urlscan.io logo urlscan.io
SecurityTrails logo

perezhilton.com Open in urlscan Pro
104.26.0.93  Public Scan

Go To Rescan Add Verdict Report
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Submission Tags: falconsandbox
Submission: On April 24 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 130 IPs in 10 countries across 108 domains to perform 583 HTTP transactions. The main IP is 104.26.0.93, located in United States and belongs to CLOUDFLARENET, US. The main domain is perezhilton.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 8th 2020. Valid for: a year.
This is the only time perezhilton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
75 104.26.0.93 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 2.18.234.163 16625 (AKAMAI-AS)
2 18.211.226.152 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:219... 16509 (AMAZON-02)
1 1 2a03:2880:f21... 32934 (FACEBOOK)
2 4 2a03:2880:f21... 32934 (FACEBOOK)
11 104.19.133.78 13335 (CLOUDFLAR...)
1 23.55.110.60 20940 (AKAMAI-ASN1)
1 12 2606:4700:e0:... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2600:9000:202... 16509 (AMAZON-02)
1 11 54.67.80.248 16509 (AMAZON-02)
4 54.234.151.247 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 151.101.194.132 54113 (FASTLY)
1 2 2620:116:800d... 16509 (AMAZON-02)
7 2.18.233.180 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a03:2880:f23... 32934 (FACEBOOK)
4 23.20.158.212 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
4 23.55.110.49 20940 (AKAMAI-ASN1)
1 35.174.102.7 14618 (AMAZON-AES)
3 23.55.110.77 20940 (AKAMAI-ASN1)
2 23.55.110.65 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
1 54.88.209.254 14618 (AMAZON-AES)
4 2a00:1450:400... 15169 (GOOGLE)
2 5 2a02:2638::1c 44788 (ASN-CRITE...)
4 178.250.2.146 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
1 65.9.66.22 16509 (AMAZON-02)
1 1 52.73.31.234 14618 (AMAZON-AES)
1 52.86.201.23 14618 (AMAZON-AES)
1 2600:9000:215... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 3 13.224.95.46 16509 (AMAZON-02)
4 104.19.132.78 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
5 142.250.186.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 16 37.252.172.250 29990 (ASN-APPNEX)
5 62.149.0.72 15497 (COLOCALL ...)
5 6 185.94.180.125 35220 (SPOTX-AMS)
2 3 3.126.63.176 16509 (AMAZON-02)
4 5 18.156.0.31 16509 (AMAZON-02)
1 35.244.174.68 15169 (GOOGLE)
2 13.224.95.112 16509 (AMAZON-02)
1 65.9.66.5 16509 (AMAZON-02)
4 2600:9000:211... 16509 (AMAZON-02)
3 2600:9000:206... 16509 (AMAZON-02)
3 213.174.135.2 39572 (ADVANCEDH...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 11 104.121.175.131 16625 (AKAMAI-AS)
1 104.19.216.61 13335 (CLOUDFLAR...)
1 104.16.199.73 13335 (CLOUDFLAR...)
14 14 3.121.66.166 16509 (AMAZON-02)
1 3.64.111.42 16509 (AMAZON-02)
17 22 142.250.185.66 15169 (GOOGLE)
6 11 34.241.88.205 16509 (AMAZON-02)
2 2 87.98.128.108 16276 (OVH)
1 3 185.184.8.30 204995 (RTB-HOUSE...)
1 13.224.95.101 16509 (AMAZON-02)
3 213.174.135.1 39572 (ADVANCEDH...)
1 65.9.66.128 16509 (AMAZON-02)
