urlscan.io logo urlscan.io
SecurityTrails logo

genius.com Open in urlscan Pro
2606:4700::6812:1360  Public Scan

Go To Rescan Add Verdict Report
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Submission: On November 17 via api from IE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 74 IPs in 10 countries across 75 domains to perform 222 HTTP transactions. The main IP is 2606:4700::6812:1360, located in United States and belongs to CLOUDFLARENET, US. The main domain is genius.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 8th 2021. Valid for: a year.
This is the only time genius.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 2606:4700::68... 13335 (CLOUDFLAR...)
3 142.250.186.98 15169 (GOOGLE)
1 2600:9000:205... 16509 (AMAZON-02)
1 13.32.22.111 16509 (AMAZON-02)
6 13.32.21.201 16509 (AMAZON-02)
1 142.250.186.138 15169 (GOOGLE)
9 2606:4700::68... 13335 (CLOUDFLAR...)
1 142.250.186.142 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
8 2606:4700::68... 13335 (CLOUDFLAR...)
2 34.254.143.3 16509 (AMAZON-02)
1 3 143.204.215.58 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
3 151.101.193.44 54113 (FASTLY)
2 34.95.69.49 15169 (GOOGLE)
4 2600:1901:0:7... 15169 (GOOGLE)
20 185.220.204.204 41436 (CLOUDWEBM...)
1 54.171.159.234 16509 (AMAZON-02)
1 2600:9000:211... 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
7 35.186.241.51 15169 (GOOGLE)
1 142.250.186.110 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
3 2.18.233.180 16625 (AKAMAI-AS)
2 6 23.37.42.132 16625 (AKAMAI-AS)
2 2 185.94.180.126 35220 (SPOTX-AMS)
2 2 35.244.159.8 15169 (GOOGLE)
1 2a0c:5c81:509... 55081 (24SHELLS)
5 7 18.194.61.148 16509 (AMAZON-02)
1 1 162.55.6.213 24940 (HETZNER-AS)
4 9 2.18.234.21 16625 (AKAMAI-AS)
2 2 185.33.221.14 29990 (ASN-APPNEX)
6 63.250.60.64 204548 (CLOUDWEBM...)
1 2a00:1450:400... 15169 (GOOGLE)
1 13.32.22.82 16509 (AMAZON-02)
1 18.193.42.157 16509 (AMAZON-02)
2 185.64.190.78 62713 (AS-PUBMATIC)
6 62.149.0.72 15497 (COLOCALL ...)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
1 7 5.178.65.246 50673 (SERVERIUS-AS)
3 2600:9000:206... 16509 (AMAZON-02)
2 3 37.157.3.28 198622 (ADFORM)
2 89.187.169.47 60068 (CDN77 ^_^)
1 12 54.93.135.255 16509 (AMAZON-02)
1 2 66.155.71.25 13768 (COGECO-PEER1)
3 5.178.65.253 50673 (SERVERIUS-AS)
1 1 35.227.252.103 15169 (GOOGLE)
3 6 3.212.173.197 14618 (AMAZON-AES)
1 3 162.55.233.29 24940 (HETZNER-AS)
1 2 185.33.221.88 29990 (ASN-APPNEX)
1 1 88.214.206.247 46636 (NATCOWEB)
2 6 188.132.147.227 42910 (PREMIERDC...)
1 51.75.86.98 16276 (OVH)
18 2606:4700:10:... 13335 (CLOUDFLAR...)
9 9 142.250.186.66 15169 (GOOGLE)
3 4 35.227.248.159 15169 (GOOGLE)
1 2 37.157.6.245 198622 (ADFORM)
4 6 52.223.40.198 16509 (AMAZON-02)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
3 3 52.214.44.171 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 35.201.81.244 15169 (GOOGLE)
1 89.163.159.106 24961 (MYLOC-AS ...)
2 5 52.215.102.174 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 3.120.52.200 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
3 52.209.141.115 16509 (AMAZON-02)
4 4 151.101.66.49 54113 (FASTLY)
1 1 2.18.233.201 16625 (AKAMAI-AS)
1 1 34.232.240.103 14618 (AMAZON-AES)
1 2 52.95.115.255 16509 (AMAZON-02)
1 2 104.111.215.191 16625 (AKAMAI-AS)
1 1 63.34.99.83 16509 (AMAZON-02)
1 2 209.54.180.3 16509 (AMAZON-02)
1 1 54.236.220.178 14618 (AMAZON-AES)
1 1 35.171.214.154 14618 (AMAZON-AES)
1 37.157.6.252 198622 (ADFORM)
2 2 185.29.134.248 30419 (MEDIAMATH...)
2 141.226.228.48 200478 (TABOOLA-AS)
2 69.173.144.139 26667 (RUBICONPR...)
1 1 37.252.173.213 29990 (ASN-APPNEX)
1 65.9.71.75 16509 (AMAZON-02)
1 51.158.28.83 12876 (Online SAS)
1 1 178.250.2.151 44788 (ASN-CRITE...)
3 4 54.93.162.63 16509 (AMAZON-02)
1 3 18.156.0.31 16509 (AMAZON-02)
2 2 72.251.244.140 29791 (VOXEL-DOT...)
2 2 52.214.119.250 16509 (AMAZON-02)
2 3.125.70.222 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.80.60.244 14618 (AMAZON-AES)
1 1 2001:678:cb4:... 56396 (AMOBEE)
222 74
20    2606:4700::6812:1360 (United States)

ASN13335 (CLOUDFLARENET, US)
genius.com
assets.genius.com
librato-collector.genius.com
3    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2600:9000:2057:9600:1d:ae6e:9cc0:21 (United States)

ASN16509 (AMAZON-02, US)
d3l739e8r8y9v7.cloudfront.net
1    13.32.22.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-111.fra56.r.cloudfront.net
cdn.adsafeprotected.com
6    13.32.21.201 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-201.fra56.r.cloudfront.net
c.amazon-adsystem.com
1    142.250.186.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f10.1e100.net
ajax.googleapis.com
9    2606:4700::6812:778 (United States)

ASN13335 (CLOUDFLARENET, US)
cookie-cdn.cookiepro.com
1    142.250.186.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f14.1e100.net
www.google-analytics.com
1    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
8    2606:4700::6812:1260 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.genius.com
librato-collector.genius.com
2    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadus.exelator.com
loadeu.exelator.com
3    143.204.215.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-58.fra53.r.cloudfront.net
sb.scorecardresearch.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
2    34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
4    2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
sessions.bugsnag.com
20    185.220.204.204 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
live.primis.tech
1    54.171.159.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-159-234.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
1    2600:9000:211e:4400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a02:26f0:6c00:299::1fcf (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
js-cdn.music.apple.com
7    35.186.241.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.241.186.35.bc.googleusercontent.com
api.mixpanel.com
1    142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net
ampcid.google.com
1    2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a02:26f0:6c00:1b2::2a1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
is2-ssl.mzstatic.com
1    2a02:26f0:6c00:198::20b6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
audio-ssl.itunes.apple.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
6    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
1    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
7    18.194.61.148 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-61-148.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    162.55.6.213 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.213.6.55.162.clients.your-server.de
csync.loopme.me
9    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
2    185.33.221.14 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
6    63.250.60.64 (Frankfurt am Main, Germany)

ASN204548 (CLOUDWEBMANAGE-IL-FR, US)
video.primis.tech
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.de
1    13.32.22.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-82.fra56.r.cloudfront.net
stats.pusher.com
1    18.193.42.157 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-42-157.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
6    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.console.adtarget.com.tr
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
7    5.178.65.246 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
3    2600:9000:206f:9c00:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
3    37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
2    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
cdn.admatic.com.tr
12    54.93.135.255 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
ih.adscale.de
2    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
pixel-sync.sitescout.com
3    5.178.65.253 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
6    3.212.173.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-173-197.compute-1.amazonaws.com
a.audrte.com
3    162.55.233.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.233.55.162.clients.your-server.de
sync.richaudience.com
2    185.33.221.88 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    88.214.206.247 (United Kingdom)

ASN46636 (NATCOWEB, US)
PTR: buycheapfags.com
cs.admanmedia.com
6    188.132.147.227 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
PTR: static-227-147-132-188.sadecehosting.net
ads3.admatic.com.tr
ads4.admatic.com.tr
1    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
18    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
9    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
2    37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
6    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2600:1f18:6593:f608:82c4:8e67:4786:1156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b002:dccc:4b37:dddb:cf1e (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
3    52.214.44.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-44-171.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    151.1.205.165 (Erba, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    89.163.159.106 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
5    52.215.102.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    3.120.52.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-52-200.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
3    52.209.141.115 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-141-115.eu-west-1.compute.amazonaws.com
beacon.krxd.net
4    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    34.232.240.103 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-240-103.compute-1.amazonaws.com
usermatch.krxd.net
2    52.95.115.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    63.34.99.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-99-83.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
2    209.54.180.3 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    54.236.220.178 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-220-178.compute-1.amazonaws.com
sync.extend.tv
1    35.171.214.154 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-214-154.compute-1.amazonaws.com
nep.advangelists.com
1    37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
c1.adform.net
2    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
2    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    37.252.173.213 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 864.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
adscale-emea.adnxs.com
1    65.9.71.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-75.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    51.158.28.83 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-28-83.rev.poneytelecom.eu
js.cookieless-data.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
4    54.93.162.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-162-63.eu-central-1.compute.amazonaws.com
pixel.advertising.com
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    72.251.244.140 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
tracking.m6r.eu
2    52.214.119.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-119-250.eu-west-1.compute.amazonaws.com
r.scoota.co
2    3.125.70.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    2600:9000:2057:8200:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    54.80.60.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-60-244.compute-1.amazonaws.com
ping.chartbeat.net
1    2001:678:cb4:bbbb::13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
Apex Domain
Subdomains		 Transfer
28 genius.com
genius.com
assets.genius.com
librato-collector.genius.com
943 KB
26 primis.tech
live.primis.tech
video.primis.tech
484 KB
18 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
5 KB
15 adscale.de
js.adscale.de
ih.adscale.de
16 KB
12 doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
143 KB
10 e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
s.e-planning.net
17 KB
10 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
82 KB
9 casalemedia.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
10 KB
9 cookiepro.com
cookie-cdn.cookiepro.com
165 KB
8 admatic.com.tr
cdn.admatic.com.tr
ads3.admatic.com.tr
ads4.admatic.com.tr
22 KB
8 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
22 KB
7 bidswitch.net
x.bidswitch.net
3 KB
7 adtarget.com.tr
s.console.adtarget.com.tr
sync.console.adtarget.com.tr
3 KB
7 mixpanel.com
api.mixpanel.com
892 B
6 crwdcntrl.net
bcp.crwdcntrl.net
tags.crwdcntrl.net
sync.crwdcntrl.net
15 KB
6 adsrvr.org
match.adsrvr.org
3 KB
6 audrte.com
a.audrte.com
5 KB
6 adform.net
cm.adform.net
dmp.adform.net
c1.adform.net
track.adform.net
2 KB
5 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
1 KB
5 adnxs.com
secure.adnxs.com
ib.adnxs.com
adscale-emea.adnxs.com
4 KB
5 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
16 KB
5 taboola.com
cdn.taboola.com
trc.taboola.com
trc-events.taboola.com
27 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 krxd.net
beacon.krxd.net
usermatch.krxd.net
1 KB
4 yahoo.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
2 KB
4 tapad.com
pixel.tapad.com
2 KB
4 bugsnag.com
sessions.bugsnag.com
251 B
3 mathtag.com
pixel.mathtag.com
sync.mathtag.com
2 KB
3 demdex.net
dpm.demdex.net
3 KB
3 richaudience.com
sync.richaudience.com
742 B
3 openx.net
u.openx.net
rtb.openx.net
804 B
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
2 eyeota.net
ps.eyeota.net
2 KB
2 scoota.co
r.scoota.co
1 KB
2 m6r.eu
tracking.m6r.eu
1 KB
2 bluekai.com
tags.bluekai.com
650 B
2 weborama.fr
idsync.frontend.weborama.fr
672 B
2 tidaltv.com
sync.tidaltv.com
791 B
2 sitescout.com
pixel.sitescout.com
pixel-sync.sitescout.com
479 B
2 creativecdn.com
creativecdn.com
721 B
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 facebook.com
www.facebook.com
313 B
2 apple.com
js-cdn.music.apple.com
audio-ssl.itunes.apple.com
54 KB
2 clean.gg
i.clean.gg
104 B
2 facebook.net
connect.facebook.net
114 KB
2 exelator.com
loadus.exelator.com
loadeu.exelator.com
648 B
2 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
32 KB
2 adsafeprotected.com
cdn.adsafeprotected.com
pixel.adsafeprotected.com
7 KB
1 turn.com
d.turn.com
411 B
1 chartbeat.net
ping.chartbeat.net
201 B
1 gstatic.com
fonts.gstatic.com
1 chartbeat.com
static.chartbeat.com
14 KB
1 criteo.com
dis.criteo.com
528 B
1 cookieless-data.com
js.cookieless-data.com
535 B
1 advangelists.com
nep.advangelists.com
234 B
1 extend.tv
sync.extend.tv
546 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
214 B
1 mookie1.com
odr.mookie1.com
324 B
1 agkn.com
aa.agkn.com
379 B
1 theadex.com
dmp.theadex.com
334 B
1 adition.com
dsp.adfarm1.adition.com
596 B
1 bemail.it
bn01.er.bemail.it
659 B
1 fwmrm.net
dmp.v.fwmrm.net
411 B
1 onetag-sys.com
onetag-sys.com
823 B
1 admanmedia.com
cs.admanmedia.com
524 B
1 pusher.com
stats.pusher.com
307 B
1 google.de
ampcid.google.de
1 loopme.me
csync.loopme.me
242 B
1 mzstatic.com
is2-ssl.mzstatic.com
5 KB
1 onetrust.com
geolocation.onetrust.com
398 B
1 google.com
ampcid.google.com
528 B
1 quantcount.com
rules.quantcount.com
1 KB
1 quantserve.com
secure.quantserve.com
10 KB
1 google-analytics.com
www.google-analytics.com
20 KB
1 cloudfront.net
d3l739e8r8y9v7.cloudfront.net
38 KB
222 75
Domain Requested by
20 live.primis.tech d3l739e8r8y9v7.cloudfront.net
genius.com
live.primis.tech
15 mwzeom.zeotap.com ads.us.e-planning.net
14 assets.genius.com genius.com
12 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
9 cm.g.doubleclick.net 9 redirects
9 cookie-cdn.cookiepro.com genius.com
cookie-cdn.cookiepro.com
d3l739e8r8y9v7.cloudfront.net
8 librato-collector.genius.com assets.genius.com
7 x.bidswitch.net 5 redirects genius.com
ssum.casalemedia.com
7 api.mixpanel.com genius.com
assets.genius.com
6 match.adsrvr.org 4 redirects ssum.casalemedia.com
bcp.crwdcntrl.net
6 a.audrte.com 3 redirects ads.us.e-planning.net
a.audrte.com
6 sync.console.adtarget.com.tr s.console.adtarget.com.tr
js.adscale.de
ads.us.e-planning.net
6 video.primis.tech genius.com
6 c.amazon-adsystem.com genius.com
c.amazon-adsystem.com
6 genius.com genius.com
d3l739e8r8y9v7.cloudfront.net
assets.genius.com
5 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
4 pixel.advertising.com 3 redirects genius.com
4 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
4 sync-tm.everesttech.net 4 redirects
4 pixel.tapad.com 3 redirects ads.us.e-planning.net
4 ads3.admatic.com.tr cdn.admatic.com.tr
genius.com
4 eus.rubiconproject.com d3l739e8r8y9v7.cloudfront.net
eus.rubiconproject.com
ads.us.e-planning.net
4 sessions.bugsnag.com assets.genius.com
3 ups.analytics.yahoo.com 1 redirects genius.com
3 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
bcp.crwdcntrl.net
3 bcp.crwdcntrl.net 2 redirects tags.crwdcntrl.net
3 dpm.demdex.net 3 redirects
3 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
3 sync.richaudience.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
3 s.e-planning.net ads.us.e-planning.net
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 ssum-sec.casalemedia.com 2 redirects ssum.casalemedia.com
3 ads.pubmatic.com d3l739e8r8y9v7.cloudfront.net
s.console.adtarget.com.tr
ads.us.e-planning.net
3 sb.scorecardresearch.com 1 redirects genius.com
3 securepubads.g.doubleclick.net genius.com
d3l739e8r8y9v7.cloudfront.net
securepubads.g.doubleclick.net
2 sync.crwdcntrl.net bcp.crwdcntrl.net
2 ps.eyeota.net genius.com
2 ads4.admatic.com.tr 2 redirects
2 r.scoota.co 2 redirects
2 tracking.m6r.eu 2 redirects
2 track.adform.net 2 redirects
2 token.rubiconproject.com genius.com
eus.rubiconproject.com
2 trc-events.taboola.com cdn.taboola.com
2 sync.mathtag.com 2 redirects
2 s.amazon-adsystem.com 1 redirects ssum.casalemedia.com
2 tags.bluekai.com 1 redirects bcp.crwdcntrl.net
2 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
2 idsync.frontend.weborama.fr 2 redirects
2 sync.tidaltv.com 2 redirects
2 dmp.adform.net 1 redirects spl.zeotap.com
2 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
2 ib.adnxs.com 1 redirects spl.zeotap.com
2 cdn.admatic.com.tr s.console.adtarget.com.tr
cdn.admatic.com.tr
2 ads.us.e-planning.net 1 redirects s.console.adtarget.com.tr
2 creativecdn.com 2 redirects
2 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
2 secure.adnxs.com 2 redirects
2 u.openx.net 2 redirects
2 sync.search.spotxchange.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 www.facebook.com genius.com
2 trc.taboola.com d3l739e8r8y9v7.cloudfront.net
spl.zeotap.com
2 i.clean.gg d3l739e8r8y9v7.cloudfront.net
2 connect.facebook.net genius.com
d3l739e8r8y9v7.cloudfront.net
1 d.turn.com 1 redirects
1 pixel-sync.sitescout.com bcp.crwdcntrl.net
1 ping.chartbeat.net
1 fonts.gstatic.com fonts.googleapis.com
1 static.chartbeat.com d3l739e8r8y9v7.cloudfront.net
1 dis.criteo.com 1 redirects
1 js.cookieless-data.com s.e-planning.net
1 tags.crwdcntrl.net s.e-planning.net
1 adscale-emea.adnxs.com 1 redirects
1 c1.adform.net ssum.casalemedia.com
1 nep.advangelists.com 1 redirects
1 sync.extend.tv 1 redirects
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 onetag-sys.com ads.us.e-planning.net
1 cs.admanmedia.com 1 redirects
1 rtb.openx.net 1 redirects
1 pixel.sitescout.com 1 redirects
1 cm.adform.net s.console.adtarget.com.tr
1 ads.adaptv.advertising.com live.primis.tech
1 stats.pusher.com d3l739e8r8y9v7.cloudfront.net
1 ampcid.google.de www.google-analytics.com
1 csync.loopme.me 1 redirects
1 s.console.adtarget.com.tr d3l739e8r8y9v7.cloudfront.net
1 fonts.googleapis.com d3l739e8r8y9v7.cloudfront.net
1 audio-ssl.itunes.apple.com genius.com
1 is2-ssl.mzstatic.com genius.com
1 geolocation.onetrust.com d3l739e8r8y9v7.cloudfront.net
1 ampcid.google.com www.google-analytics.com
1 js-cdn.music.apple.com genius.com
1 rules.quantcount.com d3l739e8r8y9v7.cloudfront.net
1 pixel.adsafeprotected.com cdn.adsafeprotected.com
1 cdn.taboola.com genius.com
1 loadus.exelator.com genius.com
1 secure.quantserve.com genius.com
1 www.google-analytics.com genius.com
1 ajax.googleapis.com genius.com
1 cdn.adsafeprotected.com genius.com
1 d3l739e8r8y9v7.cloudfront.net genius.com
222 112
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-08 -
2022-07-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.adsafeprotected.com
Amazon		 2021-07-21 -
2022-08-19		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
cookiepro.com
Cloudflare Inc ECC CA-3		 2021-05-20 -
2022-05-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-27 -
2021-11-25		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
i.clean.gg
GTS CA 1D4		 2021-10-22 -
2022-01-20		 3 months crt.sh
*.bugsnag.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-05 -
2022-05-05		 a year crt.sh
primis.tech
Go Daddy Secure Certificate Authority - G2		 2021-10-29 -
2022-06-18		 8 months crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
authorize.music.apple.com
Apple Public EV Server RSA CA 2 - G1		 2021-01-06 -
2022-02-05		 a year crt.sh
*.mixpanel.com
GeoTrust RSA CA 2018		 2020-04-20 -
2022-04-21		 2 years crt.sh
*.google.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2021-02-12 -
2022-02-11		 a year crt.sh
itunes.apple.com
Apple Public EV Server RSA CA 2 - G1		 2021-06-22 -
2022-07-22		 a year crt.sh
itunes-etls.itunes.apple.com
Apple Public EV Server RSA CA 2 - G1		 2020-12-16 -
2022-01-15		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2021-09-30 -
2021-12-29		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.pusher.com
Gandi Standard SSL CA 2		 2021-04-07 -
2022-04-21		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
sync.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2021-10-01 -
2021-12-30		 3 months crt.sh
ads.us.e-planning.net
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
cdn.admatic.com.tr
R3		 2021-11-13 -
2022-02-11		 3 months crt.sh
*.e-planning.net
R3		 2021-10-22 -
2022-01-20		 3 months crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
ads4.admatic.com.tr
R3		 2021-11-04 -
2022-02-02		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
onetag-sys.com
R3		 2021-11-02 -
2022-01-31		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-17 -
2021-12-18		 a year crt.sh
*.theadex.com
AlphaSSL CA - SHA256 - G2		 2021-10-01 -
2022-11-02		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
js.cookieless-data.com
R3		 2021-09-30 -
2021-12-29		 3 months crt.sh
*.eyeota.net
R3		 2021-10-26 -
2022-01-24		 3 months crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2021-05-20 -
2022-06-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-10-18 -
2022-04-26		 6 months crt.sh
*.sitescout.com
RapidSSL RSA CA 2018		 2020-01-15 -
2022-02-02		 2 years crt.sh

This page contains 25 frames:

Primary Page: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Frame ID: E11487578C1E75B44677BA696CFF8DA9
Requests: 74 HTTP requests in this frame

Frame: https://genius.com/songs/6857730/apple_music_player?react=1
Frame ID: BA454748C3FA5120D2A6E2D660AAD76E
Requests: 14 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveView.php?s=106935&cbuster=1637182828&pubUrlAuto=https%3A%2F%2Fgenius.com%2FLorey-jaune-orry-bad-vibes-lyrics&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&videoHelperParam=JTdCJTIycHJpbWlzX2N1c3RvbV90YXJnZXQlMjIlM0ElN0IlMjJzb25nX2lkJTIyJTNBJTVCJTIyNjg1NzczMCUyMiU1RCUyQyUyMnNvbmdfdGl0bGUlMjIlM0ElNUIlMjIlMjRvcnJ5JTIwQmFkJTIwVmliZXMlMjIlNUQlMkMlMjJhcnRpc3RfaWQlMjIlM0ElNUIlMjIyNzUyNjMxJTIyJTVEJTJDJTIyYXJ0aXN0X25hbWUlMjIlM0ElNUIlMjJMb3JleSUyMEphdW5lJTIyJTVEJTJDJTIyaXNfZXhwbGljaXQlMjIlM0ElNUIlMjJmYWxzZSUyMiU1RCUyQyUyMnBhZ2V2aWV3cyUyMiUzQSU1QiUyMjE4NCUyMiU1RCUyQyUyMnByaW1hcnlfdGFnX2lkJTIyJTNBJTVCJTIyMTQzNCUyMiU1RCUyQyUyMnByaW1hcnlfdGFnJTIyJTNBJTVCJTIycmFwJTIyJTVEJTJDJTIydGFnX2lkJTIyJTNBJTVCJTIyMTQzNCUyMiU1RCUyQyUyMnNvbmdfdGllciUyMiUzQSU1QiUyMkUlMjIlNUQlMkMlMjJ0b3BpYyUyMiUzQSU1QiU1RCUyQyUyMmhhc19zb25nX3N0b3J5JTIyJTNBJTVCJTIyZmFsc2UlMjIlNUQlMkMlMjJpbl90b3BfMTAlMjIlM0ElNUIlMjJmYWxzZSUyMiU1RCUyQyUyMmFydGlzdF9pbl90b3BfMTAlMjIlM0ElNUIlMjJmYWxzZSUyMiU1RCUyQyUyMmFsYnVtX2luX3RvcF8xMCUyMiUzQSU1QiUyMmZhbHNlJTIyJTVEJTJDJTIybmV3X3JlbGVhc2UlMjIlM0ElNUIlMjJmYWxzZSUyMiU1RCUyQyUyMnJlbGVhc2VfbW9udGglMjIlM0ElNUIlMjIyMDIxMDUlMjIlNUQlMkMlMjJyZWxlYXNlX3llYXIlMjIlM0ElNUIlMjIyMDIxJTIyJTVEJTJDJTIycmVsZWFzZV9kZWNhZGUlMjIlM0ElNUIlMjIyMDIwJTIyJTVEJTJDJTIyaW5fdG9wXzEwX3JhcCUyMiUzQSU1QiUyMmZhbHNlJTIyJTVEJTJDJTIyaW5fdG9wXzEwX3JvY2slMjIlM0ElNUIlMjJmYWxzZSUyMiU1RCUyQyUyMmluX3RvcF8xMF9jb3VudHJ5JTIyJTNBJTVCJTIyZmFsc2UlMjIlNUQlMkMlMjJpbl90b3BfMTBfcl9hbmRfYiUyMiUzQSU1QiUyMmZhbHNlJTIyJTVEJTJDJTIyaW5fdG9wXzEwX3BvcCUyMiUzQSU1QiUyMmZhbHNlJTIyJTVEJTJDJTIyZW52aXJvbm1lbnQlMjIlM0ElNUIlMjJwcm9kdWN0aW9uJTIyJTVEJTJDJTIycGxhdGZvcm0lMjIlM0ElNUIlMjJ3ZWIlMjIlNUQlMkMlMjJwbGF0Zm9ybV92YXJpYW50JTIyJTNBJTVCJTIyZGVza3RvcF9yZWFjdF8yX2NvbHVtbiUyMiU1RCUyQyUyMmFtcF92YXJpYW50JTIyJTNBJTVCJTIyYW1wX2Rpc2FibGVkJTIyJTVEJTJDJTIyYWRfcGFnZV90eXBlJTIyJTNBJTVCJTIyc29uZyUyMiU1RCUyQyUyMnJhbmRvbTI0JTIyJTNBMjMlMkMlMjJmaXJzdF9pbXByZXNzaW9uJTIyJTNBJTIydHJ1ZSUyMiU3RCU3RA==
Frame ID: 4044C80A6DD816ADC2F65DDE9AD24BDE
Requests: 22 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61956d6c3969a%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: B38F9F402CDE9685575DE42148C28F7E
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
Frame ID: 9B30B6E25012353D2E2D990FBEEA067B
Requests: 3 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=61956d6c3969a&pixel=&advId=94&advUuid=65091d09-47e9-11ec-991a-1024185a0206
Frame ID: 2BAA0979FA33DC6B05E429D77253FA37
Requests: 1 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=61956d6c3969a&pixel=&advId=98&advUuid=95ce778d-475f-47ec-a14e-793893d4693d
Frame ID: C183167473F793CC319263C4FECF0133
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: 966A077461A260B23C8E9474BCD40836
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: CC2237039828AFFEBF62B95D35ABFE1B
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: 6D542E13CF9ED8FA3BD2B6EF3F3B7C03
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=BIm0EyemdEKy0qOG5pjz&pi=admatic&tc=1
Frame ID: D43ECBD2803CFFEA2ED1A4B09E4B5DBC
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: 7DE940BFAE637CBAB4609533BF09E7B5
Requests: 14 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: D21DE2371EDF54E1B38327985F69185A
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: A02BE4AA3895CC6CAD383862AFACA5F3
Requests: 5 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: DDED17EA36C733BAD254EE7FAEE9F212
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: 986706B2B55CE8A703832495CCDA4519
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 1E14CEE6625D6351B83A0EEAC4A22BC3
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D54c5905a9fb7aac7%26uid%3D
Frame ID: B8A5C100CA11EE6BD71A20AF03DB7423
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D54c5905a9fb7aac7%26uid%3D
Frame ID: 370243A39B8807D8B6979A60EF7F2FE3
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: CF4435DB0F33E9014C5D2DA8DEADF530
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361&cmp=0
Frame ID: D8FA5B542789DC4BE7FC9535B6F69566
Requests: 31 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: B8D808642FAF6CBF9591A08DF626FBEB
Requests: 10 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: D2BC5D004CCE998A231E6E8EE82730E0
Requests: 2 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=APDfY1fmWZkfp2AO
Frame ID: 173A7E2E058A14CEC12B4CDED61943B3
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=15238/rand=350378186/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Frame ID: 6FB2F959F439F7BA07241C4A9BE93B18
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Lorey Jaune – $orry Bad Vibes Lyrics | Genius LyricsArrow Left #1 IconArrow right #1 IconBack ButtonFilter Button

