fc82429a0a8c24a88c64213782da0c325bebc3fc3293235c5c5bd79cb0aa0
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb96f9ccdcbf6028838eca33f7fcb41af5e8fad19fd36faf5d9e6eb3402341db
cc390bc6eb4c9badf29cbf5c495f6bcc941769e1befd9d8799c143e112079ad4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0080ee60f244fa722b947096eac634dd0b19159e5d36bf4b249012ae7369a0c
d0706457807f4878af05eca2139e9fc785a17d548ee5217484fe5d4cf8cf518f
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d2ea165bd1a5849931e9f31f95f8dd7781e979a93eaacbcff78284a17ad66871
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d42b231c0e17b420d1f4387bfcb912f4e3f36dda20bf24b096e380e48ae1ef50
d4ed5bd20c3036042165e91001bd91497551164b0e34c76cb8a6eb15c33f3c15
dbc211260f3fb81e545fbebe8be8c367ebe670a585e60e1ec58524c06723ecbc
dcbb76a8cb268e3ed25b14f8d4a9b8e906f20da34d903111c2d77fc2c34d83cc
dd22a2ce53426fa17d1c872fdb351b64e32e5b4880a23c1e3e5476210e047483
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de65ca8feb02517f4832036a101f78c7c9e6b3c2f63a3baf6e88999877b906cf
dfd4f28a4f333ca511b0847795a55f431350b7f87aadd776af9c4c880a165742
e231ed36d335957a2a4266860151d48215e4c59f56ab3efd66e470ef6e391aaa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7
e4240ee23e840bebe54c7c07512f10aee39ae8c0f3ddd6a692be08eb6a6875a9
e4eaf119e43bfb9506bfe39549f4972e6c3cf14508a03c9cb0c57a516f216456
e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874
e84b41017d8f192bfc925154f11700f2da78b3b9c732d298e5fd9b413b803021
ec82f03978c9134b7be27ba170d8a76468a394ec76ea738221984d6cac8bebb4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe99140f165ad1d7a7737817657f967135d1e8f07498306b4e75f74f4bce0be
f01fd574c6d2306155fbb5eb35641e87cc75b30df8d491f2f83654d39a085738
f4036baba5e02b7a3f76419beef5986e6a9dc863fcea9e3806c9bfc10327b304
f780b7b024db7340ae4027101c89aebc0303ff40c0d5e510a4454f6b6558bb73
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f
fd62e97ce1efec8f038643c0fa0a54cff911926b8eab345bb14b1514c68e5c3d
fe244632378c904202503d2b49d0d1e83133143f11f2e89c1bab5c03c9e98525
ff7dfd29448564b605d0b90bd9fd27a2596ecf57fb6f10806f0a4466ea5f7b61

www.cbr.com Open in urlscan Pro 34.201.177.150 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

189 Requests

89 %HTTPS

34 %IPv6

74 Domains

107 Subdomains

77 IPs

13 Countries

5301 kBTransfer

11331 kBSize

83 Cookies

16 Outgoing links

Redirected requests

189 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cbr.com Open in urlscan Pro
34.201.177.150 Public Scan

Screenshot
Live screenshot

Full Image

189
Requests

89 %
HTTPS

34 %
IPv6

74
Domains

107
Subdomains

77
IPs

13
Countries

5301 kB
Transfer

11331 kB
Size

83
Cookies

189 HTTP transactions
0 data transactions