1 2a0c:5c81:509... 55081 (24SHELLS)
5 23.227.137.155 55081 (24SHELLS)
3 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
29 52.70.33.53 14618 (AMAZON-AES)
2 185.64.189.115 62713 (AS-PUBMATIC)
4 4 66.155.71.150 13768 (COGECO-PEER1)
4 2a0c:5c81:514... 55081 (24SHELLS)
2 3.219.93.236 14618 (AMAZON-AES)
1 213.155.156.181 1299 (TELIANET ...)
1 178.250.2.151 44788 (ASN-CRITE...)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 20 185.64.190.80 62713 (AS-PUBMATIC)
5 5 52.49.40.147 16509 (AMAZON-02)
2 2 198.148.27.139 19189 (PULSEPOINT)
2 185.86.138.114 201081 (SMARTADSE...)
1 72.251.241.204 29791 (VOXEL-DOT...)
2 2 213.19.147.45 26120 (RHYTHMONE)
1 1 213.19.147.44 3356 (LEVEL3)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 199.232.137.44 54113 (FASTLY)
2 169.197.150.7 398989 (DEEPINTENT)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.249 62713 (AS-PUBMATIC)
1 2 159.253.128.183 36351 (SOFTLAYER)
2 2 37.157.6.241 198622 (ADFORM)
1 1 185.29.133.52 30419 (MEDIAMATH...)
4 2a00:1288:110... 34010 (YAHOO-IRD)
2 185.64.189.114 62713 (AS-PUBMATIC)
2 2 35.210.53.219 15169 (GOOGLE)
2 2 2001:678:cb4:... 56396 (TURN)
4 4 151.101.114.49 54113 (FASTLY)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 34.98.107.212 15169 (GOOGLE)
1 1 52.212.126.234 16509 (AMAZON-02)
3 69.173.144.165 26667 (RUBICONPR...)
4 34.192.164.183 14618 (AMAZON-AES)
6 31 2.18.234.21 16625 (AKAMAI-AS)
28 40 2.18.234.233 16625 (AKAMAI-AS)
8 185.94.180.123 35220 (SPOTX-AMS)
3 2600:1f18:612... 14618 (AMAZON-AES)
19 34.236.214.42 14618 (AMAZON-AES)
3 23.218.215.69 16625 (AKAMAI-AS)
2 34.252.219.109 16509 (AMAZON-02)
2 178.250.2.131 44788 (ASN-CRITE...)
1 216.52.2.48 29791 (VOXEL-DOT...)
1 34.251.173.19 16509 (AMAZON-02)
3 35.157.246.167 16509 (AMAZON-02)
1 185.255.84.150 200271 (IGUANE-)
1 185.64.189.112 62713 (AS-PUBMATIC)
5 213.19.162.51 3356 (LEVEL3)
3 2.18.232.130 16625 (AKAMAI-AS)
3 10 52.94.232.32 16509 (AMAZON-02)
2 35.241.40.233 15169 (GOOGLE)
1 1 34.236.212.156 14618 (AMAZON-AES)
3 4 54.76.54.153 16509 (AMAZON-02)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
2 2 185.183.112.155 60350 (VP)
1 2 54.204.142.198 14618 (AMAZON-AES)
1 51.89.21.30 16276 (OVH)
6 2001:4de0:ac1... 20446 (HIGHWINDS3)
3 3 3.208.68.46 14618 (AMAZON-AES)
7 7 154.57.158.51 26558 (FREEWHEEL)
6 6 3.226.75.51 14618 (AMAZON-AES)
3 3 35.210.178.101 19527 (GOOGLE-2)
27 185.64.190.75 62713 (AS-PUBMATIC)
1 1 54.205.191.176 14618 (AMAZON-AES)
1 99.83.181.31 16509 (AMAZON-02)
1 75.2.13.80 16509 (AMAZON-02)
1 52.39.230.13 16509 (AMAZON-02)
6 13.224.103.105 16509 (AMAZON-02)
2 34.252.219.156 16509 (AMAZON-02)
1 2600:9000:219... 16509 (AMAZON-02)
4 3.215.247.12 14618 (AMAZON-AES)
1 52.33.73.108 16509 (AMAZON-02)
1 52.24.36.224 16509 (AMAZON-02)
1 8 54.70.166.124 16509 (AMAZON-02)
1 178.162.133.149 60781 (LEASEWEB-...)
1 50.112.180.98 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2 34.98.64.218 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2600:9000:219... 16509 (AMAZON-02)
1 1 63.35.200.21 16509 (AMAZON-02)
583 130
75    104.26.0.93 (United States)