Page Statistics

222
Requests

78 %
HTTPS

23 %
IPv6

75
Domains

112
Subdomains

74
IPs

10
Countries

2296 kB
Transfer

7396 kB
Size

83
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://sb.scorecardresearch.com/b?c1=2&c2=17151659&ns__t=1637182828129&ns_c=UTF-8&cv=3.5&c8=Lorey%C2%A0Jaune%20%E2%80%93%20%24orry%20Bad%20Vibes%20Lyrics%20%7C%20Genius%20Lyrics&c7=https%3A%2F%2Fgenius.com%2FLorey-jaune-orry-bad-vibes-lyrics&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=17151659&ns__t=1637182828129&ns_c=UTF-8&cv=3.5&c8=Lorey%C2%A0Jaune%20%E2%80%93%20%24orry%20Bad%20Vibes%20Lyrics%20%7C%20Genius%20Lyrics&c7=https%3A%2F%2Fgenius.com%2FLorey-jaune-orry-bad-vibes-lyrics&c9=
Request Chain 76
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=primis&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
Request Chain 77
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61956d6c3969a%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61956d6c3969a%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=65091d9e-47e9-11ec-991a-1024185a0206 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61956d6c3969a&pixel=&advId=94&advUuid=65091d09-47e9-11ec-991a-1024185a0206
Request Chain 78
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61956d6c3969a%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61956d6c3969a%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61956d6c3969a&pixel=&advId=98&advUuid=95ce778d-475f-47ec-a14e-793893d4693d
Request Chain 83
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61956d6c3969a%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61956d6c3969a&pixel=&advId=93&advUuid=da7711f9-b21f-45c4-ab19-96fc2724cb36
Request Chain 84
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61956d6c3969a%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61956d6c3969a%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61956d6c3969a&pixel=&advId=99&advUuid=YZVtbDTCEBZNxvFMq6uzmAAABFwAAAAB
Request Chain 85
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61956d6c3969a%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D61956d6c3969a%2526pixel%253D%2526advId%253D105%2526advUuid%253D%2524UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61956d6c3969a&pixel=&advId=105&advUuid=821115113677182690
Request Chain 106
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=BIm0EyemdEKy0qOG5pjz&pi=admatic&tc=1
Request Chain 107
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Request Chain 116
  • https://ih.adscale.de/uu?cbfn=receive&t=1637182829 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1637182829&nut&uu=16358ee81a6c4687b964b94add7d5c23
Request Chain 117
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D54c5905a9fb7aac7 HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=54c5905a9fb7aac7
Request Chain 119
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D54c5905a9fb7aac7%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=54c5905a9fb7aac7&uid=5bb51ef2-b286-4cf6-8ea7-2f0efec7e8a5
Request Chain 122
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D54c5905a9fb7aac7 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 123
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D54c5905a9fb7aac7%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=54c5905a9fb7aac7&uid=821115113677182690
Request Chain 124
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D54c5905a9fb7aac7%26uid%3D%7B%24UID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=54c5905a9fb7aac7&uid=1435d9a25b5abdeeccddd85874f1c55a3f4bb113
Request Chain 125
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 139
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEHeuJvBDeiZfq9OrlPzpvCA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Request Chain 140
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3e5971f4-8c1d-4aec-6be9-6a5183fab2af%26reqId%3D7eabbc2a-8771-4a5f-4adb-e1e8777b83e4%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3e5971f4-8c1d-4aec-6be9-6a5183fab2af%26reqId%3D7eabbc2a-8771-4a5f-4adb-e1e8777b83e4%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=ec27e2e2-1698-415d-89f7-93d0e9f41303&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Request Chain 142
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3e5971f4-8c1d-4aec-6be9-6a5183fab2af%26reqId%3D7eabbc2a-8771-4a5f-4adb-e1e8777b83e4%26zdid%3D1361 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3e5971f4-8c1d-4aec-6be9-6a5183fab2af%26reqId%3D7eabbc2a-8771-4a5f-4adb-e1e8777b83e4%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=a2d80979-e5cc-4ef3-b0ec-551690658956&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Request Chain 146
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7770e294-4aee-4d6b-85bf-94899203259a&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 147
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3e5971f4-8c1d-4aec-6be9-6a5183fab2af%26reqId%3D7eabbc2a-8771-4a5f-4adb-e1e8777b83e4%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3e5971f4-8c1d-4aec-6be9-6a5183fab2af%26reqId%3D7eabbc2a-8771-4a5f-4adb-e1e8777b83e4%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=21891298864711767191771818802304898268&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Request Chain 149
  • https://bn01.er.bemail.it/zeotap.php?_bid=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021111722-85904-0.919233001637182833-cf19f22705ff7eccd56bea5472ec8ef8&zdid=533&env=mWeb
Request Chain 150
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3e5971f4-8c1d-4aec-6be9-6a5183fab2af%26reqId%3D7eabbc2a-8771-4a5f-4adb-e1e8777b83e4%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7031646712423708825&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Request Chain 151
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=3e5971f4-8c1d-4aec-6be9-6a5183fab2af HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=3e5971f4-8c1d-4aec-6be9-6a5183fab2af
Request Chain 152
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3e5971f4-8c1d-4aec-6be9-6a5183fab2af%26reqId%3D7eabbc2a-8771-4a5f-4adb-e1e8777b83e4%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3e5971f4-8c1d-4aec-6be9-6a5183fab2af%26reqId%3D7eabbc2a-8771-4a5f-4adb-e1e8777b83e4%26zdid%3D1361&bounce=1&random=631667831 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=lbkQW.8H7pMtTSxI0D3CU.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Request Chain 154
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=3e5971f4-8c1d-4aec-6be9-6a5183fab2af?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=3e5971f4-8c1d-4aec-6be9-6a5183fab2af?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=da51093b16748e4babc5e5fb83a7178a&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Request Chain 155
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-a2llValE2orW0blcYE7yeu0TAIU6VMNMTw--~A&zpartnerid=570&env=mWeb
Request Chain 156
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=9iTACM8GFHNXaH9n44xPyCNUYGQVhAbp%2BS41iYitP1U%3D
Request Chain 160
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3e5971f4-8c1d-4aec-6be9-6a5183fab2af%26reqId%3D7eabbc2a-8771-4a5f-4adb-e1e8777b83e4%26zdid%3D1361 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3e5971f4-8c1d-4aec-6be9-6a5183fab2af%26reqId%3D7eabbc2a-8771-4a5f-4adb-e1e8777b83e4%26zdid%3D1361&_test=YZVtbgAFSsXE8gAz HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YZVtbgAFSsXE8gAz&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361&_test=YZVtbgAFSsXE8gAz
Request Chain 161
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3e5971f4-8c1d-4aec-6be9-6a5183fab2af%26reqId%3D7eabbc2a-8771-4a5f-4adb-e1e8777b83e4%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=deec6195-6d6d-4800-bb7b-07345f3649be&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Request Chain 162
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Request Chain 163
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361&dcc=t
Request Chain 164
  • https://tags.bluekai.com/site/87734?id=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Request Chain 165
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3e5971f4-8c1d-4aec-6be9-6a5183fab2af%26reqId%3D7eabbc2a-8771-4a5f-4adb-e1e8777b83e4%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Request Chain 167
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YZVtbDTCEBZNxvFMq6uzmAAABFwAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YZVtbDTCEBZNxvFMq6uzmAAABFwAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEHK-FfP_v4qGABXsN06u_1c&google_cver=1
Request Chain 169
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YZVtbDTCEBZNxvFMq6uzmAAA HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YZVtbDTCEBZNxvFMq6uzmAAA&google_tc= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMem77FVZX-AbnM2b6yVxt0&google_cver=1&gdpr=1
Request Chain 170
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZVtbDTCEBZNxvFMq6uzmAAABFwAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZVtbDTCEBZNxvFMq6uzmAAABFwAAAAB&dcc=t
Request Chain 171
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ee420e23-24ee-4af9-9616-ca85dd6cccaa
Request Chain 173
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-44bdbbd1-aec2-46f7-bf4d-55c6b8599032
Request Chain 176
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=b48e47b6e87b083939a61c47602b4fa2ca10db62a1fd0f70898984a10d17dbae&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F9f16f5b381c14c729741dde6fa7a8852%2F1637182829609%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=deec6195-6d6d-4800-bb7b-07345f3649be&gdpr=0&gdpr_consent=
Request Chain 181
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F9f16f5b381c14c729741dde6fa7a8852%2F1637182829609%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/9f16f5b381c14c729741dde6fa7a8852/1637182829609/0/img?tpid=75&tpuid=821115113677182690&gdpr=0
Request Chain 182
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=eb11ca27b9dc333213826b88d7aae0810f31e1fc125c4e6f16a720d9a8bed08a&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F9f16f5b381c14c729741dde6fa7a8852%2F1637182829609%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YZVtbDTCEBZNxvFMq6uzmAAA%261116
Request Chain 190
  • https://track.adform.net/serving/cookie/match/?party=9&uid=7b2d30fbf356d0957da04d138bed008d69bff7c793d974eb1cd9ca6d74abfea2&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F9f16f5b381c14c729741dde6fa7a8852%2F1637182829609%2F0%2Fimg&gdpr=0 HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=7b2d30fbf356d0957da04d138bed008d69bff7c793d974eb1cd9ca6d74abfea2&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F9f16f5b381c14c729741dde6fa7a8852%2F1637182829609%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/9f16f5b381c14c729741dde6fa7a8852/1637182829609/0/img?tpid=42&gdpr=0&tpuid=6860890447492531994
Request Chain 191
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=8e4ab72f4bf59f19a0b9ebf8afda35636d4e019f151bf3db98ae22e4b3413a35&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F9f16f5b381c14c729741dde6fa7a8852%2F1637182829609%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=7385a6e2-05c7-4639-9226-b96b0d39d7a6&gdpr=0
Request Chain 192
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP65ed38c5-47e9-11ec-96a7-06dd13ac9c68 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA2NWVkMzhjNS00N2U5LTExZWMtOTZhNy0wNmRkMTNhYzljNjg%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEJsMrmvLZ3AU8sBO-RlGSWw&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEJsMrmvLZ3AU8sBO-RlGSWw&google_cver=1&apid=UP65ed38c5-47e9-11ec-96a7-06dd13ac9c68
Request Chain 193
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=&_test=YZVtbgAFSt5yhwBR HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=YZVtbgAFSt5yhwBR&_origin=0&gdpr=1&gdpr_consent=&_test=YZVtbgAFSt5yhwBR
Request Chain 194
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=a2d80979-e5cc-4ef3-b0ec-551690658956&_origin=1&gdpr=1&gdpr_consent=
Request Chain 195
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=59d86c1a329e2238426cc821de85c4857370bfe5235852db3bfefd4127cb5e05&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F9f16f5b381c14c729741dde6fa7a8852%2F1637182829609%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=deec6195-6d6d-4800-bb7b-07345f3649be&gdpr=0&gdpr_consent=
Request Chain 196
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=d4247a778c61eb595e8291828eb64eb869986339e456d338f1ea8bc5ba3809f5&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F9f16f5b381c14c729741dde6fa7a8852%2F1637182829609%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=d4247a778c61eb595e8291828eb64eb869986339e456d338f1ea8bc5ba3809f5&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F9f16f5b381c14c729741dde6fa7a8852%2F1637182829609%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/9f16f5b381c14c729741dde6fa7a8852/1637182829609/0/js?tpid=48&tpuid=e3b886e7b8d3762db3f2bb34cbee088c
Request Chain 199
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=admatic HTTP 302
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=admatic HTTP 302
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=4506fbea-a1da-4516-9460-ed7f59d2dee3&ssp=admatic HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=be9d4b19-6f07-4582-bf39-cdb3663aab61&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=be9d4b19-6f07-4582-bf39-cdb3663aab61&dsp_uuid=&dsp_id=
Request Chain 202
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=h333VUlrSndS06d362p9ywzNQ&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=h333VUlrSndS06d362p9ywzNQ&gdpr=0&gdpr_consent=&google_gid=CAESEBKqwDUacaIAnNQwtYvAkY4&google_cver=1 HTTP 302
  • https://a.audrte.com/p
Request Chain 203
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6860890447492531994 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEBKqwDUacaIAnNQwtYvAkY4&google_cver=1 HTTP 302
  • https://ps.eyeota.net/match?bid=kh51m51&uid=h333VUlrSndS06d362p9ywzNQ&gdpr=0&gdpr_consent=
Request Chain 216
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=da51093b16748e4babc5e5fb83a7178a&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=21891298864711767191771818802304898268
Request Chain 219
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/da51093b16748e4babc5e5fb83a7178a/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3819829989951337740
Request Chain 221
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=admatic&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=a2d80979-e5cc-4ef3-b0ec-551690658956&expires=30&ssp=admatic&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=be9d4b19-6f07-4582-bf39-cdb3663aab61&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=be9d4b19-6f07-4582-bf39-cdb3663aab61&dsp_uuid=&dsp_id=

222 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Lorey-jaune-orry-bad-vibes-lyrics
genius.com/ 		177 KB
58 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0f2e5bc863e3c86acb20a216b5dd56e5424da4a704864f6f281346ed25854ff
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 17 Nov 2021 21:00:27 GMT
content-type
text/html; charset=utf-8
cf-ray
6afbe37c5be45c8c-FRA
cache-control
public, s-maxage=300
etag
W/"4a4fab2d617d106823e72a2681540501"
vary
X-Requested-With, Accept-Encoding
via
1.1 vegur
cf-cache-status
MISS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200 OK
x-frame-options
SAMEORIGIN
x-runtime
570
server
cloudflare
content-encoding
gzip
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
f9654740623b29bd9f40c75de6eab8c75c6f299ccb87fe332564a507511e28b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1047 / 526 of 1000 / last-modified: 1637181846"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26734
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 17 Nov 2021 21:00:27 GMT
script.js
d3l739e8r8y9v7.cloudfront.net/ 		110 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3l739e8r8y9v7.cloudfront.net/script.js
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9600:1d:ae6e:9cc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1e6c96d7d402a10673cb4a868ab5202997709a09a11e01b540262414e75ce6ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 20:55:42 GMT
content-encoding
gzip
last-modified
Wed, 17 Nov 2021 15:21:24 GMT
server
AmazonS3
age
286
etag
W/"ef324de729123226b923f295de14c6fc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront)
cache-control
max-age=600,public,must-revalidate
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
0rXwxI7-X3YzCJDrp8jmCLz5l608pfy_pP6ZLnzYj9r5bimLx-rytw==
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-111.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Tue, 16 Nov 2021 16:16:37 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
Age
103431
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-C2
X-Amz-Cf-Id
W3JF52A-zwJ1sDa_bMkJ12GFxTlKjblVwlGOHa6-hC9KTMin4GXTLQ==
reactSongClient.desktop-b99729570d03b22dadc2.js
assets.genius.com/javascripts/compiled/ 		699 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.genius.com/javascripts/compiled/reactSongClient.desktop-b99729570d03b22dadc2.js
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f41be24451707b44f13cff42c42e6821949ffdfbd25a456729946629773c0345

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:27 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Nov 2021 16:48:19 GMT
server
cloudflare
age
14773
etag
W/"bf3df76af45f259dd3d0a10adfbed7b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
6afbe3814f305c8c-FRA
x-amz-request-id
2P8FG60TNYY10KGW
x-amz-id-2
O0zTETE1uRKJZns1tlc1BILa4tne+KnBcpjXowwCu/32EKxa97varEMKaU60aAgMiatER+w5GaY=
reactVendors.desktop-ac33221f415d784668ac.js
assets.genius.com/javascripts/compiled/ 		160 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.genius.com/javascripts/compiled/reactVendors.desktop-ac33221f415d784668ac.js
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bffd88ef02d10961e4908657d5d67a2b501e9e6b96059d4ae8f859b2608d3c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:27 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Nov 2021 16:48:19 GMT
server
cloudflare
age
14772
etag
W/"3b6c2c1777da0eccae08c04268bd847e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
6afbe3814f2c5c8c-FRA
x-amz-request-id
2P888EQP9Y8HR806
x-amz-id-2
1Olu1/r4isE9jUOSyZtm11aIQeXB58OAY8y2Qyq+G/fD5J6IKZjBhEp4Dhojh5gSzDRvaeCbTa4=
reactPageVendors.desktop-d16627a127e1f6e08ec7.js
assets.genius.com/javascripts/compiled/ 		465 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.genius.com/javascripts/compiled/reactPageVendors.desktop-d16627a127e1f6e08ec7.js
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8375a152735ad57e4b07e9fd8165a70f4a09812235bb09375cb72883d4d6afd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:27 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Nov 2021 16:48:19 GMT
server
cloudflare
age
14772
etag
W/"040535fa0339a0b08901208c978e89ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
6afbe3814f2d5c8c-FRA
x-amz-request-id
2P824J66RTV42H15
x-amz-id-2
9gatcXU0ycWlKeWD8k0Kxs/RirJpkZlwnNa8cuRSe5O2n8bqJRkssO9E+tVjQU4/o5los1JuFuo=
reactPage.desktop-9c4325152e03dfc58c2b.js
assets.genius.com/javascripts/compiled/ 		246 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.genius.com/javascripts/compiled/reactPage.desktop-9c4325152e03dfc58c2b.js
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3cbfb92542913b58fdeadb09b9c36e52d8b05c4fc77f422e52e7571b7823632

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:27 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Nov 2021 16:48:19 GMT
server
cloudflare
age
14772
etag
W/"950c03dfc876f81c911c4ffea24df899"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
6afbe3814f285c8c-FRA
x-amz-request-id
2P8BPHCK4ZKP81Z9
x-amz-id-2
M6n2hGaAzMnYHKuIjBGnRv5McVjj8VeFMbYt8T17EPsrp4Ejw6kxqrllrR+K+/6N9ZGncBBYnsM=
reactAds.desktop-f22f007a888463b4b5a5.js
assets.genius.com/javascripts/compiled/ 		262 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.genius.com/javascripts/compiled/reactAds.desktop-f22f007a888463b4b5a5.js
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa454d0fead8ee48cf00779db3ae1d8bbbd49ae39fd9b27919671163af362dcc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:27 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 17 Nov 2021 16:48:19 GMT
server
cloudflare
age
14770
etag
W/"9d88da62cc80bf51a79c5c26dced4779"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
6afbe3814f2e5c8c-FRA
x-amz-request-id
2P8E44BQ8W2K1HCW
x-amz-id-2
QQLXyJHJTIsCpZIPTE+CU7gnfy4wY2HM1QBNlMEOs/C5imn3NgV6lc1BBJ0rjPSpTcobRdSE3pU=
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-201.fra56.r.cloudfront.net
Software
Server /
Resource Hash
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 20:59:22 GMT
content-encoding
gzip
age
64
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
01SGMQNF6N7YHR9RJPE6
etag
1e39d25f07f5619925357b752ab10d04
vary
Accept-Encoding
x-amz-version-id
KuXuY5mbG6yln5YsEdf9JaPJtFF6aIqm
via
1.1 753f415578c1ca010e51a83aef192331.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
RW3e84Lri1hwOq96ucJVu984DxKfodVo19--mrOJgXL9GT0SavdQrQ==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 		86 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f10.1e100.net
Software
sffe /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 14:53:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30774
x-xss-protection
0
last-modified
Mon, 13 May 2019 14:37:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Nov 2022 14:53:58 GMT
otSDKStub.js
cookie-cdn.cookiepro.com/scripttemplates/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:778 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Nov 2021 21:00:27 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
OPcq+YIYFFKAyM1Ar0weOg==
age
2587088
x-ms-lease-status
unlocked
last-modified
Thu, 07 Oct 2021 01:50:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e79150b9-401e-002c-406e-c4d4e2000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
cf-ray
6afbe3819f6a694b-FRA
expires
Thu, 25 Nov 2021 21:00:27 GMT
cmp-d86771e4f616099ea4ee.js
assets.genius.com/javascripts/compiled/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.genius.com/javascripts/compiled/cmp-d86771e4f616099ea4ee.js
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38fef7b97e54c3834964ccd292c6924589b9c021b910e3299ece0ad27d756451

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:27 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 09 Nov 2021 20:27:25 GMT
server
cloudflare
age
692842
etag
W/"de10f37a7818cf6b057f4cc957f5e6b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
6afbe3814f315c8c-FRA
x-amz-request-id
323G0J3MT96PPJ5C
x-amz-id-2
KXgj+yESh2Kqupgq1rOD1uH+//12tTmEWwJkN8aGEQxPVGI+HKhpLIRHfIQ4irW0ccQNvK2CxEs=
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7161
date
Wed, 17 Nov 2021 19:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 17 Nov 2021 21:01:07 GMT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:27 GMT
content-encoding
gzip
etag
"FMCWFRCBdbNj8Eh2c0G78Q=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Wed, 24 Nov 2021 21:00:27 GMT
truncated
/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
808609a16dafecbd6e0abf0f9632d1f94202e6847e75ed38bfb56a6a64681bff

Request headers

Referer
Origin
https://genius.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
font/woff2
programme_normal.woff2
assets.genius.com/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.genius.com/fonts/programme_normal.woff2?1637166956
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1260 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdc1e2f224b38e2fc0c28c1e7ae7b776c4952763ebaac88ae592cb313aa3b5b8

Request headers

Referer
https://genius.com/
Origin
https://genius.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:27 GMT
cf-cache-status
HIT
age
14778
cf-ray
6afbe3819b3c05fd-FRA
content-length
25244
x-amz-id-2
TDnQWr43X0UAEJc9r6JLOP1/F1QQahs4PSjU3qWvNZJ/R2U/ssoC+ziRa44gD3cTVpbYyLSylG8=
last-modified
Wed, 17 Nov 2021 16:47:45 GMT
server
cloudflare
etag
"1122b88bbcdb84737e3689b46524979f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
x-amz-request-id
ZN6KXGTGP1VGTHM9
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
font/woff2
/
loadus.exelator.com/load/ 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadus.exelator.com/load/?g=4&j=0&p=1183&page-type=song&user_signed_in=false
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:27 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
apple_music_player
genius.com/songs/6857730/ Frame BA45 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://genius.com/songs/6857730/apple_music_player?react=1
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a853f6db0007edff6f602bfa3150e0cae3080d2e38986ecbb2578365a0543ca

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics

Response headers

date
Wed, 17 Nov 2021 21:00:27 GMT
content-type
text/html; charset=utf-8
cf-ray
6afbe3819fd85c8c-FRA
cache-control
public, s-maxage=180
etag
W/"7dab1d8bbcd814db6b372a61b3ffe356"
vary
X-Requested-With, Accept-Encoding
via
1.1 vegur
cf-cache-status
MISS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status
200 OK
x-runtime
89
server
cloudflare
content-encoding
gzip
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-58.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 19:55:30 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
63416
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
ZVkv4CPKXTO5CpPZM3xhTnWMkZpH0Pc1TDoEz4Mv63g0dTHCMLvccQ==
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
9h2V0Xoge8CJLl0YmT//WelEHJmE76lCoJfKuCDu7A+Pw+MjSC4/WtFHuOFRvX4Flnmi/PxwMmfI+jw0WejFYw==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 17 Nov 2021 21:00:27 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1301520/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1301520/tfa.js
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c3a4190373e15485e065c6cf763bfdca85804e9afbe8fe7fb58057f216c9d478

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
x5Hq8HxmH9Irt5yCmEtckIwowG2ZMA4w
content-encoding
gzip
etag
"1415be354ca4d736e182555bb5f73832"
age
24
x-cache
HIT
x-amz-replication-status
PENDING
content-length
24894
x-amz-id-2
t4lcxYLiZSbj/S8/atVIsVvUJKjW9d5ArRMsb+9GuR4zm3J1DqvKVz+/kXGBe5QN4yB9lCKIDYs=
x-served-by
cache-hhn4049-HHN
last-modified
Sun, 14 Nov 2021 10:21:48 GMT
server
AmazonS3
x-timer
S1637182828.831655,VS0,VE1
date
Wed, 17 Nov 2021 21:00:27 GMT
vary
Accept-Encoding
x-amz-request-id
0D76FB781F2DTV3E
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
73
x-cache-hits
1
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://genius.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 17 Nov 2021 21:00:27 GMT
via
1.1 google
server
nginx/1.17.4
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
alt-svc
clear
content-length
0
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.17.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://genius.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx/1.17.4
date
Wed, 17 Nov 2021 21:00:27 GMT
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age
1728000
content-type
text/plain; charset=utf-8
content-length
0
via
1.1 google
alt-svc
clear
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin
https://genius.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
date
Wed, 17 Nov 2021 21:00:28 GMT
content-length
0
via
1.1 google
alt-svc
clear
/
sessions.bugsnag.com/ 		21 B
140 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: assets.genius.com
URL: https://assets.genius.com/javascripts/compiled/reactPageVendors.desktop-d16627a127e1f6e08ec7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://genius.com/
Bugsnag-Sent-At
2021-11-17T21:00:27.900Z
Accept-Language
de-DE,de;q=0.9
Bugsnag-Api-Key
a3ab84a89baa4ee509c9e3f71b9296e0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 17 Nov 2021 21:00:28 GMT
via
1.1 google
bugsnag-session-uuid
c7c673d8-62bc-42fa-95e6-9dc6bd53efcc
alt-svc
clear
content-length
21
content-type
application/json
count_view
genius.com/api/songs/6857730/ 		0
126 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://genius.com/api/songs/6857730/count_view
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
X-CSRF-Token
undefined
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

x-runtime
14
date
Wed, 17 Nov 2021 21:00:28 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
status
204 No Content
cache-control
no-cache
cf-ray
6afbe382db3c5c8c-FRA
reactPusher.desktop-f530b4227fd31adc43f9.js
genius.com/javascripts/compiled/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://genius.com/javascripts/compiled/reactPusher.desktop-f530b4227fd31adc43f9.js
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6a56a8c871c1d871df7f4be6b30bb8bb45da3ef8429a320ff8a73a9aab75b09

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cf-ray
6afbe382eb4d5c8c-FRA
date
Wed, 17 Nov 2021 21:00:28 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Thu, 04 Nov 2021 21:15:36 GMT
server
cloudflare
age
1121659
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200 OK
cache-control
public, max-age=31536000
content-encoding
gzip
access-control-allow-origin
*
reactMixpanel.desktop-6185fba11e3a0de65e73.js
genius.com/javascripts/compiled/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://genius.com/javascripts/compiled/reactMixpanel.desktop-6185fba11e3a0de65e73.js
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6e3bdcada87171e3ca39b4d050eb13b8271e3241021e3eb416df1ff108514d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cf-ray
6afbe382fb7a5c8c-FRA
date
Wed, 17 Nov 2021 21:00:28 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Thu, 04 Nov 2021 21:15:36 GMT
server
cloudflare
age
1121659
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200 OK
cache-control
public, max-age=31536000
content-encoding
gzip
access-control-allow-origin
*
default_cover_image.png
assets.genius.com/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.genius.com/images/default_cover_image.png?1637166956
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
352012e64cfb9f0f90cc2a8a316774ed99eb480ce2995e0e8e0d0662386d3299

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:28 GMT
cf-cache-status
HIT
age
14774
cf-polished
origSize=11481
cf-ray
6afbe382fb7e5c8c-FRA
content-length
6278
x-amz-id-2
G6d6ka9hrLfcx0NB6qd+OQSwJXny56StKuojBX8YbltBMzDV9mPjQima87BBloLH5DAEx7aFMR8=
last-modified
Wed, 17 Nov 2021 16:47:52 GMT
server
cloudflare
etag
"166833bb390e7b509e9e7cdb3639f81a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
E0JS68SP8JAVMF69
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
image/png
cf-bgj
imgq:85,h2pri
liveView.php
live.primis.tech/live/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=106935
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e943aa9f010fb0a87f925e824dd80e1d066d5e9ae7131c0035cb70070a5587f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
pub
pixel.adsafeprotected.com/services/ 		394 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=927569&slot=%7Bid:div-gpt-ad-desktop_song_combined_leaderboard-desktop_song_combined_leaderboard-1,s:728.90,p:/342026871/desktop_song_combined_leaderboard,t:display%7D&slot=%7Bid:div-gpt-ad-desktop_song_lyrics_sidebar-desktop_song_lyrics_sidebar-1,s:300.250,p:/342026871/desktop_song_lyrics_sidebar,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=545ca8fa-8ca9-ee9a-651a-2c25a5730271&url=https%253A%252F%252Fgenius.com%252FLorey-jaune-orry-bad-vibes-lyrics
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.159.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-159-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
45b781467a3fa6610c0410fc9d7d42d6a1f8f2b5d273dc551323ff6a9f67cb1f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:28 GMT
x-server-name
app23.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://genius.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
rules-p-f3CPQ6vHckedE.js
rules.quantcount.com/ 		696 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-f3CPQ6vHckedE.js
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
091db06757fca69fa19e86b396004a9b09d05ac1cdef4d6a8ca01e0621f50e7d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 20:38:31 GMT
via
1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront)
age
1320
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
696
last-modified
Tue, 10 Nov 2020 16:46:40 GMT
server
AmazonS3
etag
"9bc76ed5fa1476495dec7be2668904e6"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
DGJpLXnXto44PmzNHCoy6d0wR1SpwIS07Vy-OHNBF2yd0UMlCdbENA==
config
c.amazon-adsystem.com/cdn/prod/ 		0
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3459&u=https%3A%2F%2Fgenius.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-201.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 20:49:47 GMT
via
1.1 753f415578c1ca010e51a83aef192331.cloudfront.net (CloudFront)
server
Server
age
641
x-cache
Hit from cloudfront
access-control-allow-origin
https://genius.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
AjMwGpdoEA8aAmCtFs5KJ2iExUehQgCj3809Dog1OwAlVPnsR1v46Q==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-201.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 17:04:46 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
14143
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 09 Nov 2021 22:55:20 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
via
1.1 8fd360cd20d33fa1400394ae41746f67.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C2
content-type
application/javascript
x-amz-cf-id
-9_JsJmX_YQxg-dgdvJ4eiR8EA2FctDuFH0NYfQ2z_bzVvq_UZ5COA==
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3459&u=https%3A%2F%2Fgenius.com%2FLorey-jaune-orry-bad-vibes-lyrics&pid=GIJ7NQFS6Xl95&cb=0&ws=1600x1200&v=7.71.1&t=1000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-desktop_song_combined_leaderboard-desktop_song_combined_leaderboard-1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22desktop_song_combined_leaderboard%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-desktop_song_lyrics_sidebar-desktop_song_lyrics_sidebar-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22desktop_song_lyrics_sidebar%22%7D%5D&pj=%7B%22sections%22%3A%22song.rap%22%7D&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-201.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:28 GMT
via
1.1 753f415578c1ca010e51a83aef192331.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
x-amz-rid
R496JC8QD7P4X6B27TFF
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://genius.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
64
x-amz-cf-id
S8xN1SSmfv_E8TmxAToUGnAGj7LuxRMKecjGKrXri7c_-AaRKstAeg==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=17151659&ns__t=1637182828129&ns_c=UTF-8&cv=3.5&c8=Lorey%C2%A0Jaune%20%E2%80%93%20%24orry%20Bad%20Vibes%20Lyrics%20%7C%20Genius%20Lyrics&c7=https%3A%2F%2Fg...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=17151659&ns__t=1637182828129&ns_c=UTF-8&cv=3.5&c8=Lorey%C2%A0Jaune%20%E2%80%93%20%24orry%20Bad%20Vibes%20Lyrics%20%7C%20Genius%20Lyrics&c7=https%3A%2F%2F...
64 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=17151659&ns__t=1637182828129&ns_c=UTF-8&cv=3.5&c8=Lorey%C2%A0Jaune%20%E2%80%93%20%24orry%20Bad%20Vibes%20Lyrics%20%7C%20Genius%20Lyrics&c7=https%3A%2F%2Fgenius.com%2FLorey-jaune-orry-bad-vibes-lyrics&c9=
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Server
143.204.215.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-58.fra53.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:28 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
3M1jj7TpP3tfbPQBMq6QXxhC9bDhBFmaFhwIxUDjUEifG7LvSAEDHQ==

Redirect headers

date
Wed, 17 Nov 2021 21:00:28 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=17151659&ns__t=1637182828129&ns_c=UTF-8&cv=3.5&c8=Lorey%C2%A0Jaune%20%E2%80%93%20%24orry%20Bad%20Vibes%20Lyrics%20%7C%20Genius%20Lyrics&c7=https%3A%2F%2Fgenius.com%2FLorey-jaune-orry-bad-vibes-lyrics&c9=
content-length
269
x-amz-cf-id
6h-UjkChz5R81ZCKdgwjLyWITkzOotqBlyys562ruTNw0tEDxVc7Gw==
201983886890479
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/201983886890479?v=2.9.48&r=stable
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
50b65c6405e54f6af62b7836ece963d498e0f597583656223517f4ebd199bc29
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89174
x-xss-protection
0
pragma
public
x-fb-debug
XpW9qfw/RSZGSCP20oSJRWLvXvV31pywZ0Ovhd5Dw8UR4YWJE281VPKstXJES5MvOmJJxw0aO3OenUjIvHs/OA==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Wed, 17 Nov 2021 21:00:28 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
json
trc.taboola.com/1301520/trc/3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1301520/trc/3/json?tim=1637182828146&data=%7B%22id%22%3A203%2C%22ii%22%3A%22%2Florey-jaune-orry-bad-vibes-lyrics%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1637182828141%2C%22cv%22%3A%2220211114-1-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fgenius.com%2FLorey-jaune-orry-bad-vibes-lyrics%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dgenius-advertiser-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1637182828146%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fgenius.com%2FLorey-jaune-orry-bad-vibes-lyrics%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A17%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ef91f2d123ac5b0b4d47344294f5618f3feb38ac231176efcea33029587d39de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
17
date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
gzip
server
nginx
x-timer
S1637182828.161590,VS0,VE17
x-served-by
cache-hhn4049-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
pubads_impl_2021111101.js
securepubads.g.doubleclick.net/gpt/ 		343 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111101.js
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
604496ee6acca620cd59265c2302f6a03fe02d65bc5306d952f0fa94d92fa5c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117937
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 09:34:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 17 Nov 2021 21:00:28 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		172 B
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=genius.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
c2906f282b22da3acd8250d2640a5cc51e28b939852a8cad49b5950e4fc64aa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
114
x-xss-protection
0
expires
Wed, 17 Nov 2021 21:00:28 GMT
apple_music_player-dc40fbfe4b3526f6f273f7b9242869ad.css
assets.genius.com/stylesheets/compiled/ Frame BA45 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.genius.com/stylesheets/compiled/apple_music_player-dc40fbfe4b3526f6f273f7b9242869ad.css
Requested by
Host: genius.com
URL: https://genius.com/songs/6857730/apple_music_player?react=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97fb6702f99ca4122ce18ed737f09546d40ca0d15440fdb5dd66c2780183b4df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 22:16:22 GMT
server
cloudflare
age
513481
etag
W/"dc40fbfe4b3526f6f273f7b9242869ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
6afbe3840e795c8c-FRA
x-amz-request-id
5PMWRMMHMDDSZRN9
x-amz-id-2
dnJfLS4sbEHLsIpSFsDdu2EaBxsZBq/z5vA/889IuZ/CaJV2AZ8udJgXnHjq2Ehwc5Cq56cGY7w=
apple_music_player-4e049e68b81be176fc45.js
assets.genius.com/javascripts/compiled/ Frame BA45 		389 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.genius.com/javascripts/compiled/apple_music_player-4e049e68b81be176fc45.js
Requested by
Host: genius.com
URL: https://genius.com/songs/6857730/apple_music_player?react=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15f043853b5b3c3da82d1f955d5e775b925ca2e58eae5faf3a541ac43dd1bbe5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 11 Nov 2021 22:16:23 GMT
server
cloudflare
age
513481
etag
W/"0bed63391df546ba2e5bfa868b3d7f01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cf-ray
6afbe3840e7a5c8c-FRA
x-amz-request-id
5PMV15G6VC83H1W7
x-amz-id-2
0pZDNXIDWdEQd5W2V0L4CA/l0ZRjFmJPJ9ZKDmyP7efoXaQH3lQHtjxEUNTp8R00uhr4s/kLXco=
musickit.js
js-cdn.music.apple.com/musickit/v1/ Frame BA45 		230 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-cdn.music.apple.com/musickit/v1/musickit.js
Requested by
Host: genius.com
URL: https://genius.com/songs/6857730/apple_music_player?react=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::1fcf Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
daiquiri/3.0.0 /
Resource Hash
638b07dda0f438a7f4c609bd114bedcc9c15b100133b8b8ebffc7fb85197bcb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-apple-jingle-correlation-key
ZJNFZOJIQMYUAFY4QZNXA23NBI
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-responding-instance
silverbullet-external:2012:st47p00it-qujn11080301:8301:21REL4
x-daiquiri-instance
daiquiri:45887002:st44p00it-hyhk16064801:7987:21RELEASE187:daiquiri-amp-all-shared-int-001-st, daiquiri:48493001:st44p00it-hyhk15034601:7987:21RELEASE187:daiquiri-amp-all-shared-ext-001-st, daiquiri:47117002:st44p00it-hyhk15104901:7987:21RELEASE187:daiquiri-amp-store-shared-ext-002-st
x-apple-request-uuid
ca5a5cb9-2883-3140-171c-865b706b6d0a
content-length
54285
etag
40b3884272568618861bbec2af9ac315
apple-tk
false
last-modified
Thu, 11 Nov 2021 19:03:27 GMT
server
daiquiri/3.0.0
apple-seq
0.0
date
Wed, 17 Nov 2021 21:00:28 GMT
apple-originating-system
UnknownOriginatingSystem
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-transform, max-age=606
x-apple-version-number
2146.9.0
/
api.mixpanel.com/decide/ 		65 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=77967c52dc38186cc1aadebdd19e2a82&ip=1&_=1637182828186
Requested by
Host: genius.com
URL: https://genius.com/javascripts/compiled/reactMixpanel.desktop-6185fba11e3a0de65e73.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.241.186.35.bc.googleusercontent.com
Software
gunicorn/19.9.0 /
Resource Hash
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:28 GMT
via
1.1 google
server
gunicorn/19.9.0
access-control-allow-headers
X-Requested-With
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://genius.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
alt-svc
clear
/
api.mixpanel.com/track/ 		1 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRjdXJyZW50X3VybCI6ICJodHRwczovL2dlbml1cy5jb20vTG9yZXktamF1bmUtb3JyeS1iYWQtdmliZXMtbHlyaWNzIiwiJGJyb3dzZXJfdmVyc2lvbiI6IDk1LCIkc2NyZWVuX2hlaWdodCI6IDEyMDAsIiRzY3JlZW5fd2lkdGgiOiAxNjAwLCJtcF9saWIiOiAid2ViIiwiJGxpYl92ZXJzaW9uIjogIjIuMTUuMCIsImRpc3RpbmN0X2lkIjogIjE3ZDJmYjM2ZTk4ZDJmLTAyN2RlNWNhODkxNzVjLTU3YjE5M2UtMWQ0YzAwLTE3ZDJmYjM2ZTk5MTBiNCIsIiRpbml0aWFsX3JlZmVycmVyIjogIiRkaXJlY3QiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJtcF9wYWdlIjogImh0dHBzOi8vZ2VuaXVzLmNvbS9Mb3JleS1qYXVuZS1vcnJ5LWJhZC12aWJlcy1seXJpY3MiLCJtcF9icm93c2VyIjogIkNocm9tZSIsIm1wX3BsYXRmb3JtIjogIldpbmRvd3MiLCJ0b2tlbiI6ICI3Nzk2N2M1MmRjMzgxODZjYzFhYWRlYmRkMTllMmE4MiJ9fQ%3D%3D&ip=1&_=1637182828191
Requested by
Host: genius.com
URL: https://genius.com/javascripts/compiled/reactMixpanel.desktop-6185fba11e3a0de65e73.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.241.186.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
date
Wed, 17 Nov 2021 21:00:28 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://genius.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
alt-svc
clear
content-length
1
/
api.mixpanel.com/track/ 		1 B
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJzb25nOmxvYWQiLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRjdXJyZW50X3VybCI6ICJodHRwczovL2dlbml1cy5jb20vTG9yZXktamF1bmUtb3JyeS1iYWQtdmliZXMtbHlyaWNzIiwiJGJyb3dzZXJfdmVyc2lvbiI6IDk1LCIkc2NyZWVuX2hlaWdodCI6IDEyMDAsIiRzY3JlZW5fd2lkdGgiOiAxNjAwLCJtcF9saWIiOiAid2ViIiwiJGxpYl92ZXJzaW9uIjogIjIuMTUuMCIsIiRpbml0aWFsX3JlZmVycmVyIjogIiRkaXJlY3QiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJBTVAiOiBmYWxzZSwiZ2VuaXVzX3BsYXRmb3JtIjogIndlYiIsIklzIEVkaXRvciI6IGZhbHNlLCJJcyBNb2RlcmF0b3IiOiBmYWxzZSwiTG9nZ2VkIEluIjogZmFsc2UsIk1vYmlsZSBTaXRlIjogZmFsc2UsInJlYWN0IjogdHJ1ZSwiczNfcmVzcG9uc2UiOiAiZmFsc2UiLCJjZl9jYWNoZV9zdGF0dXMiOiAiWFgiLCJyZW5kZXJlZF93aXRoX2NhY2hlIjogIlhYIiwiU29uZyBJRCI6IDY4NTc3MzAsIlRpdGxlIjogIiRvcnJ5IEJhZCBWaWJlcyIsIlByaW1hcnkgQXJ0aXN0IjogIkxvcmV5IEphdW5lIiwiUHJpbWFyeSBBcnRpc3QgSUQiOiAyNzUyNjMxLCJQcmltYXJ5IEFsYnVtIjogbnVsbCwiUHJpbWFyeSBBbGJ1bSBJRCI6IG51bGwsIlRhZyI6ICJyYXAiLCJQcmltYXJ5IFRhZyI6ICJyYXAiLCJQcmltYXJ5IFRhZyBJRCI6IDE0MzQsIk11c2ljPyI6IHRydWUsIkFubm90YXRhYmxlIFR5cGUiOiAiU29uZyIsIkFubm90YXRhYmxlIElEIjogNjg1NzczMCwiZmVhdHVyZWRfdmlkZW8iOiBmYWxzZSwiY29ob3J0X2lkcyI6IFtdLCJoYXNfdmVyaWZpZWRfY2FsbG91dCI6IGZhbHNlLCJoYXNfZmVhdHVyZWRfYW5ub3RhdGlvbiI6IGZhbHNlLCJjcmVhdGVkX2F0IjogIjIwMjEtMDUtMjhUMTY6NDk6NDFaIiwiY3JlYXRlZF9tb250aCI6ICIyMDIxLTA1LTAxIiwiY3JlYXRlZF95ZWFyIjogMjAyMSwic29uZ190aWVyIjogIkUiLCJIYXMgUmVjaXJjdWxhdGVkIEFydGljbGVzIjogZmFsc2UsIkx5cmljcyBMYW5ndWFnZSI6ICJkZSIsIkhhcyBBcHBsZSBNYXRjaCI6IHRydWUsIlJlbGVhc2UgRGF0ZSI6ICIyMDIxLTA1LTI4IiwiTlJNIFRpZXIiOiBudWxsLCJOUk0gVGFyZ2V0IERhdGUiOiBudWxsLCJIYXMgRGVzY3JpcHRpb24iOiBmYWxzZSwiSGFzIFlvdXR1YmUgVVJMIjogZmFsc2UsIkhhcyBUcmFuc2xhdGlvbiBRJkEiOiBmYWxzZSwiQ29tbWVudCBDb3VudCI6IDAsInR3b19jb2x1bW5fc29uZ19wYWdlIjogdHJ1ZSwidG9rZW4iOiAiNzc5NjdjNTJkYzM4MTg2Y2MxYWFkZWJkZDE5ZTJhODIiLCIkX19jIjogMH19&ip=1&_=1637182828193
Requested by
Host: genius.com
URL: https://genius.com/javascripts/compiled/reactMixpanel.desktop-6185fba11e3a0de65e73.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.241.186.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
date
Wed, 17 Nov 2021 21:00:28 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://genius.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
12
alt-svc
clear
content-length
1
liveView.php
live.primis.tech/live/ Frame 4044 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=106935&cbuster=1637182828&pubUrlAuto=https%3A%2F%2Fgenius.com%2FLorey-jaune-orry-bad-vibes-lyrics&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=&videoHelperParam=JTdCJTIycHJpbWlzX2N1c3RvbV90YXJnZXQlMjIlM0ElN0IlMjJzb25nX2lkJTIyJTNBJTVCJTIyNjg1NzczMCUyMiU1RCUyQyUyMnNvbmdfdGl0bGUlMjIlM0ElNUIlMjIlMjRvcnJ5JTIwQmFkJTIwVmliZXMlMjIlNUQlMkMlMjJhcnRpc3RfaWQlMjIlM0ElNUIlMjIyNzUyNjMxJTIyJTVEJTJDJTIyYXJ0aXN0X25hbWUlMjIlM0ElNUIlMjJMb3JleSUyMEphdW5lJTIyJTVEJTJDJTIyaXNfZXhwbGljaXQlMjIlM0ElNUIlMjJmYWxzZSUyMiU1RCUyQyUyMnBhZ2V2aWV3cyUyMiUzQSU1QiUyMjE4NCUyMiU1RCUyQyUyMnByaW1hcnlfdGFnX2lkJTIyJTNBJTVCJTIyMTQzNCUyMiU1RCUyQyUyMnByaW1hcnlfdGFnJTIyJTNBJTVCJTIycmFwJTIyJTVEJTJDJTIydGFnX2lkJTIyJTNBJTVCJTIyMTQzNCUyMiU1RCUyQyUyMnNvbmdfdGllciUyMiUzQSU1QiUyMkUlMjIlNUQlMkMlMjJ0b3BpYyUyMiUzQSU1QiU1RCUyQyUyMmhhc19zb25nX3N0b3J5JTIyJTNBJTVCJTIyZmFsc2UlMjIlNUQlMkMlMjJpbl90b3BfMTAlMjIlM0ElNUIlMjJmYWxzZSUyMiU1RCUyQyUyMmFydGlzdF9pbl90b3BfMTAlMjIlM0ElNUIlMjJmYWxzZSUyMiU1RCUyQyUyMmFsYnVtX2luX3RvcF8xMCUyMiUzQSU1QiUyMmZhbHNlJTIyJTVEJTJDJTIybmV3X3JlbGVhc2UlMjIlM0ElNUIlMjJmYWxzZSUyMiU1RCUyQyUyMnJlbGVhc2VfbW9udGglMjIlM0ElNUIlMjIyMDIxMDUlMjIlNUQlMkMlMjJyZWxlYXNlX3llYXIlMjIlM0ElNUIlMjIyMDIxJTIyJTVEJTJDJTIycmVsZWFzZV9kZWNhZGUlMjIlM0ElNUIlMjIyMDIwJTIyJTVEJTJDJTIyaW5fdG9wXzEwX3JhcCUyMiUzQSU1QiUyMmZhbHNlJTIyJTVEJTJDJTIyaW5fdG9wXzEwX3JvY2slMjIlM0ElNUIlMjJmYWxzZSUyMiU1RCUyQyUyMmluX3RvcF8xMF9jb3VudHJ5JTIyJTNBJTVCJTIyZmFsc2UlMjIlNUQlMkMlMjJpbl90b3BfMTBfcl9hbmRfYiUyMiUzQSU1QiUyMmZhbHNlJTIyJTVEJTJDJTIyaW5fdG9wXzEwX3BvcCUyMiUzQSU1QiUyMmZhbHNlJTIyJTVEJTJDJTIyZW52aXJvbm1lbnQlMjIlM0ElNUIlMjJwcm9kdWN0aW9uJTIyJTVEJTJDJTIycGxhdGZvcm0lMjIlM0ElNUIlMjJ3ZWIlMjIlNUQlMkMlMjJwbGF0Zm9ybV92YXJpYW50JTIyJTNBJTVCJTIyZGVza3RvcF9yZWFjdF8yX2NvbHVtbiUyMiU1RCUyQyUyMmFtcF92YXJpYW50JTIyJTNBJTVCJTIyYW1wX2Rpc2FibGVkJTIyJTVEJTJDJTIyYWRfcGFnZV90eXBlJTIyJTNBJTVCJTIyc29uZyUyMiU1RCUyQyUyMnJhbmRvbTI0JTIyJTNBMjMlMkMlMjJmaXJzdF9pbXByZXNzaW9uJTIyJTNBJTIydHJ1ZSUyMiU3RCU3RA==
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
1efaa3aa4eaa36766514e579482336307138691a0134d536d42883a854a9408f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
d0e4f915-b2e6-4865-8f89-5d6eea27556f.json
cookie-cdn.cookiepro.com/consent/d0e4f915-b2e6-4865-8f89-5d6eea27556f/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/consent/d0e4f915-b2e6-4865-8f89-5d6eea27556f/d0e4f915-b2e6-4865-8f89-5d6eea27556f.json
Requested by
Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:778 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b57502dde790c05b9b120d1d8547a0e547658fce04a783b47e9b5bfd15a67585
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
UWpv9CsVNZveojTd4Muy4A==
age
12273
x-ms-lease-status
unlocked
last-modified
Thu, 28 Jan 2021 20:38:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
14a5d8e8-501e-0099-38c1-5947f0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
6afbe384aa9405e9-FRA
programme_normal.woff2
assets.genius.com/fonts/ Frame BA45 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.genius.com/fonts/programme_normal.woff2?1637166956
Requested by
Host: genius.com
URL: https://genius.com/songs/6857730/apple_music_player?react=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1260 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdc1e2f224b38e2fc0c28c1e7ae7b776c4952763ebaac88ae592cb313aa3b5b8