ASN13335 (CLOUDFLARENET, US)
perezhilton.com
5    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com
s.ntv.io
2    18.211.226.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-226-152.compute-1.amazonaws.com
powerad.ai
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:2190:7c00:13:6a46:aa00:93a1 (United States)

ASN16509 (AMAZON-02, US)
socialcanvas-cdn.kargo.com
1    2a03:2880:f21c:81c4:face:b00c:0:43fe (United States)

ASN32934 (FACEBOOK, US)
platform.instagram.com
4    2a03:2880:f21c:81e5:face:b00c:0:4420 (United States)

ASN32934 (FACEBOOK, US)
www.instagram.com
11    104.19.133.78 (United States)

ASN13335 (CLOUDFLARENET, US)
jsc.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
s-img.mgid.com
1    23.55.110.60 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-110-60.deploy.static.akamaitechnologies.com
launcher.spot.im
12    2606:4700:e0::ac40:6113 (United States)

ASN13335 (CLOUDFLARENET, US)
comments.yappaapp.com
embed.yappaapp.com
widget.yappaapp.com
6    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
5    2600:9000:2021:4a00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
11    54.67.80.248 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-67-80-248.us-west-1.compute.amazonaws.com
jadserve.postrelease.com
4    54.234.151.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-151-247.compute-1.amazonaws.com
reporting.powerad.ai
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    151.101.194.132 (United States)

ASN54113 (FASTLY, US)
mcd-sdk.playbuzz.com
2    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
7    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a03:2880:f231:c5:face:b00c:0:43fe (Santa Clara, United States)

ASN32934 (FACEBOOK, US)
scontent-sjc3-1.cdninstagram.com
4    23.20.158.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-158-212.compute-1.amazonaws.com
hb.brainlyads.com
4    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    23.55.110.49 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-110-49.deploy.static.akamaitechnologies.com
api-2-0.spot.im
1    35.174.102.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-102-7.compute-1.amazonaws.com
direct-events-collector.spot.im
3    23.55.110.77 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-110-77.deploy.static.akamaitechnologies.com
publisher-assets.spot.im
2    23.55.110.65 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-110-65.deploy.static.akamaitechnologies.com
events-collector.spot.im
pix.spot.im
4    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i3.ytimg.com
1    2600:9000:215d:600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    54.88.209.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-209-254.compute-1.amazonaws.com
prd-collector-anon.ex.co
4    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
3    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    65.9.66.22 (United States)

ASN16509 (AMAZON-02, US)
get.s-onetag.com
1    52.73.31.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
px.britepool.com
1    52.86.201.23 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-201-23.compute-1.amazonaws.com
thrtle.com
1    2600:9000:215d:6e00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.quantcast.mgr.consensu.org
3    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    13.224.95.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-46.zrh50.r.cloudfront.net
sb.scorecardresearch.com
4    104.19.132.78 (United States)

ASN13335 (CLOUDFLARENET, US)
s-img.mgid.com
cm.mgid.com
2    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
16    37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
ib.adnxs.com
secure.adnxs.com
5    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.spotim.market
sync.adtelligent.com
6    185.94.180.125 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
3    3.126.63.176 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
5    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
di.rlcdn.com
2    13.224.95.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-112.zrh50.r.cloudfront.net
onetag-geo.s-onetag.com
1    65.9.66.5 (United States)

ASN16509 (AMAZON-02, US)
signal-beacon.s-onetag.com
4    2600:9000:211e:7200:1d:76ee:780:93a1 (United States)

ASN16509 (AMAZON-02, US)
market-dev.s-onetag.com
3    2600:9000:206f:8200:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
3    213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.spotim.market
2    2a02:26f0:6c00::210:ba20 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
static-cdn.spot.im
11    104.121.175.131 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-121-175-131.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
1    104.19.216.61 (United States)

ASN13335 (CLOUDFLARENET, US)
cm.lentainform.com
1    104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)
cm.idealmedia.io
14    3.121.66.166 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
1    3.64.111.42 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
match.sharethrough.com
22    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
cm.g.doubleclick.net
11    34.241.88.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-88-205.eu-west-1.compute.amazonaws.com
match.adsrvr.org
2    87.98.128.108 (France)

ASN16276 (OVH, FR)
green.erne.co
3    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
creativecdn.com
prebid-eu.creativecdn.com
1    13.224.95.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-95-101.zrh50.r.cloudfront.net
audit-tcfv2.quantcast.mgr.consensu.org
3    213.174.135.1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
p.delivercdn.com
player.adtelligent.com
1    65.9.66.128 (United States)

ASN16509 (AMAZON-02, US)
onetag-geo-grouping.s-onetag.com
1    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
5    23.227.137.155 (Piscataway, United States)

ASN55081 (24SHELLS, US)
hb.spotim.market
3    2a02:26f0:6c00:2ab::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
29    52.70.33.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
track1.aniview.com
2    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
4    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
4    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
2    3.219.93.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
go1.aniview.com
1    213.155.156.181 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-181.teliacarrier-cust.com
d5p.de17a.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
20    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
5    52.49.40.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    185.86.138.114 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
sync.smartadserver.com
1    72.251.241.204 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.targeting.unrulymedia.com
3    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
5    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
match.taboola.com
2    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
1    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
1    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
2    37.157.6.241 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    185.29.133.52 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    35.210.53.219 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pool.admedo.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
4    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    2a02:fa8:8806:12::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
1    52.212.126.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
rtb.gumgum.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
4    34.192.164.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.aniview.com
31    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum.casalemedia.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
as-sec.casalemedia.com
40    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
8    185.94.180.123 (United States)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
3    2600:1f18:612b:4232:d4f4:6ee9:b45e:a058 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
p4dt2-x71s7.ads.tremorhub.com
19    34.236.214.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
s2s.aniview.com
3    23.218.215.69 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-215-69.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
2    34.252.219.109 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
trends.revcontent.com
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    216.52.2.48 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    34.251.173.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
g2.gumgum.com
3    35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
c2shb.ssp.yahoo.com
1    185.255.84.150 (Paris, France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    213.19.162.51 (United Kingdom)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
3    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
10    52.94.232.32 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
dmp.brand-display.com
1    34.236.212.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
nep.advangelists.com
4    54.76.54.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-54-153.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    185.183.112.155 (Paris, France)

ASN60350 (VP, FR)
sync.adotmob.com
2    54.204.142.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
um2.eqads.com
1    51.89.21.30 (London, United Kingdom)

ASN16276 (OVH, FR)
id5-sync.com
6    2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)
cdn.stickyadstv.com
3    3.208.68.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
7    154.57.158.51 (United States)

ASN26558 (FREEWHEEL, US)
1f2e7.v.fwmrm.net
7e1d5.v.fwmrm.net
6    3.226.75.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
vop.sundaysky.com
3    35.210.178.101 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
a.volvelle.tech
27    185.64.190.75 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
1    54.205.191.176 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
1    99.83.181.31 (United States)

ASN16509 (AMAZON-02, US)
connect-metrics-collector.s-onetag.com
1    75.2.13.80 (United States)

ASN16509 (AMAZON-02, US)
signal-metrics-collector-beta.s-onetag.com
1    52.39.230.13 (Boardman, United States)

ASN16509 (AMAZON-02, US)
a.ad.gt
6    13.224.103.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-105.zrh50.r.cloudfront.net
c.amazon-adsystem.com
2    34.252.219.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
ads.yieldmo.com
1    2600:9000:2190:f400:1f:df94:f9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
hb.undertone.com
4    3.215.247.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
report.hb.brainlyads.com
1    52.33.73.108 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-73-108.us-west-2.compute.amazonaws.com
aufp.io
1    52.24.36.224 (Boardman, United States)

ASN16509 (AMAZON-02, US)
p.ad.gt
8    54.70.166.124 (Boardman, United States)