Request headers

Referer
https://genius.com/
Origin
https://genius.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:28 GMT
cf-cache-status
HIT
age
14779
cf-ray
6afbe38499e205fd-FRA
content-length
25244
x-amz-id-2
TDnQWr43X0UAEJc9r6JLOP1/F1QQahs4PSjU3qWvNZJ/R2U/ssoC+ziRa44gD3cTVpbYyLSylG8=
last-modified
Wed, 17 Nov 2021 16:47:45 GMT
server
cloudflare
etag
"1122b88bbcdb84737e3689b46524979f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
x-amz-request-id
ZN6KXGTGP1VGTHM9
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
font/woff2
publisher:getClientId
ampcid.google.com/v1/ 		74 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://genius.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://genius.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin
https://genius.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
date
Wed, 17 Nov 2021 21:00:28 GMT
content-length
0
via
1.1 google
alt-svc
clear
/
sessions.bugsnag.com/ Frame BA45 		21 B
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: assets.genius.com
URL: https://assets.genius.com/javascripts/compiled/apple_music_player-4e049e68b81be176fc45.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1.0
Referer
https://genius.com/
Bugsnag-Sent-At
2021-11-17T21:00:28.292Z
Accept-Language
de-DE,de;q=0.9
Bugsnag-Api-Key
6409a1457ac2a632116177bdc8cd525e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 17 Nov 2021 21:00:28 GMT
via
1.1 google
bugsnag-session-uuid
15442c47-b8ed-42b1-8e8a-3ab15b4bd4ef
alt-svc
clear
content-length
21
content-type
application/json
/
api.mixpanel.com/decide/ Frame BA45 		65 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=77967c52dc38186cc1aadebdd19e2a82&ip=1&_=1637182828543
Requested by
Host: assets.genius.com
URL: https://assets.genius.com/javascripts/compiled/apple_music_player-4e049e68b81be176fc45.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.241.186.35.bc.googleusercontent.com
Software
gunicorn/19.9.0 /
Resource Hash
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:28 GMT
via
1.1 google
server
gunicorn/19.9.0
access-control-allow-headers
X-Requested-With
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://genius.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
alt-svc
clear
/
api.mixpanel.com/track/ Frame BA45 		1 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJtcF9wYWdlX3ZpZXciLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRyZWZlcnJlciI6ICJodHRwczovL2dlbml1cy5jb20vTG9yZXktamF1bmUtb3JyeS1iYWQtdmliZXMtbHlyaWNzIiwiJHJlZmVycmluZ19kb21haW4iOiAiZ2VuaXVzLmNvbSIsIiRjdXJyZW50X3VybCI6ICJodHRwczovL2dlbml1cy5jb20vc29uZ3MvNjg1NzczMC9hcHBsZV9tdXNpY19wbGF5ZXI%2FcmVhY3Q9MSIsIiRicm93c2VyX3ZlcnNpb24iOiA5NSwiJHNjcmVlbl9oZWlnaHQiOiAxMjAwLCIkc2NyZWVuX3dpZHRoIjogMTYwMCwibXBfbGliIjogIndlYiIsIiRsaWJfdmVyc2lvbiI6ICIyLjE1LjAiLCIkaW5pdGlhbF9yZWZlcnJlciI6ICIkZGlyZWN0IiwiJGluaXRpYWxfcmVmZXJyaW5nX2RvbWFpbiI6ICIkZGlyZWN0IiwiQU1QIjogZmFsc2UsImdlbml1c19wbGF0Zm9ybSI6ICJ3ZWIiLCJkaXN0aW5jdF9pZCI6ICIxN2QyZmIzNmZmYWI4OC0wYzFkMWEzZTEzM2NlZi01N2IxOTNlLTFkNGMwMC0xN2QyZmIzNmZmYjk3OCIsIm1wX3BhZ2UiOiAiaHR0cHM6Ly9nZW5pdXMuY29tL3NvbmdzLzY4NTc3MzAvYXBwbGVfbXVzaWNfcGxheWVyP3JlYWN0PTEiLCJtcF9yZWZlcnJlciI6ICJodHRwczovL2dlbml1cy5jb20vTG9yZXktamF1bmUtb3JyeS1iYWQtdmliZXMtbHlyaWNzIiwibXBfYnJvd3NlciI6ICJDaHJvbWUiLCJtcF9wbGF0Zm9ybSI6ICJXaW5kb3dzIiwidG9rZW4iOiAiNzc5NjdjNTJkYzM4MTg2Y2MxYWFkZWJkZDE5ZTJhODIifX0%3D&ip=1&_=1637182828546
Requested by
Host: assets.genius.com
URL: https://assets.genius.com/javascripts/compiled/apple_music_player-4e049e68b81be176fc45.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.241.186.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
date
Wed, 17 Nov 2021 21:00:28 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://genius.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
alt-svc
clear
content-length
1
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		193 B
398 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6afbe386aaf95ca4-FRA
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=201983886890479&ev=PageView&dl=https%3A%2F%2Fgenius.com%2FLorey-jaune-orry-bad-vibes-lyrics&rl=&if=false&ts=1637182828592&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637182828590.1389821794&it=1637182828137&coo=false&exp=p0&rqm=GET
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Wed, 17 Nov 2021 21:00:28 GMT
ab_tests
genius.com/api/ Frame BA45 		167 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://genius.com/api/ab_tests
Requested by
Host: assets.genius.com
URL: https://assets.genius.com/javascripts/compiled/apple_music_player-4e049e68b81be176fc45.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
414d63bb8c8016e416c7787af8f6cec96d8c6e03016a6d8e3c147e8e8f5f6c51

Request headers

Accept
application/json, text/plain, */*
Referer
https://genius.com/songs/6857730/apple_music_player?react=1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cf-ray
6afbe386bcd75c8c-FRA
x-runtime
6
date
Wed, 17 Nov 2021 21:00:28 GMT
via
1.1 vegur
cf-cache-status
MISS
server
cloudflare
etag
W/"93371f0587eca309d98b80979338d1b3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
status
200 OK
cache-control
private, max-age=0, must-revalidate
content-encoding
gzip
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame 4044 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
etag
W/"5e441350-4be0"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 17 Nov 2022 21:00:28 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 4044 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-228f"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 17 Nov 2022 21:00:28 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame 4044 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:49 GMT
server
nginx
etag
W/"6024fccd-1ef8"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 17 Nov 2022 21:00:28 GMT
hls.0.12.4_2.min.js
live.primis.tech/content/video/hls/ Frame 4044 		256 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:27 GMT
content-encoding
gzip
last-modified
Thu, 13 Aug 2020 08:36:05 GMT
server
nginx
etag
W/"5f34fb75-3ff27"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 17 Nov 2022 21:00:27 GMT
prebidVid.5.18.0_5.min.js
live.primis.tech/content/prebid/ Frame 4044 		482 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.5.18.0_5.min.js
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
c927cf1403a388bd30e9897076106da0a2014f054deb5982b16669ef35abf613

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
gzip
last-modified
Sun, 14 Nov 2021 09:05:48 GMT
server
nginx
etag
W/"6190d16c-788a4"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 17 Nov 2022 21:00:28 GMT
liveVideo.php
live.primis.tech/live/ Frame 4044 		499 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D31375F32337D7B7331363233343734397D7B4335377D7B535A3256756158567A4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630387D7B593334327D7B66317D7B4C393837337DFEFE&userIpAddr=185.213.155.162&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&kv_enc_1=song_id%3D6857730%26song_title%3D%2524orry%2520Bad%2520Vibes%26artist_id%3D2752631%26artist_name%3DLorey%2520Jaune%26is_explicit%3Dfalse%26pageviews%3D184%26primary_tag_id%3D1434%26primary_tag%3Drap%26tag_id%3D1434%26song_tier%3DE%26topic%3D%26has_song_story%3Dfalse%26in_top_10%3Dfalse%26artist_in_top_10%3Dfalse%26album_in_top_10%3Dfalse%26new_release%3Dfalse%26release_month%3D202105%26release_year%3D2021%26release_decade%3D2020%26in_top_10_rap%3Dfalse%26in_top_10_rock%3Dfalse%26in_top_10_country%3Dfalse%26in_top_10_r_and_b%3Dfalse%26in_top_10_pop%3Dfalse%26environment%3Dproduction%26platform%3Dweb%26platform_variant%3Ddesktop_react_2_column%26amp_variant%3Damp_disabled%26ad_page_type%3Dsong%26random24%3D23%26first_impression%3Dtrue&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61956d6c3969a&debugInfo=16234749_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16234749&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1f65omnkpyqs&secondaryContent=&x=608&y=342&pubUrl=https%3A%2F%2Fgenius.com%2FLorey-jaune-orry-bad-vibes-lyrics&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=75&impGap=2&flow_width=300&flow_height=169&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=9873&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=genius.com
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a50fc75c4c3f0ed576b43e43c845e339f11b968c4066f16c2f8846cffe6f2567

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
otBannerSdk.js
cookie-cdn.cookiepro.com/scripttemplates/6.13.0/ 		366 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/otBannerSdk.js
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:778 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
078981fc821f3cf39ab491128cca5f9e9f9aeda1987a4baf81ce5ddc3bbe860c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
pY8Rr438h7Vb2adEFDW1VA==
age
2587086
x-ms-lease-status
unlocked
last-modified
Thu, 28 Jan 2021 07:32:07 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b335c2c7-c01e-000d-786e-c4f099000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
cf-ray
6afbe3870e6d694b-FRA
expires
Thu, 25 Nov 2021 21:00:28 GMT
72x72bb.jpg
is2-ssl.mzstatic.com/image/thumb/Music115/v4/52/0d/21/520d21ed-dd53-1e94-35b7-028b7e9d6bf8/artwork.jpg/ Frame BA45 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://is2-ssl.mzstatic.com/image/thumb/Music115/v4/52/0d/21/520d21ed-dd53-1e94-35b7-028b7e9d6bf8/artwork.jpg/72x72bb.jpg
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1b2::2a1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
ATS/9.0.3 /
Resource Hash
256aa438d5ea9a50f5c171480fef786e23128c0f9ef5cc61ae5babb0c7c6e111
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-apple-jingle-correlation-key
WOM2DWETL3ALCRC67N5SK2UJNM
strict-transport-security
max-age=31536000; includeSubDomains
etag
"MSwxLjE3LjMtMjFKLDIwRTI0MSwxNjMxMjQyODA5MDU1LGlzQnVpbGRWZXJzaW9uTm90U2V0LDcwMzgyLG5vRWZmZWN0"
x-b3-traceid
b399a1d8935ec0b1445efb7b256a896b
x-daiquiri-instance
daiquiri:43624002:st44p00it-hyhk15014701:7987:21RELEASE150:daiquiri-amp-processing-shared-int-001-st
x-apple-request-uuid
b399a1d8-935e-c0b1-445e-fb7b256a896b
b3
b399a1d8935ec0b1445efb7b256a896b-61adde10ccb307c9
content-length
4046
server
ATS/9.0.3
x-cache
TCP_MISS from a2-16-187-141.deploy.akamaitechnologies.com (AkamaiGHost/10.4.5-36865675) (-)
apple-tk
false
last-modified
Fri, 10 Sep 2021 03:00:09 GMT
x-cache-remote
TCP_HIT from a2-16-187-15.deploy.akamaitechnologies.com (AkamaiGHost/10.4.6-37171458) (-)
apple-seq
0.0
date
Wed, 17 Nov 2021 21:00:28 GMT
apple-originating-system
UnknownOriginatingSystem
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Type,ETag,Cache-Control,Expires,Last-Modified
cache-control
no-transform, max-age=10975595
x-b3-spanid
61adde10ccb307c9
cdnuuid
04134286-2a23-434c-bbd4-43346382e648-5568979606
mzaf_4875448676549805090.plus.aac.p.m4a
audio-ssl.itunes.apple.com/itunes-assets/AudioPreview115/v4/69/09/62/69096298-706b-4731-c2bc-d39224f3a7fb/ Frame BA45 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://audio-ssl.itunes.apple.com/itunes-assets/AudioPreview115/v4/69/09/62/69096298-706b-4731-c2bc-d39224f3a7fb/mzaf_4875448676549805090.plus.aac.p.m4a
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:198::20b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://genius.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=0-

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
etag
"94A2618B06E7F1D3250D4730D5858FE2"
x-icloud-content-length
1003433
cdnuuid
54030a8f-1565-4d59-ab6a-c8cf87410b62-5988417439
Content-Range
bytes 0-1003432/1003433
x-apple-request-uuid
71be2606-848b-4ad6-a035-1cfe60b8e91b, 71be2606-848b-4ad6-a035-1cfe60b8e91b
x-icloud-availability
[DL, B, L]
x-icloud-versionid
c1f8e160-be70-11eb-ae33-248a074d0bbc
x-responding-server
massilia_protocol_025:325004302:mr31p01if-zteh08023901.mr.if.apple.com:8081:21R61:01e5c5c5816a
Content-Length
1003433
last-modified
Wed, 26 May 2021 22:21:46 GMT
date
Wed, 17 Nov 2021 21:00:28 GMT
access-control-max-age
3000
access-control-allow-methods
HEAD, GET, PUT
content-type
audio/x-m4p
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3888000
x-apple-ms-content-length
1003433
x-dlb-upstream
10.117.149.196:8081
accept-ranges
bytes
access-control-allow-headers
range
access-control-allow-credentials
false
jacques_full.m4a
assets.genius.com/sounds/ Frame BA45 		97 KB
98 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://assets.genius.com/sounds/jacques_full.m4a?1637166956
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9563c8ba4252fe32c7fd5fa77db89077c0d7d12f0b30f39585159864c4652046

Request headers

Referer
https://genius.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
cf-cache-status
DYNAMIC
last-modified
Wed, 17 Nov 2021 16:47:43 GMT
server
cloudflare
x-amz-request-id
W0YP7SWP6Z3N9HB0
etag
"ca793442b4776134ad301543cdfc48ea"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
audio/MP4A-LATM
Content-Range
bytes 0-99765/99766
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6afbe3873e125c8c-FRA
Content-Length
99766
x-amz-id-2
DiQZfFd9sNjnSPCrcgOi03JhWeLPT6gAeHHtSNjVASPyPJB6QFidCvvrLybLM4wTa4j0X2zoRVs=
programme_light.woff2
assets.genius.com/fonts/ Frame BA45 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.genius.com/fonts/programme_light.woff2?1637166956
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1260 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
808609a16dafecbd6e0abf0f9632d1f94202e6847e75ed38bfb56a6a64681bff

Request headers

Referer
https://genius.com/
Origin
https://genius.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:28 GMT
cf-cache-status
HIT
age
14778
cf-ray
6afbe3873f8905fd-FRA
content-length
25124
x-amz-id-2
Re/nOUaEkRprRKccoNXyKB52E0J78prByA7FFwdlHXSvKgKkXknZwKw5ba3gyVDDFnMym+yuaT4=
last-modified
Wed, 17 Nov 2021 16:47:44 GMT
server
cloudflare
etag
"5c57211af2c40d77b1dd9a27b5c88b7f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
x-amz-request-id
E0JKEXG26V4P2TPT
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
font/woff2
/
api.mixpanel.com/track/ Frame BA45 		1 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJhcHBsZV9wbGF5ZXI6cGxheWVyX3JlYWR5IiwicHJvcGVydGllcyI6IHsiJG9zIjogIldpbmRvd3MiLCIkYnJvd3NlciI6ICJDaHJvbWUiLCIkcmVmZXJyZXIiOiAiaHR0cHM6Ly9nZW5pdXMuY29tL0xvcmV5LWphdW5lLW9ycnktYmFkLXZpYmVzLWx5cmljcyIsIiRyZWZlcnJpbmdfZG9tYWluIjogImdlbml1cy5jb20iLCIkY3VycmVudF91cmwiOiAiaHR0cHM6Ly9nZW5pdXMuY29tL3NvbmdzLzY4NTc3MzAvYXBwbGVfbXVzaWNfcGxheWVyP3JlYWN0PTEiLCIkYnJvd3Nlcl92ZXJzaW9uIjogOTUsIiRzY3JlZW5faGVpZ2h0IjogMTIwMCwiJHNjcmVlbl93aWR0aCI6IDE2MDAsIm1wX2xpYiI6ICJ3ZWIiLCIkbGliX3ZlcnNpb24iOiAiMi4xNS4wIiwiJGluaXRpYWxfcmVmZXJyZXIiOiAiJGRpcmVjdCIsIiRpbml0aWFsX3JlZmVycmluZ19kb21haW4iOiAiJGRpcmVjdCIsIkFNUCI6IGZhbHNlLCJnZW5pdXNfcGxhdGZvcm0iOiAid2ViIiwiTG9nZ2VkIEluIjogZmFsc2UsIk1vYmlsZSBTaXRlIjogZmFsc2UsIlRhZyI6ICJyYXAiLCJwcm92aWRlciI6ICJhcHBsZSIsInByb3ZpZGVyX2lkIjogIjE1Njk0OTIwODUiLCJzb25nIjogIiRvcnJ5IEJhZCBWaWJlcyIsInNvbmdfaWQiOiA2ODU3NzMwLCJ1c2VyX2lkIjogbnVsbCwiU29uZyBJRCI6IDY4NTc3MzAsIlRpdGxlIjogIiRvcnJ5IEJhZCBWaWJlcyIsIlByaW1hcnkgQXJ0aXN0IjogIkxvcmV5IEphdW5lIiwiUHJpbWFyeSBBcnRpc3QgSUQiOiAyNzUyNjMxLCJQcmltYXJ5IEFsYnVtIjogbnVsbCwiUHJpbWFyeSBBbGJ1bSBJRCI6IG51bGwsIlByaW1hcnkgVGFnIjogInJhcCIsIlByaW1hcnkgVGFnIElEIjogMTQzNCwiTXVzaWM%2FIjogdHJ1ZSwiQW5ub3RhdGFibGUgVHlwZSI6ICJTb25nIiwiQW5ub3RhdGFibGUgSUQiOiA2ODU3NzMwLCJmZWF0dXJlZF92aWRlbyI6IGZhbHNlLCJjb2hvcnRfaWRzIjogW10sImhhc192ZXJpZmllZF9jYWxsb3V0IjogZmFsc2UsImhhc19mZWF0dXJlZF9hbm5vdGF0aW9uIjogZmFsc2UsImNyZWF0ZWRfYXQiOiAiMjAyMS0wNS0yOFQxNjo0OTo0MVoiLCJjcmVhdGVkX21vbnRoIjogIjIwMjEtMDUtMDEiLCJjcmVhdGVkX3llYXIiOiAyMDIxLCJzb25nX3RpZXIiOiAiRSIsIkhhcyBSZWNpcmN1bGF0ZWQgQXJ0aWNsZXMiOiBmYWxzZSwiTHlyaWNzIExhbmd1YWdlIjogImRlIiwiSGFzIEFwcGxlIE1hdGNoIjogdHJ1ZSwiUmVsZWFzZSBEYXRlIjogIjIwMjEtMDUtMjgiLCJOUk0gVGllciI6IG51bGwsIk5STSBUYXJnZXQgRGF0ZSI6IG51bGwsIkhhcyBEZXNjcmlwdGlvbiI6IGZhbHNlLCJIYXMgWW91dHViZSBVUkwiOiBmYWxzZSwiSGFzIFRyYW5zbGF0aW9uIFEmQSI6IGZhbHNlLCJDb21tZW50IENvdW50IjogMCwicmVhY3QiOiB0cnVlLCJhbXBfY2FjaGUiOiBmYWxzZSwiY29udGFpbmluZ19mcmFtZV9pc19mdWxsYmxlZWQiOiB0cnVlLCJ0aW1lc3RhbXAiOiAxNjM3MTgyODI4NjQwLCJpc19wbGF5ZXJfdmlzaWJsZSI6IHRydWUsImlzX3VzZXJfYXV0aGVudGljYXRlZF93aXRoX2FwcGxlX211c2ljIjogZmFsc2UsIm11c2lja2l0X3ZlcnNpb24iOiAiMS4xOTMyLjAtMyIsImN1cnJlbnRfc3RvcmVmcm9udCI6ICJ1cyIsInRva2VuIjogIjc3OTY3YzUyZGMzODE4NmNjMWFhZGViZGQxOWUyYTgyIiwiJF9fYyI6IDB9fQ%3D%3D&ip=1&_=1637182828686
Requested by
Host: assets.genius.com
URL: https://assets.genius.com/javascripts/compiled/apple_music_player-4e049e68b81be176fc45.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.241.186.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
date
Wed, 17 Nov 2021 21:00:28 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://genius.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
18
alt-svc
clear
content-length
1
en.json
cookie-cdn.cookiepro.com/consent/d0e4f915-b2e6-4865-8f89-5d6eea27556f/8f930147-04a5-4e35-a19e-acd51aad8156/ 		45 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/consent/d0e4f915-b2e6-4865-8f89-5d6eea27556f/8f930147-04a5-4e35-a19e-acd51aad8156/en.json
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:778 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5ad6f99067d69c8de329cb1baa8e0dce6ba3f420a1aadbca4aafdedcef6e938
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
h/zyCD1aGpkm5JHtRh3CMA==
age
10751
x-ms-lease-status
unlocked
last-modified
Thu, 28 Jan 2021 20:38:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
8114d066-601e-0082-5976-8179f3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
6afbe387898605e9-FRA
iab2Data.json
cookie-cdn.cookiepro.com/vendorlist/ 		255 KB
37 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/vendorlist/iab2Data.json
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:778 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15ee4859d75dbe88fb13c3583ab2e198c0c8f51298eadfc8aa3f2c16f373fc96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
kOxckJPXjJkLM2T7qp3uUA==
age
10757
x-ms-lease-status
unlocked
last-modified
Thu, 15 Jul 2021 11:12:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
813a7fe5-b01e-0065-346e-c49609000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
cf-ray
6afbe387898805e9-FRA
expires
Thu, 18 Nov 2021 01:00:28 GMT
otTCF.js
cookie-cdn.cookiepro.com/scripttemplates/6.13.0/ 		67 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/otTCF.js
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:778 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f63ab5fa8d3973eef6d6366052135fb3958b54ca2149cc691864b03ed7d848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
O4pYvrmqusOrAenZ/pvytA==
age
2587086
x-ms-lease-status
unlocked
last-modified
Thu, 28 Jan 2021 07:32:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3f0d3e66-b01e-00ae-4e6e-c4955c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
cf-ray
6afbe3878fc2694b-FRA
expires
Thu, 25 Nov 2021 21:00:28 GMT
primisslate.css
live.primis.tech/content/video/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
gzip
last-modified
Tue, 18 Aug 2020 10:07:25 GMT
server
nginx
etag
W/"5f3ba85d-45c8"
content-type
text/css
apstag.js
c.amazon-adsystem.com/aax2/ Frame 4044 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-201.fra56.r.cloudfront.net
Software
Server /
Resource Hash
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 20:59:22 GMT
content-encoding
gzip
age
65
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
01SGMQNF6N7YHR9RJPE6
etag
1e39d25f07f5619925357b752ab10d04
vary
Accept-Encoding
x-amz-version-id
KuXuY5mbG6yln5YsEdf9JaPJtFF6aIqm
via
1.1 753f415578c1ca010e51a83aef192331.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
lB-tImrxCMMpZ1jpC_hfMG_LGtcl3CcCNmqpDTEVhQ0EwXf_uNrx-w==
css
fonts.googleapis.com/ 		1 KB
930 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Assistant&display=swap
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
137231356bfa88b77d4b0fa5bcff25a7ee47b571d6c5d907be4c20c1762114ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 17 Nov 2021 20:25:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 17 Nov 2021 21:00:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 17 Nov 2021 21:00:30 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B38F 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61956d6c3969a%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=40317
expires
Thu, 18 Nov 2021 08:12:25 GMT
date
Wed, 17 Nov 2021 21:00:28 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9B30
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=primis&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 17 Nov 2021 21:00:28 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
Date
Wed, 17 Nov 2021 21:00:28 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
liveCS.php
live.primis.tech/live/ Frame 2BAA
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61956d6c3969a%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61956d6c3969a%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61956d6c3969a&pixel=&advId=94&advUuid=65091d09-47e9-11ec-991a-1024185a0206
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61956d6c3969a&pixel=&advId=94&advUuid=65091d09-47e9-11ec-991a-1024185a0206
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/

Response headers

server
nginx
date
Wed, 17 Nov 2021 21:00:28 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 17 Nov 2021 21:00:28 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61956d6c3969a&pixel=&advId=94&advUuid=65091d09-47e9-11ec-991a-1024185a0206
X-fe
69
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
liveCS.php
live.primis.tech/live/ Frame C183
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61956d6c3969a%26pixel%3D%26advId%3D98%26advU...
  • https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61956d6c3969a%26pixel%3D%26advId%3D98%2...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61956d6c3969a&pixel=&advId=98&advUuid=95ce778d-475f-47ec-a14e-793893d4693d
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61956d6c3969a&pixel=&advId=98&advUuid=95ce778d-475f-47ec-a14e-793893d4693d
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/

Response headers

server
nginx
date
Wed, 17 Nov 2021 21:00:28 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

vary
Accept, Accept-Encoding
server
OXGW/16.218.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61956d6c3969a&pixel=&advId=98&advUuid=95ce778d-475f-47ec-a14e-793893d4693d
date
Wed, 17 Nov 2021 21:00:28 GMT
content-type
text/html
content-length
0
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync.html
s.console.adtarget.com.tr/ Frame 966A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
951390bcfaccee7d73d88621882776f7f0b55799217f47d1feb0f339acb8f41a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/

Response headers

Server
VertaMedia 1.0
Date
Wed, 17 Nov 2021 21:00:29 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
850
Access-Control-Allow-Origin
https://genius.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
liveView.php
live.primis.tech/live/ Frame 4044 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMvUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTI2OCUlRaZcZGViXmVyY2EmY2MjODRyMDUlOTE0NwtjODpyMxZ2nWQ2MTxlZDp3NwM1ZwElMDImMDYlMTQ0Lz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU3MDtjJaZcZF9wo250ZW50X2Ryp2M9Q29cK0kypzF5KlUlMyRXSU5ORU0yMwIeT2ZznWNcYWjeTHylnWNmKlUlNvgNZWFhnW5aKlU3QlgWZXJcZzyyZCZ2nWRsY29hqGVhqF90nXRfZT1Do2xeTGVlYXxeJTIlVFqJTx5FTSUlMvgPZzZcY2yuoCgMrXJcY3MeJTI2K01yYW5cozpeJTqDK1ZypzyznWVxJaZcZF9wo250ZW50X2R1pzF0nW9hPTI4OSZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTYjOCZ5PTM0MvZjqWJVpzj9nHR0pHMyM0EyMxYyMxZaZW5cqXMhY29gJTJGTG9lZXxgnzF1ozUgo3JlrS1vYWQgqzyvZXMgoHylnWNmJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmElRDMkMmElRDMkMmp1RwMlMmM3RDqCNmMmMTM2MmImMmM0MmpmNDM5N0Q3QwQmMmUmNmqEN0I1MmVBMmI1Nwp1NwE1ODU2N0E0QmZENEU3NwYlNTEmRDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmAmODqEN0I1OTMmMmQmMwqEN0I2NwMkN0Q3QwRDMmxmODM3MmM3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUjLwEjNDxzZ2ViTG9hZm04LwYlOTUzqXNypxyjQWRxpw0kODUhMwEmLwE1NS4kNwIzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx1LwAhNDYmOC41NCgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9JzNmqXVcZD02MTx1NzQ2YmM5NwyuJzNvqXN0ZXI9MTYmNmE4MwtlODt3MvZeqy9yozNsMT1mo25aX2yxJTNENwt1NmpmMCUlNaNiozqsqGy0oGUyM0QyMwUlNG9lpaxyMwUlMEJuZCUlNTIjVzyvZXMyMwZupaRcp3RsnWQyM0QlNmUlNwMkJTI2YXJ0nXN0X25uoWUyM0RMo3JyrSUlNTIjSzF1ozUyMwZcp19yrHBfnWNcqCUmRGZuoHNyJTI2pGFaZXZcZXqmJTNEMTt0JTI2pHJcoWFlrV90YWqsnWQyM0QkNDM0JTI2pHJcoWFlrV90YWpyM0RlYXAyMwZ0YWqsnWQyM0QkNDM0JTI2p29hZ190nWVlJTNERSUlNaRipGywJTNEJTI2nGFmX3Niozqsp3RipaxyM0RzYWkmZSUlNzyhX3RipF8kMCUmRGZuoHNyJTI2YXJ0nXN0X2yhX3RipF8kMCUmRGZuoHNyJTI2YWkvqW1snW5sqG9jXmEjJTNEZzFfp2UyMwZhZXqspzVfZWFmZSUmRGZuoHNyJTI2pzVfZWFmZV9go250nCUmRDIjMwEjNSUlNaJyoGVup2VsrWVupvUmRDIjMwEyMwZlZWkyYXNyX2RyY2FxZSUmRDIjMwAyMwZcoy90o3BsMTBspzFjJTNEZzFfp2UyMwZcoy90o3BsMTBspz9wnlUmRGZuoHNyJTI2nW5sqG9jXmEjX2NiqW50paxyM0RzYWkmZSUlNzyhX3RipF8kMF9lX2FhZF9vJTNEZzFfp2UyMwZcoy90o3BsMTBspG9jJTNEZzFfp2UyMwZyoaZcpz9hoWVhqCUmRHBlo2R1Y3Rco24yMwZjoGF0Zz9loSUmRHqyYvUlNaBfYXRzo3JgX3ZupzyuoaQyM0RxZXNeqG9jX3JyYWN0XmJsY29fqW1hJTI2YW1jX3ZupzyuoaQyM0RuoXBsZGymYWJfZWQyMwZuZF9jYWqyX3R5pGUyM0Rmo25aJTI2pzFhZG9gMwQyM0QlMlUlNzZcpaN0X2ygpHJyp3Nco24yM0R0paVyJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D31375F32337D7B7331363233343734397D7B4335377D7B535A3256756158567A4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630387D7B593334327D7B66317D7B4C393837337DFEFE&userIpAddr=185.213.155.162&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&kv_enc_1=song_id%3D6857730%26song_title%3D%2524orry%2520Bad%2520Vibes%26artist_id%3D2752631%26artist_name%3DLorey%2520Jaune%26is_explicit%3Dfalse%26pageviews%3D184%26primary_tag_id%3D1434%26primary_tag%3Drap%26tag_id%3D1434%26song_tier%3DE%26topic%3D%26has_song_story%3Dfalse%26in_top_10%3Dfalse%26artist_in_top_10%3Dfalse%26album_in_top_10%3Dfalse%26new_release%3Dfalse%26release_month%3D202105%26release_year%3D2021%26release_decade%3D2020%26in_top_10_rap%3Dfalse%26in_top_10_rock%3Dfalse%26in_top_10_country%3Dfalse%26in_top_10_r_and_b%3Dfalse%26in_top_10_pop%3Dfalse%26environment%3Dproduction%26platform%3Dweb%26platform_variant%3Ddesktop_react_2_column%26amp_variant%3Damp_disabled%26ad_page_type%3Dsong%26random24%3D23%26first_impression%3Dtrue&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61956d6c3969a&debugInfo=16234749_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16234749&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1f65omnkpyqs&secondaryContent=&x=608&y=342&pubUrl=https%3A%2F%2Fgenius.com%2FLorey-jaune-orry-bad-vibes-lyrics&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=75&impGap=2&flow_width=300&flow_height=169&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=9873&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=genius.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5bc7011353c6600af370f00fda582820065b1909969fc659d266afa9cab00bfc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://genius.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
3277
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTYmNmE4MwtlOCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTA2OTM1JaN0YT0jJat9NwA4Jax9MmQlJaZcZF9jYXNmRG9gYWyhPWqyozy1pl5wo20zp3VvSWQ9Z2VhnXVmLzNioSZxZWJ1Z0yhZz9loWF0nW9hPSZcp0FjpD0jJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmElRDMkMmElRDMkMmp1RwMlMmM3RDqCNmMmMTM2MmImMmM0MmpmNDM5N0Q3QwQmMmUmNmqEN0I1MmVBMmI1Nwp1NwE1ODU2N0E0QmZENEU3NwYlNTEmRDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmAmODqEN0I1OTMmMmQmMwqEN0I2NwMkN0Q3QwRDMmxmODM3MmM3REZFRxUzZGyunWQ9JaVmZXJJpEFxZHI9MTt1LwIkMl4kNTUhMTYlJaVmZXJVQT1No3ccoGkuJTJGNS4jJTIjJTI4V2yhZG93plUlME5UJTIjMTAhMCUmQvUlMFqcowY0JTNCJTIjrDY0JTI5JTIjQXBjoGVXZWJLnXQyMxY1MmphMmYyMwAyMwuLSFRNTCUlQlUlMGkcn2UyMwBHZWNeolUlOSUlMENbpz9gZSUlRwx1LwAhNDYmOC41NCUlMFNuZzFlnSUlRwUmNl4mNvZwp3V1nWQ9NwE5NTZxNzMmOTY5YSZwo250ZW50RzyfZUyxPTAzoWVxnWFQoGF5TGymqEyxPTAzoWVxnWFMnXN0SWQ9MCZaZHBlPTEzZ2RjpxNioaNyoaQ9JzymV2VQYXNmR2Rjpw0jJzNwpGE9MCZwY3BuQ29hp2VhqD0zY2J1p3Rypw0kNwM3MTtlODI4ODQ3JaVcZD1TZWgcozRiU1BfYXyypwYkOTU2ZDZwOWM0ODUzpHVvVXJfPWu0qHBmJTNBJTJGJTJGZ2VhnXVmLzNioSUlRxkipzV5LWcuqW5yLW9lpaxgYzFxLXZcYzVmLWk5pzywplZzoG9uqFN0YXR1pm1zYWkmZSZynWRmpD1jpzVvnWQ=
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
sync
x.bidswitch.net/ Frame 4044 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&user_id=61956d6c3969a&custom_data=61956d6c3969a;live.primis.tech&gdpr=1&gdpr_consent=
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.61.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-61-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 17 Nov 2021 21:00:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame 4044
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61956d6c3969a%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61956d6c3969a&pixel=&advId=93&advUuid=da7711f9-b21f-45c4-ab19-96fc2724cb36
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61956d6c3969a&pixel=&advId=93&advUuid=da7711f9-b21f-45c4-ab19-96fc2724cb36
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61956d6c3969a&pixel=&advId=93&advUuid=da7711f9-b21f-45c4-ab19-96fc2724cb36
date
Wed, 17 Nov 2021 21:00:28 GMT
server
_
content-length
0
liveCS.php
live.primis.tech/live/ Frame 4044
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61956d6c3969a%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61956d6c3969a%26pixel%3D%26advId%3D99%26advUuid%3D&s=192962&C=1
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61956d6c3969a&pixel=&advId=99&advUuid=YZVtbDTCEBZNxvFMq6uzmAAABFwAAAAB
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61956d6c3969a&pixel=&advId=99&advUuid=YZVtbDTCEBZNxvFMq6uzmAAABFwAAAAB
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Wed, 17 Nov 2021 21:00:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61956d6c3969a&pixel=&advId=99&advUuid=YZVtbDTCEBZNxvFMq6uzmAAABFwAAAAB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
334
Expires
Wed, 17 Nov 2021 21:00:28 GMT
liveCS.php
live.primis.tech/live/ Frame 4044
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61956d6c3969a%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.primis.tech%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D61956d6c3969a%2526pixel%253D%2526advId%253D105%2526ad...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=61956d6c3969a&pixel=&advId=105&advUuid=821115113677182690
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61956d6c3969a&pixel=&advId=105&advUuid=821115113677182690
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Wed, 17 Nov 2021 21:00:28 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
38bf1986-96c3-4328-b49e-371ed0bde22b
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=61956d6c3969a&pixel=&advId=105&advUuid=821115113677182690
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vid6192d77635f12023062144.jpg
video.primis.tech/uploads/cn2/video/users/converted/29268/video_5eca3cc084e05291468087/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn2/video/users/converted/29268/video_5eca3cc084e05291468087/vid6192d77635f12023062144.jpg?cbuster=1637013372
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
c0aae37fdf736f31c3296589a70053f4a9adcab6591f13b2c3af37a45b09979b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:28 GMT
via
1.1 d9a98758c9298742942e003275c97f92.cloudfront.net (CloudFront)
last-modified
Mon, 15 Nov 2021 21:59:05 GMT
server
Tengine
x-amz-cf-pop
OTP50-C1
etag
"c170a7146b107c05e8c48bc3e6088bba"
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 01 Dec 2021 21:00:28 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
10303
x-amz-cf-id
hjD43fxoeK-xpcuFH0KPXA8fCVi636SWgbGqk_nbnbCGbiNX4MgD7A==
x-proxy-cache
HIT
liveView.php
live.primis.tech/live/ Frame 4044 		189 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMvUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTI2OCUlRaZcZGViXmVyY2EmY2MjODRyMDUlOTE0NwtjODpyMxZ2nWQ2MTxlZDp3NwM1ZwElMDImMDYlMTQ0Lz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU3MDtjJaZcZF9wo250ZW50X2Ryp2M9Q29cK0kypzF5KlUlMyRXSU5ORU0yMwIeT2ZznWNcYWjeTHylnWNmKlUlNvgNZWFhnW5aKlU3QlgWZXJcZzyyZCZ2nWRsY29hqGVhqF90nXRfZT1Do2xeTGVlYXxeJTIlVFqJTx5FTSUlMvgPZzZcY2yuoCgMrXJcY3MeJTI2K01yYW5cozpeJTqDK1ZypzyznWVxJaZcZF9wo250ZW50X2R1pzF0nW9hPTI4OSZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTY4NCZ5PTM4NSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZaZW5cqXMhY29gJTJGTG9lZXxgnzF1ozUgo3JlrS1vYWQgqzyvZXMgoHylnWNmJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmElRDMkMmElRDMkMmp1RwMlMmM3RDqCNmMmMTM2MmImMmM0MmpmNDM5N0Q3QwQmMmUmNmqEN0I1MmVBMmI1Nwp1NwE1ODU2N0E0QmZENEU3NwYlNTEmRDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmAmODqEN0I1OTMmMmQmMwqEN0I2NwMkN0Q3QwRDMmxmODM3MmM3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUjLwEjNDxzZ2ViTG9hZm04LwYlOTUzqXNypxyjQWRxpw0kODUhMwEmLwE1NS4kNwIzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx1LwAhNDYmOC41NCgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9JzNmqXVcZD02MTx1NzQ2YmM5NwyuJzNvqXN0ZXI9MTYmNmE4MwtlODxkOSZeqy9yozNsMT1mo25aX2yxJTNENwt1NmpmMCUlNaNiozqsqGy0oGUyM0QyMwUlNG9lpaxyMwUlMEJuZCUlNTIjVzyvZXMyMwZupaRcp3RsnWQyM0QlNmUlNwMkJTI2YXJ0nXN0X25uoWUyM0RMo3JyrSUlNTIjSzF1ozUyMwZcp19yrHBfnWNcqCUmRGZuoHNyJTI2pGFaZXZcZXqmJTNEMTt0JTI2pHJcoWFlrV90YWqsnWQyM0QkNDM0JTI2pHJcoWFlrV90YWpyM0RlYXAyMwZ0YWqsnWQyM0QkNDM0JTI2p29hZ190nWVlJTNERSUlNaRipGywJTNEJTI2nGFmX3Niozqsp3RipaxyM0RzYWkmZSUlNzyhX3RipF8kMCUmRGZuoHNyJTI2YXJ0nXN0X2yhX3RipF8kMCUmRGZuoHNyJTI2YWkvqW1snW5sqG9jXmEjJTNEZzFfp2UyMwZhZXqspzVfZWFmZSUmRGZuoHNyJTI2pzVfZWFmZV9go250nCUmRDIjMwEjNSUlNaJyoGVup2VsrWVupvUmRDIjMwEyMwZlZWkyYXNyX2RyY2FxZSUmRDIjMwAyMwZcoy90o3BsMTBspzFjJTNEZzFfp2UyMwZcoy90o3BsMTBspz9wnlUmRGZuoHNyJTI2nW5sqG9jXmEjX2NiqW50paxyM0RzYWkmZSUlNzyhX3RipF8kMF9lX2FhZF9vJTNEZzFfp2UyMwZcoy90o3BsMTBspG9jJTNEZzFfp2UyMwZyoaZcpz9hoWVhqCUmRHBlo2R1Y3Rco24yMwZjoGF0Zz9loSUmRHqyYvUlNaBfYXRzo3JgX3ZupzyuoaQyM0RxZXNeqG9jX3JyYWN0XmJsY29fqW1hJTI2YW1jX3ZupzyuoaQyM0RuoXBsZGymYWJfZWQyMwZuZF9jYWqyX3R5pGUyM0Rmo25aJTI2pzFhZG9gMwQyM0QlMlUlNzZcpaN0X2ygpHJyp3Nco24yM0R0paVyJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D31375F32337D7B7331363233343734397D7B4335377D7B535A3256756158567A4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630387D7B593334327D7B66317D7B4C393837337DFEFE&userIpAddr=185.213.155.162&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&kv_enc_1=song_id%3D6857730%26song_title%3D%2524orry%2520Bad%2520Vibes%26artist_id%3D2752631%26artist_name%3DLorey%2520Jaune%26is_explicit%3Dfalse%26pageviews%3D184%26primary_tag_id%3D1434%26primary_tag%3Drap%26tag_id%3D1434%26song_tier%3DE%26topic%3D%26has_song_story%3Dfalse%26in_top_10%3Dfalse%26artist_in_top_10%3Dfalse%26album_in_top_10%3Dfalse%26new_release%3Dfalse%26release_month%3D202105%26release_year%3D2021%26release_decade%3D2020%26in_top_10_rap%3Dfalse%26in_top_10_rock%3Dfalse%26in_top_10_country%3Dfalse%26in_top_10_r_and_b%3Dfalse%26in_top_10_pop%3Dfalse%26environment%3Dproduction%26platform%3Dweb%26platform_variant%3Ddesktop_react_2_column%26amp_variant%3Damp_disabled%26ad_page_type%3Dsong%26random24%3D23%26first_impression%3Dtrue&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61956d6c3969a&debugInfo=16234749_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16234749&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1f65omnkpyqs&secondaryContent=&x=608&y=342&pubUrl=https%3A%2F%2Fgenius.com%2FLorey-jaune-orry-bad-vibes-lyrics&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=75&impGap=2&flow_width=300&flow_height=169&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=9873&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=genius.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5ea2f4fb00f490b1dedf17f7841d7261151cf1bdd3b73264625ccde59e257aeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://genius.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
14897
liveView.php
live.primis.tech/live/ Frame 4044 		91 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMvUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTI2OCUlRaZcZGViXmVyY2EmY2MjODRyMDUlOTE0NwtjODpyMxZ2nWQ2MTxlZDp3NwM1ZwElMDImMDYlMTQ0Lz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU3MDtjJaZcZF9wo250ZW50X2Ryp2M9Q29cK0kypzF5KlUlMyRXSU5ORU0yMwIeT2ZznWNcYWjeTHylnWNmKlUlNvgNZWFhnW5aKlU3QlgWZXJcZzyyZCZ2nWRsY29hqGVhqF90nXRfZT1Do2xeTGVlYXxeJTIlVFqJTx5FTSUlMvgPZzZcY2yuoCgMrXJcY3MeJTI2K01yYW5cozpeJTqDK1ZypzyznWVxJaZcZF9wo250ZW50X2R1pzF0nW9hPTI4OSZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTMjMCZ5PTE2OSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZaZW5cqXMhY29gJTJGTG9lZXxgnzF1ozUgo3JlrS1vYWQgqzyvZXMgoHylnWNmJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmElRDMkMmElRDMkMmp1RwMlMmM3RDqCNmMmMTM2MmImMmM0MmpmNDM5N0Q3QwQmMmUmNmqEN0I1MmVBMmI1Nwp1NwE1ODU2N0E0QmZENEU3NwYlNTEmRDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmAmODqEN0I1OTMmMmQmMwqEN0I2NwMkN0Q3QwRDMmxmODM3MmM3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUjLwEjNDxzZ2ViTG9hZm04LwYlOTUzqXNypxyjQWRxpw0kODUhMwEmLwE1NS4kNwIzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx1LwAhNDYmOC41NCgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9JzNmqXVcZD02MTx1NzQ2YmM5NwyuJzNvqXN0ZXI9MTYmNmE4MwtlODxlNCZeqy9yozNsMT1mo25aX2yxJTNENwt1NmpmMCUlNaNiozqsqGy0oGUyM0QyMwUlNG9lpaxyMwUlMEJuZCUlNTIjVzyvZXMyMwZupaRcp3RsnWQyM0QlNmUlNwMkJTI2YXJ0nXN0X25uoWUyM0RMo3JyrSUlNTIjSzF1ozUyMwZcp19yrHBfnWNcqCUmRGZuoHNyJTI2pGFaZXZcZXqmJTNEMTt0JTI2pHJcoWFlrV90YWqsnWQyM0QkNDM0JTI2pHJcoWFlrV90YWpyM0RlYXAyMwZ0YWqsnWQyM0QkNDM0JTI2p29hZ190nWVlJTNERSUlNaRipGywJTNEJTI2nGFmX3Niozqsp3RipaxyM0RzYWkmZSUlNzyhX3RipF8kMCUmRGZuoHNyJTI2YXJ0nXN0X2yhX3RipF8kMCUmRGZuoHNyJTI2YWkvqW1snW5sqG9jXmEjJTNEZzFfp2UyMwZhZXqspzVfZWFmZSUmRGZuoHNyJTI2pzVfZWFmZV9go250nCUmRDIjMwEjNSUlNaJyoGVup2VsrWVupvUmRDIjMwEyMwZlZWkyYXNyX2RyY2FxZSUmRDIjMwAyMwZcoy90o3BsMTBspzFjJTNEZzFfp2UyMwZcoy90o3BsMTBspz9wnlUmRGZuoHNyJTI2nW5sqG9jXmEjX2NiqW50paxyM0RzYWkmZSUlNzyhX3RipF8kMF9lX2FhZF9vJTNEZzFfp2UyMwZcoy90o3BsMTBspG9jJTNEZzFfp2UyMwZyoaZcpz9hoWVhqCUmRHBlo2R1Y3Rco24yMwZjoGF0Zz9loSUmRHqyYvUlNaBfYXRzo3JgX3ZupzyuoaQyM0RxZXNeqG9jX3JyYWN0XmJsY29fqW1hJTI2YW1jX3ZupzyuoaQyM0RuoXBsZGymYWJfZWQyMwZuZF9jYWqyX3R5pGUyM0Rmo25aJTI2pzFhZG9gMwQyM0QlMlUlNzZcpaN0X2ygpHJyp3Nco24yM0R0paVyJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D31375F32337D7B7331363233343734397D7B4335377D7B535A3256756158567A4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630387D7B593334327D7B66317D7B4C393837337DFEFE&userIpAddr=185.213.155.162&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&kv_enc_1=song_id%3D6857730%26song_title%3D%2524orry%2520Bad%2520Vibes%26artist_id%3D2752631%26artist_name%3DLorey%2520Jaune%26is_explicit%3Dfalse%26pageviews%3D184%26primary_tag_id%3D1434%26primary_tag%3Drap%26tag_id%3D1434%26song_tier%3DE%26topic%3D%26has_song_story%3Dfalse%26in_top_10%3Dfalse%26artist_in_top_10%3Dfalse%26album_in_top_10%3Dfalse%26new_release%3Dfalse%26release_month%3D202105%26release_year%3D2021%26release_decade%3D2020%26in_top_10_rap%3Dfalse%26in_top_10_rock%3Dfalse%26in_top_10_country%3Dfalse%26in_top_10_r_and_b%3Dfalse%26in_top_10_pop%3Dfalse%26environment%3Dproduction%26platform%3Dweb%26platform_variant%3Ddesktop_react_2_column%26amp_variant%3Damp_disabled%26ad_page_type%3Dsong%26random24%3D23%26first_impression%3Dtrue&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61956d6c3969a&debugInfo=16234749_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16234749&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1f65omnkpyqs&secondaryContent=&x=608&y=342&pubUrl=https%3A%2F%2Fgenius.com%2FLorey-jaune-orry-bad-vibes-lyrics&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=75&impGap=2&flow_width=300&flow_height=169&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=9873&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=genius.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e79e6eacd8681204c849f2faee653f92439d1595b166d1819a9578242914329c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://genius.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
8539
liveView.php
live.primis.tech/live/ Frame 4044 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhMvUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTI2OCUlRaZcZGViXmVyY2EmY2MjODRyMDUlOTE0NwtjODpyMxZ2nWQ2MTxlZDp3NwM1ZwElMDImMDYlMTQ0Lz1jNCZ2nWRsY29hqGVhqF9cZD0kOTU3MDtjJaZcZF9wo250ZW50X2Ryp2M9Q29cK0kypzF5KlUlMyRXSU5ORU0yMwIeT2ZznWNcYWjeTHylnWNmKlUlNvgNZWFhnW5aKlU3QlgWZXJcZzyyZCZ2nWRsY29hqGVhqF90nXRfZT1Do2xeTGVlYXxeJTIlVFqJTx5FTSUlMvgPZzZcY2yuoCgMrXJcY3MeJTI2K01yYW5cozpeJTqDK1ZypzyznWVxJaZcZF9wo250ZW50X2R1pzF0nW9hPTI4OSZxZWJ1Z0yhZz9loWF0nW9hPSZ4PTY4NCZ5PTM4NSZjqWJVpzj9nHR0pHMyM0EyMxYyMxZaZW5cqXMhY29gJTJGTG9lZXxgnzF1ozUgo3JlrS1vYWQgqzyvZXMgoHylnWNmJaJcPTZDNwx3NwY1NTM3NDYkNmQ3MmqDNmM2QwMkN0I1NDMjN0Q3QwY0MmImMDMlMmElRDMkMmElRDMkMmp1RwMlMmM3RDqCNmMmMTM2MmImMmM0MmpmNDM5N0Q3QwQmMmUmNmqEN0I1MmVBMmI1Nwp1NwE1ODU2N0E0QmZENEU3NwYlNTEmRDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM2MmAmODqEN0I1OTMmMmQmMwqEN0I2NwMkN0Q3QwRDMmxmODM3MmM3REZFRxUznXNBpHA9MCZaZW9MYXRcPTUjLwEjNDxzZ2ViTG9hZm04LwYlOTUzqXNypxyjQWRxpw0kODUhMwEmLwE1NS4kNwIzqXNypyVBPU1irzyfoGEyMxY1LwAeJTI4V2yhZG93plgOVCfkMC4jJTNCK1qcowY0JTNCK3t2NCUlOSgBpHBfZVqyYxgcqCUlRwUmNl4mNvfyMwuLSFRNTCUlQlgfnWgyK0qyY2giJTI5K0Nbpz9gZSUlRwx1LwAhNDYmOC41NCgTYWZupzxyMxY1MmphMmYzpGkurWVlQXBcSWQ9JzNmqXVcZD02MTx1NzQ2YmM5NwyuJzNvqXN0ZXI9MTYmNmE4MwtlODxmMvZeqy9yozNsMT1mo25aX2yxJTNENwt1NmpmMCUlNaNiozqsqGy0oGUyM0QyMwUlNG9lpaxyMwUlMEJuZCUlNTIjVzyvZXMyMwZupaRcp3RsnWQyM0QlNmUlNwMkJTI2YXJ0nXN0X25uoWUyM0RMo3JyrSUlNTIjSzF1ozUyMwZcp19yrHBfnWNcqCUmRGZuoHNyJTI2pGFaZXZcZXqmJTNEMTt0JTI2pHJcoWFlrV90YWqsnWQyM0QkNDM0JTI2pHJcoWFlrV90YWpyM0RlYXAyMwZ0YWqsnWQyM0QkNDM0JTI2p29hZ190nWVlJTNERSUlNaRipGywJTNEJTI2nGFmX3Niozqsp3RipaxyM0RzYWkmZSUlNzyhX3RipF8kMCUmRGZuoHNyJTI2YXJ0nXN0X2yhX3RipF8kMCUmRGZuoHNyJTI2YWkvqW1snW5sqG9jXmEjJTNEZzFfp2UyMwZhZXqspzVfZWFmZSUmRGZuoHNyJTI2pzVfZWFmZV9go250nCUmRDIjMwEjNSUlNaJyoGVup2VsrWVupvUmRDIjMwEyMwZlZWkyYXNyX2RyY2FxZSUmRDIjMwAyMwZcoy90o3BsMTBspzFjJTNEZzFfp2UyMwZcoy90o3BsMTBspz9wnlUmRGZuoHNyJTI2nW5sqG9jXmEjX2NiqW50paxyM0RzYWkmZSUlNzyhX3RipF8kMF9lX2FhZF9vJTNEZzFfp2UyMwZcoy90o3BsMTBspG9jJTNEZzFfp2UyMwZyoaZcpz9hoWVhqCUmRHBlo2R1Y3Rco24yMwZjoGF0Zz9loSUmRHqyYvUlNaBfYXRzo3JgX3ZupzyuoaQyM0RxZXNeqG9jX3JyYWN0XmJsY29fqW1hJTI2YW1jX3ZupzyuoaQyM0RuoXBsZGymYWJfZWQyMwZuZF9jYWqyX3R5pGUyM0Rmo25aJTI2pzFhZG9gMwQyM0QlMlUlNzZcpaN0X2ygpHJyp3Nco24yM0R0paVyJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTA=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D31375F32337D7B7331363233343734397D7B4335377D7B535A3256756158567A4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630387D7B593334327D7B66317D7B4C393837337DFEFE&userIpAddr=185.213.155.162&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&kv_enc_1=song_id%3D6857730%26song_title%3D%2524orry%2520Bad%2520Vibes%26artist_id%3D2752631%26artist_name%3DLorey%2520Jaune%26is_explicit%3Dfalse%26pageviews%3D184%26primary_tag_id%3D1434%26primary_tag%3Drap%26tag_id%3D1434%26song_tier%3DE%26topic%3D%26has_song_story%3Dfalse%26in_top_10%3Dfalse%26artist_in_top_10%3Dfalse%26album_in_top_10%3Dfalse%26new_release%3Dfalse%26release_month%3D202105%26release_year%3D2021%26release_decade%3D2020%26in_top_10_rap%3Dfalse%26in_top_10_rock%3Dfalse%26in_top_10_country%3Dfalse%26in_top_10_r_and_b%3Dfalse%26in_top_10_pop%3Dfalse%26environment%3Dproduction%26platform%3Dweb%26platform_variant%3Ddesktop_react_2_column%26amp_variant%3Damp_disabled%26ad_page_type%3Dsong%26random24%3D23%26first_impression%3Dtrue&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61956d6c3969a&debugInfo=16234749_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16234749&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1f65omnkpyqs&secondaryContent=&x=608&y=342&pubUrl=https%3A%2F%2Fgenius.com%2FLorey-jaune-orry-bad-vibes-lyrics&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=75&impGap=2&flow_width=300&flow_height=169&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=9873&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=genius.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e5f08b08032e47304be17b7294ac0e80a4b0ea0a78935860eed8a882ca805db6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://genius.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
3274
publisher:getClientId
ampcid.google.de/v1/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://genius.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 17 Nov 2021 21:00:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://genius.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
1
stats.pusher.com/timeline/v2/jsonp/ 		62 B
307 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.pusher.com/timeline/v2/jsonp/1?session=MzQ2NzA4ODkx&bundle=MQ%3D%3D&key=NmQ4OTNmY2M2YTBjNjk1ODUzYWM%3D&lib=anM%3D&version=My4xLjAtcHJlMTE%3D&features=WyJ3cyJd&timeline=W3siaW5zdGFuY2VzIjoxLCJ0aW1lc3RhbXAiOjE2MzcxODI4MjgxNzd9LHsic3RhdGUiOiJjb25uZWN0aW5nIiwidGltZXN0YW1wIjoxNjM3MTgyODI4MTc3fSx7ImNpZCI6MSwidHJhbnNwb3J0Ijoid3NzIiwidGltZXN0YW1wIjoxNjM3MTgyODI4MTc4fSx7ImNpZCI6MSwic3RhdGUiOiJpbml0aWFsaXplZCIsInRpbWVzdGFtcCI6MTYzNzE4MjgyODE3OH0seyJjaWQiOjEsInN0YXRlIjoiY29ubmVjdGluZyIsInRpbWVzdGFtcCI6MTYzNzE4MjgyODE3OX0seyJjaWQiOjEsInN0YXRlIjoib3BlbiIsInRpbWVzdGFtcCI6MTYzNzE4MjgyODk0MH0seyJzdGF0ZSI6ImNvbm5lY3RlZCIsInBhcmFtcyI6eyJzb2NrZXRfaWQiOiIzMjcxNjUuNjc0ODk1NDAifSwidGltZXN0YW1wIjoxNjM3MTgyODI4OTc0fV0%3D
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-82.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54a626e43209b5d94edb74ebde3783cae0acdb09d7965cfabbf354b4090310cf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Fri, 12 Nov 2021 10:44:52 GMT
via
1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
server
AmazonS3
age
468937
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-C2
content-length
62
x-amz-cf-id
HF58EeLZ2K4zHXbf8AOOFc6qAasJ7oRDNqx-KHzPL2EKMllObj3XKw==
vid6192d77635f12023062144_thumb.jpg
video.primis.tech/uploads/cn2/video/users/converted/29268/video_5eca3cc084e05291468087/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn2/video/users/converted/29268/video_5eca3cc084e05291468087/vid6192d77635f12023062144_thumb.jpg?cbuster=1637013372
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
61de62108f8c0d87b148e7a31bfa51237c45d3b2459ce99fa7d9d24ca6abcd32