ASN16509 (AMAZON-02, US)
ids.ad.gt
1    178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    50.112.180.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
pixels.ad.gt
2    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
u.openx.net
2    2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2600:9000:2190:a00:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
1    63.35.200.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
d.adroll.com
Apex Domain
Subdomains		 Transfer
75 perezhilton.com
perezhilton.com
2 MB
60 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
aud.pubmatic.com
image4.pubmatic.com
vid.pubmatic.com Failed
hbopenbid.pubmatic.com
simage4.pubmatic.com
203 KB
57 aniview.com
player.aniview.com
track1.aniview.com
go1.aniview.com
sync.aniview.com
s2s.aniview.com
204 KB
46 stickyadstv.com
ads.stickyadstv.com
cdn.stickyadstv.com
530 KB
29 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
448 KB
28 casalemedia.com
ssum.casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
as-sec.casalemedia.com
30 KB
19 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
fastlane.rubiconproject.com
pixel.rubiconproject.com
54 KB
19 adnxs.com
ib.adnxs.com
secure.adnxs.com
acdn.adnxs.com
16 KB
16 amazon-adsystem.com
s.amazon-adsystem.com
c.amazon-adsystem.com
73 KB
15 mgid.com
jsc.mgid.com
cdn.mgid.com
servicer.mgid.com
cm.mgid.com
s-img.mgid.com
183 KB
14 bidswitch.net
x.bidswitch.net
5 KB
14 spotxchange.com
sync.search.spotxchange.com
search.spotxchange.com
13 KB
13 spot.im
launcher.spot.im
api-2-0.spot.im
direct-events-collector.spot.im
publisher-assets.spot.im
events-collector.spot.im
static-cdn.spot.im
pix.spot.im
106 KB
12 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
c2shb.ssp.yahoo.com
7 KB
12 criteo.com
gum.criteo.com
mug.criteo.com
dis.criteo.com
bidder.criteo.com
3 KB
12 yappaapp.com
comments.yappaapp.com
embed.yappaapp.com
widget.yappaapp.com
179 KB
11 ad.gt
a.ad.gt
p.ad.gt
ids.ad.gt
pixels.ad.gt
16 KB
11 adsrvr.org
match.adsrvr.org
5 KB
11 spotim.market
sync.spotim.market
player.spotim.market
hb.spotim.market
147 KB
11 s-onetag.com
get.s-onetag.com
onetag-geo.s-onetag.com
signal-beacon.s-onetag.com
market-dev.s-onetag.com
onetag-geo-grouping.s-onetag.com
connect-metrics-collector.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
26 KB
11 postrelease.com
jadserve.postrelease.com
5 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
839 KB
8 adtelligent.com
s.adtelligent.com
player.adtelligent.com
sync.adtelligent.com
ghb.adtelligent.com
5 KB
8 brainlyads.com
hb.brainlyads.com
report.hb.brainlyads.com
129 KB
7 fwmrm.net
1f2e7.v.fwmrm.net
7e1d5.v.fwmrm.net
3 KB
7 google-analytics.com
www.google-analytics.com
41 KB
7 consensu.org
quantcast.mgr.consensu.org
test.quantcast.mgr.consensu.org
audit-tcfv2.quantcast.mgr.consensu.org
262 KB
6 sundaysky.com
vop.sundaysky.com
5 KB
6 indexww.com
js-sec.indexww.com
6 KB
6 google.com
www.google.com
23 KB
6 powerad.ai
powerad.ai
reporting.powerad.ai
33 KB
5 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
4 KB
5 bidr.io
match.prod.bidr.io
2 KB
5 instagram.com
platform.instagram.com
www.instagram.com
5 KB
5 googletagmanager.com
www.googletagmanager.com
186 KB
5 googleapis.com
fonts.googleapis.com
3 KB
4 demdex.net
dpm.demdex.net
4 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 sitescout.com
pixel-sync.sitescout.com
1 KB
4 ytimg.com
i3.ytimg.com