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
via
1.1 9ca62899119e7dd5b43dfd3eaef59881.cloudfront.net (CloudFront)
last-modified
Mon, 15 Nov 2021 21:59:07 GMT
server
Tengine
x-amz-cf-pop
OTP50-C1
etag
"114b311144a74d18eda61b94b557b43a"
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 01 Dec 2021 21:00:29 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1466
x-amz-cf-id
ERC8Q8NbOi4B62utANzWVAkT_HY1sNFbTQVrficdPR8PHayzTr1dHQ==
x-proxy-cache
HIT
vid618d02b48ab2f451529906_thumb.jpg
video.primis.tech/uploads/cn23/video/users/converted/29268/video_5eca3cc084e05291468087/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn23/video/users/converted/29268/video_5eca3cc084e05291468087/vid618d02b48ab2f451529906_thumb.jpg?cbuster=1636631226
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
54f91139ba8668046b2969c7b4e424ed74ae39c56a05846145809efbf2a28bf8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
via
1.1 89428c7aafe6aad9ae9c7817be80e65b.cloudfront.net (CloudFront)
last-modified
Thu, 11 Nov 2021 14:17:33 GMT
server
Tengine
x-amz-cf-pop
OTP50-C1
etag
"1bf41fcc15681b5ab48cd362381cee3b"
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 01 Dec 2021 21:00:29 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2384
x-amz-cf-id
V-Oz5g44cAe_tcAuSrO9aTTqzvRLBT2G0ovlKaYLEllC1G6ocW8Qcw==
x-proxy-cache
HIT
vid618d029394dff160495243_thumb.jpg
video.primis.tech/uploads/cn23/video/users/converted/29268/video_5eca3cc084e05291468087/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn23/video/users/converted/29268/video_5eca3cc084e05291468087/vid618d029394dff160495243_thumb.jpg?cbuster=1636631203
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
6ad4a3c593681cbd1a8e44c3608ca84e143b6e4611545622aeb9b4f6357e4f92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
via
1.1 f06c87fa57d0c9fd7439d7fdbd148c63.cloudfront.net (CloudFront)
last-modified
Thu, 11 Nov 2021 14:16:09 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"8872b6759efe99b4e4d61ac3512f62de"
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 01 Dec 2021 21:00:29 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1758
x-amz-cf-id
Xtavjs-WiAIXaJXBga_C4fVAn18YsTdUdW6UPFr3zxjuFV1F6Xy_aA==
x-proxy-cache
HIT
vid618a4d2ca28da391090984_thumb.jpg
video.primis.tech/uploads/cn21/video/users/converted/29268/video_5eca3cc084e05291468087/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn21/video/users/converted/29268/video_5eca3cc084e05291468087/vid618a4d2ca28da391090984_thumb.jpg?cbuster=1636453681
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
314081c275e3e7eb872a8d5f01abc8e9682c9a7afc86546f1611bdc3c44d5703

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
via
1.1 4612dc3b414cf2057f542e94733d59bd.cloudfront.net (CloudFront)
last-modified
Tue, 09 Nov 2021 10:30:17 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"75e061b9a81aa90e956907225f84ad42"
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 01 Dec 2021 21:00:29 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1508
x-amz-cf-id
MWyXwsJqPvUq2bfDplqmiqwV5_I3TDGXV1pMU_VNxAksBcJg3fLeLA==
x-proxy-cache
HIT
vid6183372c08742099461632_thumb.jpg
video.primis.tech/uploads/cn16/video/users/converted/29268/video_5eca3cc084e05291468087/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn16/video/users/converted/29268/video_5eca3cc084e05291468087/vid6183372c08742099461632_thumb.jpg?cbuster=1635989308
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.250.60.64 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
ddd38fb69ff602db74d9854df6e074b46e783d03bdfa273baaf8e6eabfe5c7fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
via
1.1 557d225d7fe3f75093bf3aa13b485922.cloudfront.net (CloudFront)
last-modified
Thu, 04 Nov 2021 01:29:25 GMT
server
Tengine
x-amz-cf-pop
OTP50-C1
etag
"8e5a8b600422f301de2e756dbefdc76a"
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 01 Dec 2021 21:00:29 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1564
x-amz-cf-id
zKGJKoYcg8kPmf1O2VrACAzGFxpQPNodaT8zb7fy1Di6v4jFInRwaQ==
x-proxy-cache
HIT
openrtb
ads.adaptv.advertising.com/rtb/ Frame 4044 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_5.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.42.157 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-42-157.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://genius.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://genius.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 4044 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-201.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 17:04:46 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
14144
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 09 Nov 2021 22:55:20 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
via
1.1 8fd360cd20d33fa1400394ae41746f67.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-C2
content-type
application/javascript
x-amz-cf-id
1BlfynYKHNPJcys8zOkxWp0bbTH4sbBgi5IxEchLpBPtXg5xTC1_pA==
usync.js
eus.rubiconproject.com/ Frame 9B30 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4f2d7e7e387f0821114f2f04f07ce3f9a6184c03ddde2fd5c030996970537b92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=primis&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 17 Nov 2021 21:00:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=61891
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9509
Expires
Thu, 18 Nov 2021 14:12:00 GMT
otFlat.json
cookie-cdn.cookiepro.com/scripttemplates/6.13.0/assets/ 		12 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/assets/otFlat.json
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:778 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8388718f670ddb4c773f542fef40257fd020ae066966c2ca33b0814eab04a74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Nov 2021 21:00:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
/ODZFpGAnQ0xgLGN+/xOCg==
age
2587088
x-ms-lease-status
unlocked
last-modified
Thu, 28 Jan 2021 07:31:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
8529baa8-b01e-0017-146e-c49146000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
cf-ray
6afbe38a892f05e9-FRA
expires
Thu, 25 Nov 2021 21:00:29 GMT
otPcTab.json
cookie-cdn.cookiepro.com/scripttemplates/6.13.0/assets/v2/ 		45 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/assets/v2/otPcTab.json
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:778 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
480889002777fd46e82ea77533779500bc7f363e9a30abcf282392ecf58780e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Nov 2021 21:00:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
tOIVP7aQMx8KuQM3FUQnFw==
age
2587088
x-ms-lease-status
unlocked
last-modified
Thu, 28 Jan 2021 07:31:55 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
2b1b9e5a-101e-0088-6e6e-c4dd44000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
cf-ray
6afbe38a893405e9-FRA
expires
Thu, 25 Nov 2021 21:00:29 GMT
otCookieSettingsButton.json
cookie-cdn.cookiepro.com/scripttemplates/6.13.0/assets/ 		5 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cookie-cdn.cookiepro.com/scripttemplates/6.13.0/assets/otCookieSettingsButton.json
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:778 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd44041e27f78770fced39f58e54ff661a452abda8f8541577caed06934f813d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 17 Nov 2021 21:00:29 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
content-md5
/TEiUwMbL/reEP1F6SSgag==
age
2587088
x-ms-lease-status
unlocked
last-modified
Thu, 28 Jan 2021 07:31:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
96fc088a-a01e-0024-706e-c4ceed000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=691200
x-ms-version
2009-09-19
cf-ray
6afbe38a893605e9-FRA
expires
Thu, 25 Nov 2021 21:00:29 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame B38F 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=38120584&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D61956d6c3969a%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
content-length
0
/
www.facebook.com/tr/ Frame CC22 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://genius.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://genius.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
date
Wed, 17 Nov 2021 21:00:29 GMT
csync
sync.console.adtarget.com.tr/ Frame 6D54 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Wed, 17 Nov 2021 21:00:29 GMT
Content-Length
0
Etag
77be2a31b7d280a2
csync
sync.console.adtarget.com.tr/ Frame D43E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=BIm0EyemdEKy0qOG5pjz&pi=admatic&tc=1
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=BIm0EyemdEKy0qOG5pjz&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Wed, 17 Nov 2021 21:00:29 GMT
Content-Length
0
Etag
77be2a31b7d280a2

Redirect headers

date
Wed, 17 Nov 2021 21:00:29 GMT Wed, 17 Nov 2021 21:00:29 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=BIm0EyemdEKy0qOG5pjz&pi=admatic&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
/
ads.us.e-planning.net/uspd/1/ Frame 7DE9
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
8452e63d0e8bbcea8c82f41d9fcbcb66e4194f0ad329eeddea0e87f02859a7b0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Wed, 17 Nov 2021 21:00:29 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Wed, 17 Nov 2021 21:00:29 GMT
x-sid
AMS-607
content-encoding
gzip

Redirect headers

server
openresty
date
Wed, 17 Nov 2021 21:00:29 GMT
content-type
text/html; charset=iso-8859-1
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
x-sid
AMS-607
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D21D 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=40316
expires
Thu, 18 Nov 2021 08:12:25 GMT
date
Wed, 17 Nov 2021 21:00:29 GMT
vary
Accept-Encoding
pbsync.html
js.adscale.de/ Frame A02B 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:9c00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
last-modified
Wed, 17 Nov 2021 10:46:11 GMT
x-amz-version-id
jR6ivDWYpvujzWUwE1MYeOR2Gav55T3V
server
AmazonS3
content-encoding
br
date
Wed, 17 Nov 2021 20:46:13 GMT
cache-control
max-age=7200
etag
W/"5550fca00caf055568d6ced373f2721f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
8zqyHw9TL15nQP14UU7gFZ2CB2rPx0IHndmzBGSekOOJ09Go4gK4eA==
age
856
cookie
cm.adform.net/ Frame DDED 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Wed, 17 Nov 2021 21:00:29 GMT
content-type
image/gif
content-length
43
user
cdn.admatic.com.tr/ Frame 9867 		251 B
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-756
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
DE
cdn-edgestorageid
756
cdn-storageserver
DE-51
cache-control
public, max-age=3600
cdn-fileserver
141
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-cachedat
2021-08-10 09:24:38
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-requestid
7411165dafde0aacf19b3630e7d4b2c0
cdn-status
200
cdn-cache
HIT
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 966A 		43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?redir=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 17 Nov 2021 21:00:29 GMT
Server
VertaMedia 1.0
Etag
a2de2a31b7e280a2
Content-Length
43
Content-Type
image/gif
programme_bold.woff2
assets.genius.com/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.genius.com/fonts/programme_bold.woff2?1637166956
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1260 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f3b5d57d944a4a8050051e06dcf2741fb7a57118c7c0d29d545e0a84588a716

Request headers

Referer
https://genius.com/
Origin
https://genius.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
cf-cache-status
HIT
age
14770
cf-ray
6afbe38b4f9905fd-FRA
content-length
26140
x-amz-id-2
fcZeWT4jKTWwnwVJUX0mrNq2vE8PDYhFN7jEzgi/IHsqRj9eGBHXocISsyomnUAJPKIMeVsPm6c=
last-modified
Wed, 17 Nov 2021 16:47:44 GMT
server
cloudflare
etag
"d479f40f75b8db5e49ff8196ef040434"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
x-amz-request-id
E2VCEJW1WNRK08KP
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-type
font/woff2
/
api.mixpanel.com/track/ 		1 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.mixpanel.com/track/?data=eyJldmVudCI6ICJnZHByX2NvbnNlbnQ6bW9kYWxfc2hvd24iLCJwcm9wZXJ0aWVzIjogeyIkb3MiOiAiV2luZG93cyIsIiRicm93c2VyIjogIkNocm9tZSIsIiRjdXJyZW50X3VybCI6ICJodHRwczovL2dlbml1cy5jb20vTG9yZXktamF1bmUtb3JyeS1iYWQtdmliZXMtbHlyaWNzIiwiJGJyb3dzZXJfdmVyc2lvbiI6IDk1LCIkc2NyZWVuX2hlaWdodCI6IDEyMDAsIiRzY3JlZW5fd2lkdGgiOiAxNjAwLCJtcF9saWIiOiAid2ViIiwiJGxpYl92ZXJzaW9uIjogIjIuMTUuMCIsIiRpbml0aWFsX3JlZmVycmVyIjogIiRkaXJlY3QiLCIkaW5pdGlhbF9yZWZlcnJpbmdfZG9tYWluIjogIiRkaXJlY3QiLCJBTVAiOiBmYWxzZSwiZ2VuaXVzX3BsYXRmb3JtIjogIndlYiIsInRva2VuIjogIjc3OTY3YzUyZGMzODE4NmNjMWFhZGViZGQxOWUyYTgyIiwiJF9fYyI6IDB9fQ%3D%3D&ip=1&_=1637182829358
Requested by
Host: genius.com
URL: https://genius.com/javascripts/compiled/reactMixpanel.desktop-6185fba11e3a0de65e73.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.241.186.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
date
Wed, 17 Nov 2021 21:00:29 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://genius.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
alt-svc
clear
content-length
1
bundle.js
cdn.admatic.com.tr/user/ Frame 9867 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
content-encoding
br
cdn-edgestorageid
756
cdn-fileserver
141
cdn-storageserver
DE-51
cdn-cachedat
2021-08-12 13:48:34
cdn-pullzone
266102
last-modified
Fri, 12 Mar 2021 04:24:48 GMT
server
BunnyCDN-DE1-756
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
182fa74661bcbb261685abede7c9a061
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
uu
ih.adscale.de/ Frame A02B
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1637182829
  • https://ih.adscale.de/uu?cbfn=receive&t=1637182829&nut&uu=16358ee81a6c4687b964b94add7d5c23
44 B
214 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1637182829&nut&uu=16358ee81a6c4687b964b94add7d5c23
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
10bbf07b433ab70d350e193a145b80159a1dfeab805fcf064d7e36d9618535e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1637182829&nut&uu=16358ee81a6c4687b964b94add7d5c23
date
Wed, 17 Nov 2021 21:00:29 GMT
content-length
0
um
u-ams02.e-planning.net/ Frame 7DE9
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D54c5905a9fb7aac7
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=54c5905a9fb7aac7
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=54c5905a9fb7aac7
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:29 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=54c5905a9fb7aac7
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame 7DE9 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 16 Nov 2026 21:00:28 GMT
um
u-ams02.e-planning.net/ Frame 7DE9
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D54c5905a9fb7aac7%26uid%3D%24%7BUID%7D
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=54c5905a9fb7aac7&uid=5bb51ef2-b286-4cf6-8ea7-2f0efec7e8a5
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=54c5905a9fb7aac7&uid=5bb51ef2-b286-4cf6-8ea7-2f0efec7e8a5
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:29 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=54c5905a9fb7aac7&uid=5bb51ef2-b286-4cf6-8ea7-2f0efec7e8a5
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
5dqao27sp6qsgtmhh1ar6mtuelmbc8um
ptag
a.audrte.com/ Frame 7DE9 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.173.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-173-197.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
3959ef50f058794429dbb475c8988f630f9df1a2098e55dc997915bda6500f43

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 17 Nov 2021 21:00:30 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1683
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 7DE9 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:28 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Mon, 16 Nov 2026 21:00:28 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 7DE9
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D54c5905a9fb7aac7
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Wed, 17 Nov 2021 21:00:29 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 7DE9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D54c5905a9fb7aac7%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=54c5905a9fb7aac7&uid=821115113677182690
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=54c5905a9fb7aac7&uid=821115113677182690
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 17 Nov 2021 21:00:29 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ecf5839a-dc1e-4bdc-9a35-c1dfe72d6d70
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=54c5905a9fb7aac7&uid=821115113677182690
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams02.e-planning.net/ Frame 7DE9
Redirect Chain
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D54c5905a9fb7aac7%26uid%3D%7B%24UID%7D
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=54c5905a9fb7aac7&uid=1435d9a25b5abdeeccddd85874f1c55a3f4bb113
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=54c5905a9fb7aac7&uid=1435d9a25b5abdeeccddd85874f1c55a3f4bb113
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
server
openresty
content-type
image/gif

Redirect headers

Location
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=54c5905a9fb7aac7&uid=1435d9a25b5abdeeccddd85874f1c55a3f4bb113
Date
Wed, 17 Nov 2021 21:00:30 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
usync.html
eus.rubiconproject.com/ Frame 1E14
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40334-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 17 Nov 2021 21:00:29 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date
Wed, 17 Nov 2021 21:00:29 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B8A5 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D54c5905a9fb7aac7%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=40316
expires
Thu, 18 Nov 2021 08:12:25 GMT
date
Wed, 17 Nov 2021 21:00:29 GMT
vary
Accept-Encoding
user
ads3.admatic.com.tr/ Frame 9867 		77 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.132.147.227 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-227-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
4e80fdf162a377032ac31e5164f843a40c85a77b701ac84df579a72e7b64361b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 17 Nov 2021 21:00:29 GMT
content-encoding
br
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
81
userconnect.js
js.adscale.de/ Frame A02B 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:9c00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
ST_.0TdKyzxYU24n19L1rTo313dC4Gfs
content-encoding
br
last-modified
Wed, 17 Nov 2021 10:46:11 GMT
server
AmazonS3
age
856
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Wed, 17 Nov 2021 20:46:14 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
NQ9iSeVDv4IGfP8raGjPLi0Ar7YtEJim5e-WanWqPHB0Qyv6w97V2A==
csync
sync.console.adtarget.com.tr/ Frame A02B 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=16358ee81a6c4687b964b94add7d5c23
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 17 Nov 2021 21:00:29 GMT
Server
VertaMedia 1.0
Etag
29fc42baa84f5853
Content-Length
0
usermatch
ssum.casalemedia.com/ Frame 3702 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D54c5905a9fb7aac7%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4a39f071e9b06e5bc5c9a42aa56363b42d82a7ffd58a58b36beb8861e42f4d92

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|45|241|152|51|195|111
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1658
Expires
Wed, 17 Nov 2021 21:00:29 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Wed, 17 Nov 2021 21:00:29 GMT
Connection
keep-alive
/
onetag-sys.com/usync/ Frame CF44 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame D8FA 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
353f2d26591cbe5be04c554b07ed0f261a170ad208ceb9000c01abb2e218cab6

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6afbe38d0c535b9e-FRA
content-encoding
br
usync.js
eus.rubiconproject.com/ Frame 1E14 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4f2d7e7e387f0821114f2f04f07ce3f9a6184c03ddde2fd5c030996970537b92

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 17 Nov 2021 21:00:29 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Nov 2021 00:01:00 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=61891
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9509
Expires
Thu, 18 Nov 2021 14:12:00 GMT
userconnect
ih.adscale.de/ Frame A02B 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1637182829573&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
content-length
149
content-type
application/javascript
map
ih.adscale.de/ Frame B8D8 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
6aa4facd453d5caa54afe2867ef270354a7eabfe9513cd81ccf6e7ab920bc795

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2442
match.js
js.adscale.de/ Frame B8D8 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:9c00:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
WAFboXLI6x3No6pvms2FA6cZb70IR3gl
content-encoding
br
last-modified
Wed, 17 Nov 2021 10:46:11 GMT
server
AmazonS3
age
856
etag
W/"b75124846aec28a28b7a3441813682d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Wed, 17 Nov 2021 20:46:14 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
jFIjFmIhS8XZNZmxhcJAOUOeF7mpv7htm_IHIsIW6hCbfTddsEIcYw==
new
ads3.admatic.com.tr/user/ Frame 9867 		171 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user/new
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.132.147.227 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-227-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
89d4d46a0c99ecd7c01f545f237355e5d3509e598696fd34718cafad74649898

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 17 Nov 2021 21:00:29 GMT
content-encoding
br
etag
gD2dJXTj52kO_O2nteil2ZxemG-hWG8UTSysCDxAQyK4EzvFm2bKkNULNknsTZNuYKB6SrpG-1OkQp7r95fhUg
last-modified
Wed, 17 Nov 2021 22:00:29 GMT
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
175
getuid
ib.adnxs.com/ Frame D8FA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame D8FA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4a...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEHeuJvBDeiZfq9OrlPzpvCA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEHeuJvBDeiZfq9OrlPzpvCA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6afbe390bdd85b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEHeuJvBDeiZfq9OrlPzpvCA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
470
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame D8FA
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=ec27e2e2-1698-415d-89f7-93d0e9f41303&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=ec27e2e2-1698-415d-89f7-93d0e9f41303&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6afbe3908d665b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=ec27e2e2-1698-415d-89f7-93d0e9f41303&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
date
Wed, 17 Nov 2021 21:00:29 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame D8FA 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:29 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame D8FA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3e5971f4-8c1d-4aec-6be9-6a5183fab2af%26reqId%3D7...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3e5971f4-8c1d-4aec-6be9-6a5183fab2af%26reqId%3D7...
  • https://mwzeom.zeotap.com/mw?cid=a2d80979-e5cc-4ef3-b0ec-551690658956&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=a2d80979-e5cc-4ef3-b0ec-551690658956&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6afbe38eb8ef5b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:29 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=a2d80979-e5cc-4ef3-b0ec-551690658956&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame D8FA 		0
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Wed, 17 Nov 2021 21:00:29 GMT
via
1.1 varnish
server
nginx
x-timer
S1637182830.668685,VS0,VE9
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-hhn4049-HHN
u
dmp.v.fwmrm.net/ad/ Frame D8FA 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f608:82c4:8e67:4786:1156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Nov 2021 21:00:30 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame D8FA 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3e5971f4-8c1d-4aec-6be9-6a5183fab2af%26reqId%3D7eabbc2a-8771-4a5f-4adb-e1e8777b83e4%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame D8FA
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=7770e294-4aee-4d6b-85bf-94899203259a&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7770e294-4aee-4d6b-85bf-94899203259a&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6afbe3908d635b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:29 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=7770e294-4aee-4d6b-85bf-94899203259a&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame D8FA
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=21891298864711767191771818802304898268&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=21891298864711767191771818802304898268&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6afbe3908d615b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-2-v019-014acb01f.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
/C/fIdmQT1w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=21891298864711767191771818802304898268&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame D8FA 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame D8FA
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021111722-85904-0.919233001637182833-cf19f22705ff7eccd56bea5472ec8ef8&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2021111722-85904-0.919233001637182833-cf19f22705ff7eccd56bea5472ec8ef8&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6afbe393bd115b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2021111722-85904-0.919233001637182833-cf19f22705ff7eccd56bea5472ec8ef8&zdid=533&env=mWeb
Date
Wed, 17 Nov 2021 21:00:33 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame D8FA
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7031646712423708825&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-...
95 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7031646712423708825&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6afbe38fab6e5b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7031646712423708825&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Date
Wed, 17 Nov 2021 21:00:30 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame D8FA
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=3e5971f4-8c1d-4aec-6be9-6a5183fab2af
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=3e5971f4-8c1d-4aec-6be9-6a5183fab2af
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=3e5971f4-8c1d-4aec-6be9-6a5183fab2af
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=3e5971f4-8c1d-4aec-6be9-6a5183fab2af
date
Wed, 17 Nov 2021 21:00:29 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame D8FA
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=lbkQW.8H7pMtTSxI0D3CU.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=lbkQW.8H7pMtTSxI0D3CU.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6afbe390bdd95b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:30 GMT
via
1.1 google
last-modified
Wed, 17 Nov 2021 21:00:30 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=lbkQW.8H7pMtTSxI0D3CU.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame D8FA 		36 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.106 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:30 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame D8FA
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=3e5971f4-8c1d-4aec-6be9-6a5183fab2af?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=3e5971f4-8c1d-4aec-6be9-6a5183fab2af?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=da51093b16748e4babc5e5fb83a7178a&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-87...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=da51093b16748e4babc5e5fb83a7178a&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6afbe391d9105b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:30 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=da51093b16748e4babc5e5fb83a7178a&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
cache-control
no-cache
x-server
10.45.28.137
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame D8FA
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-a2llValE2orW0blcYE7yeu0TAIU6VMNMTw--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-a2llValE2orW0blcYE7yeu0TAIU6VMNMTw--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6afbe3911ef05b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Wed, 17 Nov 2021 21:00:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-a2llValE2orW0blcYE7yeu0TAIU6VMNMTw--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame D8FA
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=9iTACM8GFHNXaH9n44xPyCNUYGQVhAbp%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=9iTACM8GFHNXaH9n44xPyCNUYGQVhAbp%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6afbe3914f645b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:30 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=9iTACM8GFHNXaH9n44xPyCNUYGQVhAbp%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame D8FA 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:30 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame D8FA 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.141.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-141-115.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
cache-control
private, no-cache, no-store
x-request-time
D=67 t=1637182830
x-served-by
beacon-n010-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame D8FA 		95 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame D8FA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://sync-tm.everesttech.net/ct/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YZVtbgAFSsXE8gAz&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YZVtbgAFSsXE8gAz&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361&_test=YZVtbgAFSsXE8gAz
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6afbe3925a285b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1637182830.429389,VS0,VE0
x-served-by
cache-hhn4026-HHN
x-cache
HIT
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YZVtbgAFSsXE8gAz&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361&_test=YZVtbgAFSsXE8gAz
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame D8FA
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=deec6195-6d6d-4800-bb7b-07345f3649be&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=deec6195-6d6d-4800-bb7b-07345f3649be&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6afbe391d9155b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Wed, 17 Nov 2021 21:00:30 GMT
Server
MT3 4103 f8fad19 master cdg-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=deec6195-6d6d-4800-bb7b-07345f3649be&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Wed, 17 Nov 2021 21:00:29 GMT
usermatch.gif
beacon.krxd.net/ Frame D8FA
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b...
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
52.209.141.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-141-115.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
cache-control
private, no-cache, no-store
x-request-time
D=155 t=1637182830
x-served-by
beacon-n019-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
date
Wed, 17 Nov 2021 21:00:30 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a015-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame D8FA
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Nov 2021 21:00:30 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
PYY0C9XCGEWFEG6QJGSN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 17 Nov 2021 21:00:30 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
8NWXNQXT5YP9KKY9QH97
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame D8FA
Redirect Chain
  • https://tags.bluekai.com/site/87734?id=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6afbe3935c265b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date
Wed, 17 Nov 2021 21:00:30 GMT
Connection
keep-alive
Content-Length
0
BK-Server
82c4
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame D8FA
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3D3e5...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6afbe3926a375b9e-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
date
Wed, 17 Nov 2021 21:00:30 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame D8FA 		557 B
498 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0940e7c1cfe2f33447dc7e60859c4132c965e4deda07b2e0d0d4930268b6aa3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

cf-ray
6afbe38d6dad5b9e-FRA
date
Wed, 17 Nov 2021 21:00:29 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Wed, 17 Nov 2021 21:00:29 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
usermatchredir
ssum-sec.casalemedia.com/ Frame 3702
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YZVtbDTCEBZNxvFMq6uzmAAABFwAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YZVtbDTCEBZNxvFMq6uzmAAABFwAAAAB&gdpr_consent=&us_privacy=&gdpr=1&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEHK-FfP_v4qGABXsN06u_1c&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEHK-FfP_v4qGABXsN06u_1c&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D54c5905a9fb7aac7%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Nov 2021 21:00:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Wed, 17 Nov 2021 21:00:30 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEHK-FfP_v4qGABXsN06u_1c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 3702 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D54c5905a9fb7aac7%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:29 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 3702
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YZVtbDTCEBZNxvFMq6uzmAAA
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm=&google_sc=&google_hm=YZVtbDTCEBZNxvFMq6uzmAAA&google_tc=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMem77FVZX-AbnM2b6yVxt0&google_cver=1&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMem77FVZX-AbnM2b6yVxt0&google_cver=1&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D54c5905a9fb7aac7%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Nov 2021 21:00:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 17 Nov 2021 21:00:30 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMem77FVZX-AbnM2b6yVxt0&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 3702
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZVtbDTCEBZNxvFMq6uzmAAABFwAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZVtbDTCEBZNxvFMq6uzmAAABFwAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZVtbDTCEBZNxvFMq6uzmAAABFwAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D54c5905a9fb7aac7%26uid%3D
Protocol
HTTP/1.1
Server
209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Nov 2021 21:00:30 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
EDP27JA46ANFH2386VWY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 17 Nov 2021 21:00:29 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6Q1XB89WPDAJ4T135RZ1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YZVtbDTCEBZNxvFMq6uzmAAABFwAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3702
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ee420e23-24ee-4af9-9616-ca85dd6cccaa
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ee420e23-24ee-4af9-9616-ca85dd6cccaa
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D54c5905a9fb7aac7%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Nov 2021 21:00:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 17 Nov 2021 21:00:30 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 17 Nov 2021 21:00:30 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ee420e23-24ee-4af9-9616-ca85dd6cccaa
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
sync
x.bidswitch.net/ Frame 3702 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D54c5905a9fb7aac7%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.61.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-61-148.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 17 Nov 2021 21:00:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 3702
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-44bdbbd1-aec2-46f7-bf4d-55c6b8599032
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-44bdbbd1-aec2-46f7-bf4d-55c6b8599032
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D54c5905a9fb7aac7%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Nov 2021 21:00:30 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 17 Nov 2021 21:00:30 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-44bdbbd1-aec2-46f7-bf4d-55c6b8599032
date
Wed, 17 Nov 2021 21:00:29 GMT
server
Apache-Coyote/1.1
content-length
0
match
c1.adform.net/serving/cookie/ Frame 3702 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D54c5905a9fb7aac7%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:29 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
um
u-ams02.e-planning.net/ Frame 3702 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=54c5905a9fb7aac7&uid=YZVtbDTCEBZNxvFMq6uzmAAA%261116
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D54c5905a9fb7aac7%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
server
openresty
content-type
image/gif
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame B8D8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=b48e47b6e87b083939a61c4...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=deec6195-6d6d-4800-bb7b-07345f3649be&gdpr=0&gdpr_consent=
49 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=deec6195-6d6d-4800-bb7b-07345f3649be&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 17 Nov 2021 21:00:29 GMT
Server
MT3 4103 f8fad19 master cdg-pixel-x29 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=deec6195-6d6d-4800-bb7b-07345f3649be&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 17 Nov 2021 21:00:28 GMT
csync
sync.console.adtarget.com.tr/ Frame 9867 		0
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=314221&extuid=lYCrxIMPdCPqCDDR-Fy45QldaJ8BWxefnjcm_dF5Rccm9SwrMOviY0iCw7RA71n43KQnwGVnb7FNtoSgxQP1aw
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 17 Nov 2021 21:00:29 GMT
Server
VertaMedia 1.0
Etag
a020cc0dd97b65f3
Content-Length
0
cmp
spl.zeotap.com/ Frame D8FA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6afbe38dae635b9e-FRA
unip
trc-events.taboola.com/1301520/log/3/ 		0
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1301520/log/3/unip?en=pre_d_eng_tb&tos=1588&scd=17&ssd=1&est=1637182828143&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1637182829731&vi=1637182828141&ri=8b73ba2c9980dcd535602eaa2f747795&ref=null&cv=20211114-1-RELEASE&item-url=https%3A%2F%2Fgenius.com%2FLorey-jaune-orry-bad-vibes-lyrics
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1301520/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
https://genius.com
pragma
no-cache
date
Wed, 17 Nov 2021 21:00:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
khaos.jpg
token.rubiconproject.com/ Frame 9B30 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/jpg
img
ih.adscale.de/sium/9f16f5b381c14c729741dde6fa7a8852/1637182829609/0/ Frame B8D8
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F9f16f5b381c14c729741dde6fa7a8852%2F1637182829609%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/9f16f5b381c14c729741dde6fa7a8852/1637182829609/0/img?tpid=75&tpuid=821115113677182690&gdpr=0
49 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/9f16f5b381c14c729741dde6fa7a8852/1637182829609/0/img?tpid=75&tpuid=821115113677182690&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 17 Nov 2021 21:00:29 GMT
X-Proxy-Origin
185.213.155.162; 185.213.155.162; 864.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e48f15aa-4bd8-4234-85bf-8e86f3a4f083
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/9f16f5b381c14c729741dde6fa7a8852/1637182829609/0/img?tpid=75&tpuid=821115113677182690&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame B8D8
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=eb11ca27b9dc333213826b88d...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YZVtbDTCEBZNxvFMq6uzmAAA%261116
49 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YZVtbDTCEBZNxvFMq6uzmAAA%261116
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:29 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 17 Nov 2021 21:00:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YZVtbDTCEBZNxvFMq6uzmAAA%261116
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Wed, 17 Nov 2021 21:00:29 GMT
metrics
librato-collector.genius.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://librato-collector.genius.com/v1/metrics
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1260 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://genius.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
content-length
0
x-powered-by
Express
access-control-allow-origin
https://genius.com
access-control-allow-methods
POST
access-control-allow-headers
Content-Type
access-control-allow-credentials
true
via
1.1 vegur
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6afbe39069de05fd-FRA
metrics
librato-collector.genius.com/v1/ 		0
179 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://librato-collector.genius.com/v1/metrics
Requested by
Host: assets.genius.com
URL: https://assets.genius.com/javascripts/compiled/reactPage.desktop-9c4325152e03dfc58c2b.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://genius.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST
access-control-allow-origin
https://genius.com
access-control-allow-credentials
true
cf-ray
6afbe3932c045c8c-FRA
access-control-allow-headers
Content-Type
content-length
0
cc.js
tags.crwdcntrl.net/c/15238/ Frame 7DE9 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.71.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-71-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 17 Nov 2021 04:10:10 GMT
content-encoding
gzip
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
60621
etag
W/"2b2f816f40499d384e118ce88a266e02"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
Cy1WT53CLsAG7O_W5Hz87-l9t-GuQvCrEe1JlAieXb186heZewYRLQ==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame D2BC 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Wed, 17 Nov 2021 21:00:30 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Mon, 16 Nov 2026 21:00:30 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 173A 		0
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=APDfY1fmWZkfp2AO
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
VertaMedia 1.0
Date
Wed, 17 Nov 2021 21:00:29 GMT
Content-Length
0
Etag
a2de2a31b7e280a2
khaos.jpg
token.rubiconproject.com/ Frame 1E14 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type
image/jpg
GS.d
js.cookieless-data.com/ Frame D2BC 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1637182830186
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.28.83 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-28-83.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 17 Nov 2021 21:00:30 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
img
ih.adscale.de/sium/9f16f5b381c14c729741dde6fa7a8852/1637182829609/0/ Frame B8D8
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=7b2d30fbf356d0957da04d138bed008d69bff7c793d974eb1cd9ca6d74abfea2&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F9f16f5b381c14c729741dd...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=7b2d30fbf356d0957da04d138bed008d69bff7c793d974eb1cd9ca6d74abfea2&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F9f16f5b381c14c729...
  • https://ih.adscale.de/sium/9f16f5b381c14c729741dde6fa7a8852/1637182829609/0/img?tpid=42&gdpr=0&tpuid=6860890447492531994
49 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/9f16f5b381c14c729741dde6fa7a8852/1637182829609/0/img?tpid=42&gdpr=0&tpuid=6860890447492531994
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:30 GMT
server
nginx
location
https://ih.adscale.de/sium/9f16f5b381c14c729741dde6fa7a8852/1637182829609/0/img?tpid=42&gdpr=0&tpuid=6860890447492531994
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame B8D8
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=7385a6e2-05c7-4639-9226-b96b0d39d7a6&gdpr=0
49 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=7385a6e2-05c7-4639-9226-b96b0d39d7a6&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:30 GMT
server
Kestrel
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=7385a6e2-05c7-4639-9226-b96b0d39d7a6&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1859950
content-length
0
expires
Wed, 17 Nov 2021 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/57304/ Frame 4044
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP65ed38c5-47e9-11ec-96a7-06dd13ac9c68
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA2NWVkMzhjNS00N2U5LTExZWMtOTZhNy0wNmRkMTNhYzljNjg%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEJsMrmvLZ3AU8sBO-RlGSWw&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEJsMrmvLZ3AU8sBO-RlGSWw&google_cver=1&apid=UP65ed38c5-47e9-11ec-96a7-06dd13ac9c68
0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEJsMrmvLZ3AU8sBO-RlGSWw&google_cver=1&apid=UP65ed38c5-47e9-11ec-96a7-06dd13ac9c68
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEJsMrmvLZ3AU8sBO-RlGSWw&google_cver=1&apid=UP65ed38c5-47e9-11ec-96a7-06dd13ac9c68
date
Wed, 17 Nov 2021 21:00:30 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
pixel.advertising.com/ups/55986/ Frame 4044
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=&_...
  • https://pixel.advertising.com/ups/55986/sync?uid=YZVtbgAFSt5yhwBR&_origin=0&gdpr=1&gdpr_consent=&_test=YZVtbgAFSt5yhwBR
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55986/sync?uid=YZVtbgAFSt5yhwBR&_origin=0&gdpr=1&gdpr_consent=&_test=YZVtbgAFSt5yhwBR
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Server
54.93.162.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-162-63.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1637182831.519321,VS0,VE0
x-served-by
cache-hhn4026-HHN
x-cache
HIT
location
https://pixel.advertising.com/ups/55986/sync?uid=YZVtbgAFSt5yhwBR&_origin=0&gdpr=1&gdpr_consent=&_test=YZVtbgAFSt5yhwBR
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sync
ups.analytics.yahoo.com/ups/55953/ Frame 4044
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=a2d80979-e5cc-4ef3-b0ec-551690658956&_origin=1&gdpr=1&gdpr_consent=
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=a2d80979-e5cc-4ef3-b0ec-551690658956&_origin=1&gdpr=1&gdpr_consent=
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=a2d80979-e5cc-4ef3-b0ec-551690658956&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame B8D8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=59d86c1a329e2238426cc821...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=deec6195-6d6d-4800-bb7b-07345f3649be&gdpr=0&gdpr_consent=
49 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=deec6195-6d6d-4800-bb7b-07345f3649be&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Wed, 17 Nov 2021 21:00:30 GMT
Server
MT3 4103 f8fad19 master cdg-pixel-x5 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=deec6195-6d6d-4800-bb7b-07345f3649be&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 17 Nov 2021 21:00:29 GMT
js
ih.adscale.de/sium/9f16f5b381c14c729741dde6fa7a8852/1637182829609/0/ Frame B8D8
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=d4247a778c61eb595e8291828eb64eb869986339e456d338f1ea8bc5ba3809f5&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F9f16f5b381c14c...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=d4247a778c61eb595e8291828eb64eb869986339e456d338f1ea8bc5ba3809f5&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F9f16f5b381c14c...
  • https://ih.adscale.de/sium/9f16f5b381c14c729741dde6fa7a8852/1637182829609/0/js?tpid=48&tpuid=e3b886e7b8d3762db3f2bb34cbee088c
44 B
571 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/9f16f5b381c14c729741dde6fa7a8852/1637182829609/0/js?tpid=48&tpuid=e3b886e7b8d3762db3f2bb34cbee088c
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4aabb61b85e1339e1bbadd82ed5a370cbf5721ebae0b2fad9fc4cde139d9a48a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Wed, 17 Nov 2021 21:00:30 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/9f16f5b381c14c729741dde6fa7a8852/1637182829609/0/js?tpid=48&tpuid=e3b886e7b8d3762db3f2bb34cbee088c
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
metrics
librato-collector.genius.com/v1/ 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://librato-collector.genius.com/v1/metrics
Requested by
Host: assets.genius.com
URL: https://assets.genius.com/javascripts/compiled/reactPage.desktop-9c4325152e03dfc58c2b.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://genius.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 17 Nov 2021 21:00:31 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST
access-control-allow-origin
https://genius.com
access-control-allow-credentials
true
cf-ray
6afbe3966b7e5c8c-FRA
access-control-allow-headers
Content-Type
content-length
0
metrics
librato-collector.genius.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://librato-collector.genius.com/v1/metrics
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1260 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://genius.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 17 Nov 2021 21:00:31 GMT
content-length
0
x-powered-by
Express
access-control-allow-origin
https://genius.com
access-control-allow-methods
POST
access-control-allow-headers
Content-Type
access-control-allow-credentials
true
via
1.1 vegur
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6afbe393783805fd-FRA
user
ads3.admatic.com.tr/ Frame 9867
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://x.bidswitch.net/ul_cb/sync?ssp=admatic
  • https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=admatic
  • https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admatic
  • https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=4506fbea-a1da-4516-9460-ed7f59d2dee3&ssp=admatic
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=be9d4b19-6f07-4582-bf39-cdb3663aab61&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=be9d4b19-6f07-4582-bf39-cdb3663aab61&dsp_uuid=&dsp_id=
35 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=be9d4b19-6f07-4582-bf39-cdb3663aab61&dsp_uuid=&dsp_id=
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
H2
Server
188.132.147.227 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-227-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:30 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Wed, 17 Nov 2021 21:00:30 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=be9d4b19-6f07-4582-bf39-cdb3663aab61&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
ptrack
a.audrte.com/ Frame 7DE9 		368 B
879 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptrack?arlocation=185.213.155.162&p=M1353665098&artime=2021-11-17T21:00:30.691Z&arlocation=YWRzLnVzLmUtcGxhbm5pbmcubmV0L3VzcGQvMT9jdD0xJmR1PWh0dHBzJTNBJTJGJTJGc3luYy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ciUyRmNzeW5jJTNGdCUzRGElMjZlcCUzRDMwNzQ0MiUyNmV4dHVpZCUzRCUyNFVJRA==&gdpr=0&gdpr_consent=null&gdpr_version=1&arreferer=cy5jb25zb2xlLmFkdGFyZ2V0LmNvbS50ci8=
Requested by
Host: a.audrte.com
URL: https://a.audrte.com/ptag?p=M1353665098
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.173.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-173-197.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2b9327cba2da9c541e371c3c3cea4047a04fb053455b30c41f652200480bfd50

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 17 Nov 2021 21:00:30 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
https://ads.us.e-planning.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
262
sium
ih.adscale.de/ Frame B8D8 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Wed, 17 Nov 2021 21:00:30 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
p
a.audrte.com/ Frame 7DE9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=h333VUlrSndS06d362p9ywzNQ&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&ar_id=h333VUlrSndS06d362p9ywzNQ&gdpr=0&gdpr_consent=&google_gid=CAESEBKqwDUacaIAnNQwtYvAkY4&google_cver=1
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
3.212.173.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-173-197.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 17 Nov 2021 21:00:31 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Wed, 17 Nov 2021 21:00:30 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
match
ps.eyeota.net/ Frame 7DE9
Redirect Chain
  • https://dmp.adform.net/serving/cookie/match/?party=1003&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=6860890447492531994
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEBKqwDUacaIAnNQwtYvAkY4&google_cver=1
  • https://ps.eyeota.net/match?bid=kh51m51&uid=h333VUlrSndS06d362p9ywzNQ&gdpr=0&gdpr_consent=
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=kh51m51&uid=h333VUlrSndS06d362p9ywzNQ&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 17 Nov 2021 21:00:31 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date
Wed, 17 Nov 2021 21:00:31 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://ps.eyeota.net/match?bid=kh51m51&uid=h333VUlrSndS06d362p9ywzNQ&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
pixel
ps.eyeota.net/ Frame 7DE9 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?pid=kh51m51&t=ajs&uid=h333VUlrSndS06d362p9ywzNQ&gdpr=0&gdpr_consent=
Requested by
Host: genius.com
URL: https://genius.com/Lorey-jaune-orry-bad-vibes-lyrics
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 17 Nov 2021 21:00:30 GMT
Content-Length
1241
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: d3l739e8r8y9v7.cloudfront.net
URL: https://d3l739e8r8y9v7.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8200:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 20:46:52 GMT
content-encoding
gzip
last-modified
Thu, 28 Oct 2021 00:27:20 GMT
server
nginx
age
819
etag
W/"6179ee68-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
8RZVH43TLmsNJicLcm5csQtjTet6neKrRf9GM-d9hcXmNHsjhLfxeg==
expires
Wed, 17 Nov 2021 22:46:52 GMT
2sDPZGJYnIjSi6H75xkZZE1I0yCmYzzQtuZnIGaV3w.woff2
fonts.gstatic.com/s/assistant/v8/ 		9 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/assistant/v8/2sDPZGJYnIjSi6H75xkZZE1I0yCmYzzQtuZnIGaV3w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Assistant&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://genius.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 15 Nov 2021 21:24:07 GMT
x-content-type-options
nosniff
age
171385
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11188
x-xss-protection
0
last-modified
Wed, 18 Aug 2021 17:35:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 15 Nov 2022 21:24:07 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=genius.com&p=%2FLorey-jaune-orry-bad-vibes-lyrics&u=BNeRm5Dt-0tiDHtcZm&d=genius.com&g=3877&g0=songs%2Ctag%3Arap&g1=Lorey%20Jaune&n=1&f=00001&c=0&x=0&m=0&y=7165&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=4035&t=DWkRKnBaXRIuvwmvBDdngjVCa2MWv&V=129&i=Lorey%C2%A0Jaune%20%E2%80%93%20%24orry%20Bad%20Vibes%20Lyrics%20%7C%20Genius%20Lyrics&tz=0&sn=1&sv=O6FKaCikkW6BDnKFaBtgchiCANopj&sd=1&im=067b9ff0&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.80.60.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-80-60-244.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:31 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
metrics
librato-collector.genius.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://librato-collector.genius.com/v1/metrics
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1260 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://genius.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 17 Nov 2021 21:00:31 GMT
content-length
0
x-powered-by
Express
access-control-allow-origin
https://genius.com
access-control-allow-methods
POST
access-control-allow-headers
Content-Type
access-control-allow-credentials
true
via
1.1 vegur
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6afbe398096405fd-FRA
metrics
librato-collector.genius.com/v1/ 		0
39 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://librato-collector.genius.com/v1/metrics
Requested by
Host: assets.genius.com
URL: https://assets.genius.com/javascripts/compiled/cmp-d86771e4f616099ea4ee.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://genius.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 17 Nov 2021 21:00:31 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST
access-control-allow-origin
https://genius.com
access-control-allow-credentials
true
cf-ray
6afbe398c9e85c8c-FRA
access-control-allow-headers
Content-Type
content-length
0
unip
trc-events.taboola.com/1301520/log/3/ 		0
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1301520/log/3/unip?en=pre_d_eng_tb&tos=4589&scd=17&ssd=1&est=1637182828143&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1637182832733&vi=1637182828141&ri=8b73ba2c9980dcd535602eaa2f747795&ref=null&cv=20211114-1-RELEASE&item-url=https%3A%2F%2Fgenius.com%2FLorey-jaune-orry-bad-vibes-lyrics
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1301520/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://genius.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
https://genius.com
pragma
no-cache
date
Wed, 17 Nov 2021 21:00:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
metrics
librato-collector.genius.com/v1/ 		0
62 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://librato-collector.genius.com/v1/metrics
Requested by
Host: assets.genius.com
URL: https://assets.genius.com/javascripts/compiled/reactPage.desktop-9c4325152e03dfc58c2b.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1360 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://genius.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 17 Nov 2021 21:00:33 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST
access-control-allow-origin
https://genius.com
access-control-allow-credentials
true
cf-ray
6afbe3a2cc345c8c-FRA
access-control-allow-headers
Content-Type
content-length
0
metrics
librato-collector.genius.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://librato-collector.genius.com/v1/metrics
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:1260 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://genius.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 17 Nov 2021 21:00:33 GMT
content-length
0
x-powered-by
Express
access-control-allow-origin
https://genius.com
access-control-allow-methods
POST
access-control-allow-headers
Content-Type
access-control-allow-credentials
true
via
1.1 vegur
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6afbe3a1ed0705fd-FRA
rt=ifr
bcp.crwdcntrl.net/5/c=15238/rand=350378186/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/ Frame 6FB2 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/c=15238/rand=350378186/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
69dc5815ea5cd24459d7a1d5f753ef917d5d95673fba2fbb02a586c70d6552e3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Wed, 17 Nov 2021 21:00:33 GMT
content-type
text/html;charset=utf-8
content-length
1130
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.13.212
access-control-allow-origin
*
server
Jetty(9.4.38.v20210224)
usermatch.gif
beacon.krxd.net/ Frame 6FB2 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=da51093b16748e4babc5e5fb83a7178a
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=350378186/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.141.115 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-141-115.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:33 GMT
cache-control
private, no-cache, no-store
x-request-time
D=16 t=1637182833
x-served-by
beacon-n005-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
5907
tags.bluekai.com/site/ Frame 6FB2 		62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=246c5d9b6ae5b0d7076cd6c466de1c36
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=350378186/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 17 Nov 2021 21:00:33 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
tpid=21891298864711767191771818802304898268
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame 6FB2
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=da51093b16748e4babc5e5fb83a7178a&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=21891298864711767191771818802304898268
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=21891298864711767191771818802304898268
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=350378186/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Server
52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:33 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.15.18
content-type
image/gif
content-length
49
expires
0