33 KB
3 volvelle.tech
a.volvelle.tech
1 KB
3 ipredictive.com
sync.ipredictive.com
1 KB
3 tremorhub.com
p4dt2-x71s7.ads.tremorhub.com
1 KB
3 ad4m.at
ad4m.at
1 KB
3 creativecdn.com
creativecdn.com
prebid-us.creativecdn.com Failed
prebid-eu.creativecdn.com
862 B
3 geoedge.be
rumcdn.geoedge.be
192 KB
3 advertising.com
pixel.advertising.com
677 B
3 scorecardresearch.com
sb.scorecardresearch.com
3 KB
3 googletagservices.com
www.googletagservices.com
62 KB
2 facebook.com
www.facebook.com
424 B
2 facebook.net
connect.facebook.net
99 KB
2 undertone.com
hb.undertone.com
cdn.undertone.com
usr.undertone.com Failed
2 KB
2 yieldmo.com
ads.yieldmo.com
708 B
2 eqads.com
um2.eqads.com
563 B
2 adotmob.com
sync.adotmob.com
1 KB
2 criteo.net
static.criteo.net
51 KB
2 brand-display.com
dmp.brand-display.com
358 B
2 openx.net
spot-im-d.openx.net Failed
u.openx.net
880 B
2 revcontent.com
trends.revcontent.com
267 B
2 gumgum.com
rtb.gumgum.com
g2.gumgum.com
1 KB
2 turn.com
ad.turn.com
948 B
2 admedo.com
pool.admedo.com
785 B
2 adform.net
c1.adform.net
1 KB
2 simpli.fi
um.simpli.fi
1 KB
2 fiftyt.com
visitor.fiftyt.com
992 B
2 deepintent.com
match.deepintent.com
83 B
2 taboola.com
trc.taboola.com
match.taboola.com
560 B
2 1rx.io
sync.1rx.io
1 KB
2 smartadserver.com
rtb-csync.smartadserver.com
sync.smartadserver.com
163 B
2 contextweb.com
bh.contextweb.com
959 B
2 delivercdn.com
p.delivercdn.com
14 KB
2 erne.co
green.erne.co
496 B
2 quantserve.com
secure.quantserve.com
pixel.quantserve.com
9 KB
1 adroll.com
d.adroll.com
112 B
1 sonobi.com
sync.go.sonobi.com
474 B
1 aufp.io
aufp.io
3 KB
1 stackadapt.com
sync.srv.stackadapt.com
624 B
1 id5-sync.com
id5-sync.com
530 B
1 advangelists.com
nep.advangelists.com
233 B
1 omnitagjs.com
hb-api.omnitagjs.com
724 B
1 lijit.com
ap.lijit.com
758 B
1 playground.xyz
ads.playground.xyz
484 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 mathtag.com
sync.mathtag.com
680 B
1 semasio.net
uipglob.semasio.net
253 B
1 zeotap.com
mwzeom.zeotap.com
596 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 adgrx.com
cm.adgrx.com
408 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 de17a.com
d5p.de17a.com
134 B
1 sharethrough.com
match.sharethrough.com
262 B
1 idealmedia.io
cm.idealmedia.io
555 B
1 lentainform.com
cm.lentainform.com
623 B
1 rlcdn.com
di.rlcdn.com
api.rlcdn.com Failed
66 B
1 google.de
www.google.de
505 B
1 thrtle.com
thrtle.com
1 britepool.com
px.britepool.com
api.britepool.com Failed
650 B
1 ex.co
prd-collector-anon.ex.co
137 B
1 quantcount.com
rules.quantcount.com
357 B
1 cdninstagram.com
scontent-sjc3-1.cdninstagram.com
340 KB
1 playbuzz.com
mcd-sdk.playbuzz.com
181 KB
1 onesignal.com
cdn.onesignal.com
3 KB
1 kargo.com
socialcanvas-cdn.kargo.com
51 KB
1 ntv.io
s.ntv.io
103 KB
0 onetag-sys.com Failed
onetag-sys.com Failed
0 360yield.com Failed
ice.360yield.com Failed
0 w.org Failed
s.w.org Failed
583 108
Domain Requested by
75 perezhilton.com perezhilton.com
40 ads.stickyadstv.com 28 redirects player.aniview.com
ssum-sec.casalemedia.com
perezhilton.com
cdn.stickyadstv.com
29 track1.aniview.com perezhilton.com
player.aniview.com
27 vid.pubmatic.com player.aniview.com
22 cm.g.doubleclick.net 17 redirects perezhilton.com
19 s2s.aniview.com player.aniview.com
14 x.bidswitch.net 14 redirects
12 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
ssum.casalemedia.com
um2.eqads.com
12 simage2.pubmatic.com image6.pubmatic.com