Redirect headers

DCS
dcs-prod-irl1-2-v019-068dd63de.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Js8uSeNXSs0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=21891298864711767191771818802304898268
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
generic
match.adsrvr.org/track/cmf/ Frame 6FB2 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=350378186/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usersync
pixel-sync.sitescout.com/connectors/lotame/ Frame 6FB2 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=350378186/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:32 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
tpid=3819829989951337740
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame 6FB2
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/da51093b16748e4babc5e5fb83a7178a/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3819829989951337740
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3819829989951337740
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/c=15238/rand=350378186/pv=y/amskip=Y/pltfrm=%23OpR%2399944%23ads.us.e-planning.net%20%3A%20Referral%20Site%20%3A%20s.console.adtarget.com.tr/rt=ifr
Protocol
H2
Server
52.215.102.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-102-174.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:33 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.5.28
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=3819829989951337740
pragma
no-cache
date
Wed, 17 Nov 2021 21:00:32 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
liveMatching.php
live.primis.tech/live/ Frame 4044 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveMatching.php
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D31312D31375F32337D7B7331363233343734397D7B4335377D7B535A3256756158567A4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583630387D7B593334327D7B66317D7B4C393837337DFEFE&userIpAddr=185.213.155.162&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F95.0.4638.54+Safari%2F537.36&debugInformation=&kv_enc_1=song_id%3D6857730%26song_title%3D%2524orry%2520Bad%2520Vibes%26artist_id%3D2752631%26artist_name%3DLorey%2520Jaune%26is_explicit%3Dfalse%26pageviews%3D184%26primary_tag_id%3D1434%26primary_tag%3Drap%26tag_id%3D1434%26song_tier%3DE%26topic%3D%26has_song_story%3Dfalse%26in_top_10%3Dfalse%26artist_in_top_10%3Dfalse%26album_in_top_10%3Dfalse%26new_release%3Dfalse%26release_month%3D202105%26release_year%3D2021%26release_decade%3D2020%26in_top_10_rap%3Dfalse%26in_top_10_rock%3Dfalse%26in_top_10_country%3Dfalse%26in_top_10_r_and_b%3Dfalse%26in_top_10_pop%3Dfalse%26environment%3Dproduction%26platform%3Dweb%26platform_variant%3Ddesktop_react_2_column%26amp_variant%3Damp_disabled%26ad_page_type%3Dsong%26random24%3D23%26first_impression%3Dtrue&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=61956d6c3969a&debugInfo=16234749_&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=16234749&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1f65omnkpyqs&secondaryContent=&x=608&y=342&pubUrl=https%3A%2F%2Fgenius.com%2FLorey-jaune-orry-bad-vibes-lyrics&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=75&impGap=2&flow_width=300&flow_height=169&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=50.1049&geoLong=8.6295&vpTemplate=9873&flowMode=seenboth&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=genius.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.204 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://genius.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 17 Nov 2021 21:00:33 GMT
content-encoding
gzip
server
nginx
age
0
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store
user
ads3.admatic.com.tr/ Frame 9867
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=admatic&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=a2d80979-e5cc-4ef3-b0ec-551690658956&expires=30&ssp=admatic&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=be9d4b19-6f07-4582-bf39-cdb3663aab61&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=be9d4b19-6f07-4582-bf39-cdb3663aab61&dsp_uuid=&dsp_id=
35 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=be9d4b19-6f07-4582-bf39-cdb3663aab61&dsp_uuid=&dsp_id=
Protocol
H2
Server
188.132.147.227 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-227-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 17 Nov 2021 21:00:35 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Wed, 17 Nov 2021 21:00:35 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=be9d4b19-6f07-4582-bf39-cdb3663aab61&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221

Verdicts & Comments Add Verdict or Comment

86 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| __tti object| Genius.ads object| apstag object| Genius.cmp object| OneTrustTCFStub function| __tcfapi function| ga string| GoogleAnalyticsObject object| _qevents object| __PRELOADED_STATE__ object| __APP_CONFIG__ object| _sf_async_config object| _cbq object| _comscore function| fbq function| _fbq object| _tfa object| webpackJsonp function| hotkeys function| _ object| __core-js_shared__ object| core object| googletag function| pbjsChunk object| pbjs object| _pbjsGlobals object| __iasPET function| getPrimisTargeting object| diagPixSentCodes object| __iasAdRefreshConfig function| quantserve function| __qc object| ezt object| _qoptions function| qtrack boolean| apstagLOADED function| udm_ object| ns_p object| COMSCORE function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| ggeac object| google_js_reporting_queue function| Pusher object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent837 function| $ function| jQuery object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| google_tag_data object| gaplugins function| jsonFeed undefined| google_measure_js_timing object| otStubData boolean| sekindoFlowingPlayerOn object| otIabModule object| OneTrust number| _sf_endpt object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY

83 Cookies

Domain/Path Name / Value
genius.com/ Name: _genius_ab_test_cohort
Value: 40
genius.com/ Name: genius_first_impression
Value: 1637182828014
.scorecardresearch.com/ Name: UID
Value: 16HUJKCHZ5R81ZCKDGWJLYg1637182828
.genius.com/ Name: mp_mixpanel__c
Value: 0
.genius.com/ Name: AMP_TOKEN
Value: %24RETRIEVING
.genius.com/ Name: _fbp
Value: fb.1.1637182828590.1389821794
genius.com/ Name: _ab_tests_identifier
Value: 22e96d51-4b1e-4e9d-964d-02ff8c8b9a4e
.openx.net/ Name: i
Value: b1c7ae64-a29e-40e8-bffd-27f31bbb19d5|1637182828
.adnxs.com/ Name: uuid2
Value: 821115113677182690
.casalemedia.com/ Name: CMID
Value: YZVtbDTCEBZNxvFMq6uzmAAA
.casalemedia.com/ Name: CMPS
Value: 3267
.spotxchange.com/ Name: audience
Value: 65091d09-47e9-11ec-991a-1024185a0206
.casalemedia.com/ Name: CMPRO
Value: 1116
.creativecdn.com/ Name: u
Value: BIm0EyemdEKy0qOG5pjz
.creativecdn.com/ Name: ts
Value: 1637182829
.genius.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Wed+Nov+17+2021+21%3A00%3A29+GMT%2B0000+(GMT)&version=6.13.0&hosts=&consentId=10de3b1a-29b7-46c3-821c-80379bd75cf6&interactionCount=0&landingPath=https%3A%2F%2Fgenius.com%2FLorey-jaune-orry-bad-vibes-lyrics&groups=C0002%3A1%2CC0001%3A1%2CSTACK42%3A0
ads.us.e-planning.net/ Name: CT
Value: 1
.genius.com/ Name: mp_77967c52dc38186cc1aadebdd19e2a82_mixpanel
Value: %7B%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22AMP%22%3A%20false%2C%22genius_platform%22%3A%20%22web%22%7D
.e-planning.net/ Name: E
Value: APDfY1fmWZkfp2AO
.adscale.de/ Name: uu
Value: 16358ee81a6c4687b964b94add7d5c23
.zeotap.com/ Name: zc
Value: 3e5971f4-8c1d-4aec-6be9-6a5183fab2af
.zeotap.com/ Name: zsc
Value: %04L%5B%B9%03%B6%9AK%9Au%A81%3E%A1%2F%A2%D0%C9_%EF%C34%C1j%A5l%BE4%89%24%81f%F9%AA%17%8El%D4%D9%3C%FFW%C99%28%EF%9Dou%02%99N%C7%DB%9E%0B%DB%BE%84%CE%D6%24W%07%1B%28%82%CA%1D%17%9B%CD%C2%13%60%02jV%03%18V%1D%EF%88%CB%98%FB%05N%CB%DAG%E2%1FSHa%EB%F5s%F3%90%5E%0B%1DIS%12%CCr%7B%9D%D5%1A%1B%F0%0B%94%DB%D2%92%EF%8C%D0%8F~%12F%D0F%1C%25%B8%DB%3D%13%7D%D4%955%0E%BC%BE%7D%BDG%D9%D7%A11%DA%8F%9E%12d%C7%CA%7C%23%9E%8F%94%27%A4%05u%A2%D1
.ads3.admatic.com.tr/ Name: ARRAffinity
Value: 2b3c5e0cc673ff293e2280700eede1cd5e856e50cd6bc5467474bd96537910c9
.richaudience.com/ Name: avcid-zeo-uid
Value: 3e5971f4-8c1d-4aec-6be9-6a5183fab2af
.mathtag.com/ Name: uuid
Value: deec6195-6d6d-4800-bb7b-07345f3649be
.adsrvr.org/ Name: TDID
Value: a2d80979-e5cc-4ef3-b0ec-551690658956
.tidaltv.com/ Name: tidal_ttid
Value: 7770e294-4aee-4d6b-85bf-94899203259a
.tapad.com/ Name: TapAd_TS
Value: 1637182829799
.tapad.com/ Name: TapAd_DID
Value: ec27e2e2-1698-415d-89f7-93d0e9f41303
.console.adtarget.com.tr/ Name: a502624
Value: ${USER_ID}
.adfarm1.adition.com/ Name: UserID1
Value: 7031646712423708825
.casalemedia.com/ Name: CMST
Value: YZVtbGGVbW4A
.demdex.net/ Name: demdex
Value: 21891298864711767191771818802304898268
.weborama.fr/ Name: AFFICHE_W
Value: IygEJXzPd84j65
.admanmedia.com/ Name: admtr
Value: 1435d9a25b5abdeeccddd85874f1c55a3f4bb113
.dpm.demdex.net/ Name: dpm
Value: 21891298864711767191771818802304898268
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0sjS2tDK0MAIAU6H4bgkAAAA="
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.doubleclick.net/ Name: IDE
Value: AHWqTUnDsg4xxGjWKbc8Y7zLZwDRXoRBdhUB_obybD_etUAuAnEcyxHEMyTrLhXMrUM
.casalemedia.com/ Name: CMRUM3
Value: 2761956d6d0b40&e661956d6d2760&f161956d6d05a0&2d61956d6e2760CAESEMem77FVZX-AbnM2b6yVxt0&3361956d6d05a0&c361956d6e2760av-44bdbbd1-aec2-46f7-bf4d-55c6b8599032&6f61956d6d05a0&9861956d6e2760ee420e23-24ee-4af9-9616-ca85dd6cccaa
.console.adtarget.com.tr/ Name: a307080
Value: BIm0EyemdEKy0qOG5pjz
.adform.net/ Name: C
Value: 1
.agkn.com/ Name: ab
Value: 0001%3Axfzxs0MUlIwBaWbRoyUj28Sun3CPegdb
.theadex.com/ Name: axd
Value: 4277660648476300427
.theadex.com/ Name: tis
Value: EP175%3A2992
.adform.net/ Name: uid
Value: 6860890447492531994
.console.adtarget.com.tr/ Name: a307565
Value: 16358ee81a6c4687b964b94add7d5c23
.krxd.net/ Name: _kuid_
Value: OfORoDdj
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: da51093b16748e4babc5e5fb83a7178a
.console.adtarget.com.tr/ Name: a314221
Value: lYCrxIMPdCPqCDDR-Fy45QldaJ8BWxefnjcm_dF5Rccm9SwrMOviY0iCw7RA71n43KQnwGVnb7FNtoSgxQP1aw
.fwmrm.net/ Name: _uid
Value: "e5bbc_7031646712423021148"
.criteo.com/ Name: uid
Value: 7385a6e2-05c7-4639-9226-b96b0d39d7a6
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwi6pZ_TgIaVOhAFOAFaBmFkYXB0dmAC
.advertising.com/ Name: APID
Value: UP65ed38c5-47e9-11ec-96a7-06dd13ac9c68
.adscale.de/ Name: cct
Value: 1637182830488
.console.adtarget.com.tr/ Name: vmuid
Value: a2de2a31b7e280a2
.console.adtarget.com.tr/ Name: a307442
Value: APDfY1fmWZkfp2AO
.analytics.yahoo.com/ Name: IDSYNC
Value: 187s~21l8
.yahoo.com/ Name: APID
Value: UP65ed38c5-47e9-11ec-96a7-06dd13ac9c68
.yahoo.com/ Name: APIDTS
Value: 1637182830
.yahoo.com/ Name: A3
Value: d=AQABBG5tlWECEKF1ECLC3oiFlV8ygi2MjQ4FEgEBAQG-lmGfYQAAAAAA_eMAAA&S=AQAAAqqb5Y02apDdYNqK_u9_ctQ
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YZVtbgAFSt5yhwBR
.m6r.eu/ Name: test
Value: true
.bidswitch.net/ Name: tuuid
Value: be9d4b19-6f07-4582-bf39-cdb3663aab61
.bidswitch.net/ Name: c
Value: 1637182830
.bidswitch.net/ Name: tuuid_lu
Value: 1637182830
.m6r.eu/ Name: cct
Value: 1637182830676
.m6r.eu/ Name: id
Value: e3b886e7b8d3762db3f2bb34cbee088c
.ih.adscale.de/ Name: tu
Value: 4#3874623129#48~e3b886e7b8d3762db3f2bb34cbee088c~454773~0~0#101~~454773~454773~1#39~deec6195-6d6d-4800-bb7b-07345f3649be~454773~0~0#40~7385a6e2-05c7-4639-9226-b96b0d39d7a6~454773~0~0#42~6860890447492531994~454773~0~0#75~821115113677182690~454773~0~0#108~deec6195-6d6d-4800-bb7b-07345f3649be~454773~0~0#63~YZVtbDTCEBZNxvFMq6uzmAAA&1116~454773~0~0
.scoota.co/ Name: tuuid
Value: 4506fbea-a1da-4516-9460-ed7f59d2dee3
.scoota.co/ Name: c
Value: 1637182830
.scoota.co/ Name: tuuid_lu
Value: 1637182830
.eyeota.net/ Name: SERVERID
Value: 21778~DM
.ads4.admatic.com.tr/ Name: ARRAffinity
Value: 766efca565b736bc2b98bfdf71beb85ca46d0287a2e24d0c061a7663938cb27a
genius.com/ Name: _cb_ls
Value: 1
genius.com/ Name: _cb
Value: BNeRm5Dt-0tiDHtcZm
genius.com/ Name: _chartbeat2
Value: .1637182831098.1637182831098.1.O6FKaCikkW6BDnKFaBtgchiCANopj.1
genius.com/ Name: _cb_svref
Value: null
.audrte.com/ Name: arcki2
Value: h333VUlrSndS06d362p9ywzNQ!20210804!1637182831431
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSEk0NTSwNE4yNDM3sUg1SUpMSjZNNU1LsjBONDc0t0hkAILEqbmFf%2F%2F%2F%2F88P4kAAALycDu0%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBInJpbCKSgAAAW6AHV"
.turn.com/ Name: uid
Value: 3819829989951337740

4 Console Messages

Source Level URL
Text
other warning URL: https://genius.com/songs/6857730/apple_music_player?react=1(Line 47)
Message:
<link rel=preload> uses an unsupported `as` value
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=3e5971f4-8c1d-4aec-6be9-6a5183fab2af&reqId=7eabbc2a-8771-4a5f-4adb-e1e8777b83e4&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ads.adaptv.advertising.com
ads.pubmatic.com
ads.us.e-planning.net
ads3.admatic.com.tr
ads4.admatic.com.tr
adscale-emea.adnxs.com
ajax.googleapis.com
ampcid.google.com
ampcid.google.de
api.mixpanel.com
assets.genius.com
audio-ssl.itunes.apple.com
bcp.crwdcntrl.net
beacon.krxd.net
bn01.er.bemail.it
c.amazon-adsystem.com
c1.adform.net
cdn.admatic.com.tr
cdn.adsafeprotected.com
cdn.taboola.com
cm.adform.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
cookie-cdn.cookiepro.com
creativecdn.com
cs.admanmedia.com
csync.loopme.me
d.turn.com
d3l739e8r8y9v7.cloudfront.net
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
genius.com
geolocation.onetrust.com
i.clean.gg
ib.adnxs.com
idsync.frontend.weborama.fr
ih.adscale.de
image6.pubmatic.com
is2-ssl.mzstatic.com
js-cdn.music.apple.com
js.adscale.de
js.cookieless-data.com
librato-collector.genius.com
live.primis.tech
loadeu.exelator.com
loadus.exelator.com
match.adsrvr.org
mwzeom.zeotap.com
nep.advangelists.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
ping.chartbeat.net
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.mathtag.com
pixel.sitescout.com
pixel.tapad.com
ps.eyeota.net
r.scoota.co
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
sessions.bugsnag.com
spl.zeotap.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.chartbeat.com
stats.pusher.com
sync-tm.everesttech.net
sync.console.adtarget.com.tr
sync.crwdcntrl.net
sync.extend.tv
sync.mathtag.com
sync.richaudience.com
sync.search.spotxchange.com
sync.tidaltv.com
tags.bluekai.com
tags.crwdcntrl.net
token.rubiconproject.com
track.adform.net
tracking.m6r.eu
trc-events.taboola.com
trc.taboola.com
u-ams02.e-planning.net
u.openx.net
ups.analytics.yahoo.com
usermatch.krxd.net
video.primis.tech
www.facebook.com
www.google-analytics.com
x.bidswitch.net
104.111.215.191
13.32.21.201
13.32.22.111
13.32.22.82
141.226.228.48
142.250.186.110
142.250.186.138
142.250.186.142
142.250.186.66
142.250.186.98
143.204.215.58
151.1.205.165
151.101.193.44
151.101.66.49
162.55.233.29
162.55.6.213
178.250.2.151
18.156.0.31
18.193.42.157
18.194.61.148
185.184.8.65
185.220.204.204
185.29.134.248
185.33.221.14
185.33.221.88
185.64.190.78
185.94.180.126
188.132.147.227
2.18.233.180
2.18.233.201
2.18.234.21
2001:678:cb4:bbbb::13
209.54.180.3
212.82.100.182
23.37.42.132
2600:1901:0:7a0b::
2600:1f18:6593:f608:82c4:8e67:4786:1156
2600:9000:2057:8200:18:1fcd:34f:cdc1
2600:9000:2057:9600:1d:ae6e:9cc0:21
2600:9000:206f:9c00:f:4f64:8940:93a1
2600:9000:211e:4400:6:44e3:f8c0:93a1
2606:4700:10::6814:b944
2606:4700:10::6816:1857
2606:4700::6812:1260
2606:4700::6812:1360
2606:4700::6812:778
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:811::200a
2a00:1450:4001:827::200e
2a00:1450:4001:831::2003
2a02:26f0:6c00:198::20b6
2a02:26f0:6c00:1b2::2a1
2a02:26f0:6c00:299::1fcf
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:24:b002:dccc:4b37:dddb:cf1e
2a0c:5c81:5095:0:225:90ff:fefa:245d
3.120.52.200
3.125.70.222
3.212.173.197
34.232.240.103
34.254.143.3
34.95.69.49
34.98.67.61
35.171.214.154
35.186.241.51
35.201.81.244
35.227.248.159
35.227.252.103
35.244.159.8
37.157.3.28
37.157.6.245
37.157.6.252
37.252.173.213
5.178.65.246
5.178.65.253
51.158.28.83
51.75.86.98
52.209.141.115
52.214.119.250
52.214.44.171
52.215.102.174
52.223.40.198
52.95.115.255
54.171.159.234
54.236.220.178
54.80.60.244
54.93.135.255
54.93.162.63
62.149.0.72
63.250.60.64
63.34.99.83
65.9.71.75
66.155.71.25
69.173.144.139
72.251.244.140
85.114.159.118
88.214.206.247
89.163.159.106
89.187.169.47
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
078981fc821f3cf39ab491128cca5f9e9f9aeda1987a4baf81ce5ddc3bbe860c
091db06757fca69fa19e86b396004a9b09d05ac1cdef4d6a8ca01e0621f50e7d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09b7ece464c01f640c13fdceb08bb12ab4a2db787f36a8253c109ea3d4f7d9f5
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
10bbf07b433ab70d350e193a145b80159a1dfeab805fcf064d7e36d9618535e5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11b947e74a7ba8f1d433b84ab7a719799ec0662a9035a8b4a2ab4d7d1eb2d681
137231356bfa88b77d4b0fa5bcff25a7ee47b571d6c5d907be4c20c1762114ed
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0
13f63ab5fa8d3973eef6d6366052135fb3958b54ca2149cc691864b03ed7d848
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
15ee4859d75dbe88fb13c3583ab2e198c0c8f51298eadfc8aa3f2c16f373fc96
15f043853b5b3c3da82d1f955d5e775b925ca2e58eae5faf3a541ac43dd1bbe5
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
1e6c96d7d402a10673cb4a868ab5202997709a09a11e01b540262414e75ce6ab
1efaa3aa4eaa36766514e579482336307138691a0134d536d42883a854a9408f
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
256aa438d5ea9a50f5c171480fef786e23128c0f9ef5cc61ae5babb0c7c6e111
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b9327cba2da9c541e371c3c3cea4047a04fb053455b30c41f652200480bfd50
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f3b5d57d944a4a8050051e06dcf2741fb7a57118c7c0d29d545e0a84588a716
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
314081c275e3e7eb872a8d5f01abc8e9682c9a7afc86546f1611bdc3c44d5703
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
352012e64cfb9f0f90cc2a8a316774ed99eb480ce2995e0e8e0d0662386d3299
353f2d26591cbe5be04c554b07ed0f261a170ad208ceb9000c01abb2e218cab6
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38fef7b97e54c3834964ccd292c6924589b9c021b910e3299ece0ad27d756451
3959ef50f058794429dbb475c8988f630f9df1a2098e55dc997915bda6500f43
3bffd88ef02d10961e4908657d5d67a2b501e9e6b96059d4ae8f859b2608d3c1
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
414d63bb8c8016e416c7787af8f6cec96d8c6e03016a6d8e3c147e8e8f5f6c51
45b781467a3fa6610c0410fc9d7d42d6a1f8f2b5d273dc551323ff6a9f67cb1f
480889002777fd46e82ea77533779500bc7f363e9a30abcf282392ecf58780e5
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a39f071e9b06e5bc5c9a42aa56363b42d82a7ffd58a58b36beb8861e42f4d92
4aabb61b85e1339e1bbadd82ed5a370cbf5721ebae0b2fad9fc4cde139d9a48a
4e80fdf162a377032ac31e5164f843a40c85a77b701ac84df579a72e7b64361b
4f2d7e7e387f0821114f2f04f07ce3f9a6184c03ddde2fd5c030996970537b92
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5
50b65c6405e54f6af62b7836ece963d498e0f597583656223517f4ebd199bc29
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a626e43209b5d94edb74ebde3783cae0acdb09d7965cfabbf354b4090310cf
54f91139ba8668046b2969c7b4e424ed74ae39c56a05846145809efbf2a28bf8
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5bc7011353c6600af370f00fda582820065b1909969fc659d266afa9cab00bfc
5ea2f4fb00f490b1dedf17f7841d7261151cf1bdd3b73264625ccde59e257aeb
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
604496ee6acca620cd59265c2302f6a03fe02d65bc5306d952f0fa94d92fa5c8
61de62108f8c0d87b148e7a31bfa51237c45d3b2459ce99fa7d9d24ca6abcd32
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd
638b07dda0f438a7f4c609bd114bedcc9c15b100133b8b8ebffc7fb85197bcb3
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
69dc5815ea5cd24459d7a1d5f753ef917d5d95673fba2fbb02a586c70d6552e3
6aa4facd453d5caa54afe2867ef270354a7eabfe9513cd81ccf6e7ab920bc795
6ad4a3c593681cbd1a8e44c3608ca84e143b6e4611545622aeb9b4f6357e4f92
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
808609a16dafecbd6e0abf0f9632d1f94202e6847e75ed38bfb56a6a64681bff
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8452e63d0e8bbcea8c82f41d9fcbcb66e4194f0ad329eeddea0e87f02859a7b0
89d4d46a0c99ecd7c01f545f237355e5d3509e598696fd34718cafad74649898
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
951390bcfaccee7d73d88621882776f7f0b55799217f47d1feb0f339acb8f41a
9563c8ba4252fe32c7fd5fa77db89077c0d7d12f0b30f39585159864c4652046
97fb6702f99ca4122ce18ed737f09546d40ca0d15440fdb5dd66c2780183b4df
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9a853f6db0007edff6f602bfa3150e0cae3080d2e38986ecbb2578365a0543ca
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a50fc75c4c3f0ed576b43e43c845e339f11b968c4066f16c2f8846cffe6f2567
aa454d0fead8ee48cf00779db3ae1d8bbbd49ae39fd9b27919671163af362dcc
b0940e7c1cfe2f33447dc7e60859c4132c965e4deda07b2e0d0d4930268b6aa3
b0f2e5bc863e3c86acb20a216b5dd56e5424da4a704864f6f281346ed25854ff
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b57502dde790c05b9b120d1d8547a0e547658fce04a783b47e9b5bfd15a67585
b6e3bdcada87171e3ca39b4d050eb13b8271e3241021e3eb416df1ff108514d1
b8388718f670ddb4c773f542fef40257fd020ae066966c2ca33b0814eab04a74
c0aae37fdf736f31c3296589a70053f4a9adcab6591f13b2c3af37a45b09979b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2906f282b22da3acd8250d2640a5cc51e28b939852a8cad49b5950e4fc64aa4
c3a4190373e15485e065c6cf763bfdca85804e9afbe8fe7fb58057f216c9d478
c8375a152735ad57e4b07e9fd8165a70f4a09812235bb09375cb72883d4d6afd
c927cf1403a388bd30e9897076106da0a2014f054deb5982b16669ef35abf613
cd44041e27f78770fced39f58e54ff661a452abda8f8541577caed06934f813d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d6a56a8c871c1d871df7f4be6b30bb8bb45da3ef8429a320ff8a73a9aab75b09
ddd38fb69ff602db74d9854df6e074b46e783d03bdfa273baaf8e6eabfe5c7fa
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cbfb92542913b58fdeadb09b9c36e52d8b05c4fc77f422e52e7571b7823632
e5ad6f99067d69c8de329cb1baa8e0dce6ba3f420a1aadbca4aafdedcef6e938
e5f08b08032e47304be17b7294ac0e80a4b0ea0a78935860eed8a882ca805db6
e79e6eacd8681204c849f2faee653f92439d1595b166d1819a9578242914329c
e943aa9f010fb0a87f925e824dd80e1d066d5e9ae7131c0035cb70070a5587f3
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef91f2d123ac5b0b4d47344294f5618f3feb38ac231176efcea33029587d39de
f41be24451707b44f13cff42c42e6821949ffdfbd25a456729946629773c0345
f9654740623b29bd9f40c75de6eab8c75c6f299ccb87fe332564a507511e28b1
fdc1e2f224b38e2fc0c28c1e7ae7b776c4952763ebaac88ae592cb313aa3b5b8