ads.pubmatic.com
11 match.adsrvr.org 6 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
player.spotim.market
11 jadserve.postrelease.com 1 redirects s.ntv.io
perezhilton.com
10 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
perezhilton.com
9 ssum-sec.casalemedia.com 3 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
8 ids.ad.gt 1 redirects
8 search.spotxchange.com player.aniview.com
8 secure.adnxs.com 3 redirects acdn.adnxs.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
8 image2.pubmatic.com 2 redirects image6.pubmatic.com
ads.pubmatic.com
8 eus.rubiconproject.com cm.mgid.com
eus.rubiconproject.com
player.aniview.com
hb.brainlyads.com
cdn.undertone.com
8 ib.adnxs.com 4 redirects player.spotim.market
p.delivercdn.com
hb.brainlyads.com
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
7 ads.pubmatic.com perezhilton.com
launcher.spot.im
ads.pubmatic.com
player.aniview.com
7 fonts.gstatic.com fonts.googleapis.com
6 c.amazon-adsystem.com hb.brainlyads.com
c.amazon-adsystem.com
6 vop.sundaysky.com 6 redirects
6 cdn.stickyadstv.com player.aniview.com
cdn.stickyadstv.com
6 js-sec.indexww.com player.aniview.com
ssum-sec.casalemedia.com
hb.brainlyads.com
6 sync.search.spotxchange.com 5 redirects perezhilton.com
6 s-img.mgid.com perezhilton.com
6 widget.yappaapp.com comments.yappaapp.com
widget.yappaapp.com
6 www.google.com perezhilton.com
www.gstatic.com
www.google.com
5 fastlane.rubiconproject.com player.spotim.market
hb.brainlyads.com
5 match.prod.bidr.io 5 redirects
5 hb.spotim.market player.spotim.market
5 ups.analytics.yahoo.com 4 redirects perezhilton.com
5 securepubads.g.doubleclick.net www.googletagservices.com
perezhilton.com
rumcdn.geoedge.be
5 cm.mgid.com jsc.mgid.com
perezhilton.com
5 gum.criteo.com 2 redirects static.criteo.net
5 quantcast.mgr.consensu.org perezhilton.com
quantcast.mgr.consensu.org
5 www.googletagmanager.com perezhilton.com
www.googletagmanager.com
powerad.ai
widget.yappaapp.com
5 fonts.googleapis.com perezhilton.com
4 report.hb.brainlyads.com hb.brainlyads.com
4 1f2e7.v.fwmrm.net 4 redirects
4 dpm.demdex.net 3 redirects ssum-sec.casalemedia.com
4 sync.aniview.com player.aniview.com
ssum.casalemedia.com
4 sync-tm.everesttech.net 4 redirects
4 pr-bh.ybp.yahoo.com ads.pubmatic.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
4 a.tribalfusion.com 1 redirects perezhilton.com
4 ghb.adtelligent.com p.delivercdn.com
player.spotim.market
4 pixel-sync.sitescout.com 4 redirects
4 market-dev.s-onetag.com perezhilton.com
4 mug.criteo.com perezhilton.com
4 i3.ytimg.com perezhilton.com
4 api-2-0.spot.im launcher.spot.im
4 hb.brainlyads.com powerad.ai
perezhilton.com
4 reporting.powerad.ai powerad.ai
4 comments.yappaapp.com 1 redirects widget.yappaapp.com
4 www.instagram.com 2 redirects perezhilton.com
platform.instagram.com
3 a.volvelle.tech 3 redirects
3 7e1d5.v.fwmrm.net 3 redirects
3 sync.ipredictive.com 3 redirects
3 acdn.adnxs.com p.delivercdn.com
hb.brainlyads.com
3 c2shb.ssp.yahoo.com player.spotim.market
3 htlb.casalemedia.com player.aniview.com
player.spotim.market
3 p4dt2-x71s7.ads.tremorhub.com player.aniview.com
3 ad4m.at image6.pubmatic.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
3 player.aniview.com static-cdn.spot.im
player.aniview.com
3 secure-assets.rubiconproject.com 3 redirects
3 player.spotim.market perezhilton.com
player.spotim.market
3 rumcdn.geoedge.be launcher.spot.im
rumcdn.geoedge.be
player.spotim.market
3 pixel.advertising.com 2 redirects player.aniview.com
3 sync.spotim.market perezhilton.com
ads.pubmatic.com
3 sb.scorecardresearch.com 1 redirects jsc.mgid.com
perezhilton.com
3 www.googletagservices.com perezhilton.com
hb.brainlyads.com
3 publisher-assets.spot.im launcher.spot.im
perezhilton.com
3 www.gstatic.com www.google.com
2 www.facebook.com connect.facebook.net
2 u.openx.net 2 redirects
2 connect.facebook.net p.ad.gt
connect.facebook.net
2 as-sec.casalemedia.com hb.brainlyads.com
2 ads.yieldmo.com hb.brainlyads.com
2 um2.eqads.com 1 redirects ssum.casalemedia.com
2 sync.adotmob.com 2 redirects
2 static.criteo.net player.spotim.market
static.criteo.net
2 dmp.brand-display.com ssum-sec.casalemedia.com
ssum.casalemedia.com
2 bidder.criteo.com player.spotim.market
p.delivercdn.com
2 trends.revcontent.com player.spotim.market
2 ssum.casalemedia.com 1 redirects player.aniview.com
2 token.rubiconproject.com perezhilton.com
eus.rubiconproject.com
2 ad.turn.com 2 redirects
2 pool.admedo.com 2 redirects
2 c1.adform.net 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 visitor.fiftyt.com 2 redirects
2 match.deepintent.com image6.pubmatic.com
ssum-sec.casalemedia.com
2 sync.1rx.io 2 redirects
2 bh.contextweb.com 2 redirects
2 go1.aniview.com player.aniview.com
2 sync.adtelligent.com s.adtelligent.com
perezhilton.com
2 image6.pubmatic.com ads.pubmatic.com
2 p.delivercdn.com rumcdn.geoedge.be
p.delivercdn.com
2 creativecdn.com 1 redirects perezhilton.com
2 green.erne.co 2 redirects
2 static-cdn.spot.im launcher.spot.im
2 onetag-geo.s-onetag.com get.s-onetag.com
signal-beacon.s-onetag.com
2 stats.g.doubleclick.net www.google-analytics.com
2 cdn.mgid.com perezhilton.com
2 embed.yappaapp.com perezhilton.com
comments.yappaapp.com
2 powerad.ai perezhilton.com
powerad.ai
1 d.adroll.com 1 redirects
1 pixel.rubiconproject.com cdn.undertone.com
1 cdn.undertone.com hb.brainlyads.com
1 pixels.ad.gt p.ad.gt
1 sync.go.sonobi.com
1 sync.smartadserver.com
1 p.ad.gt a.ad.gt
1 aufp.io a.ad.gt
1 hb.undertone.com hb.brainlyads.com
1 a.ad.gt perezhilton.com
1 signal-metrics-collector-beta.s-onetag.com signal-beacon.s-onetag.com
1 connect-metrics-collector.s-onetag.com get.s-onetag.com
1 sync.srv.stackadapt.com 1 redirects
1 pix.spot.im launcher.spot.im
1 id5-sync.com player.spotim.market
1 nep.advangelists.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 prebid-eu.creativecdn.com p.delivercdn.com
1 hbopenbid.pubmatic.com player.spotim.market
1 hb-api.omnitagjs.com player.spotim.market
1 g2.gumgum.com player.spotim.market
1 ap.lijit.com player.spotim.market
1 rtb.gumgum.com 1 redirects
1 ads.playground.xyz 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 pixel.quantserve.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 sync.mathtag.com 1 redirects
1 aud.pubmatic.com ads.pubmatic.com
1 uipglob.semasio.net ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 match.taboola.com image6.pubmatic.com
1 trc.taboola.com 1 redirects
1 s.tribalfusion.com image6.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 cm.adgrx.com image6.pubmatic.com
1 rtb-csync.smartadserver.com image6.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com image6.pubmatic.com
1 d5p.de17a.com image6.pubmatic.com
1 player.adtelligent.com player.spotim.market
1 s.adtelligent.com rumcdn.geoedge.be
1 onetag-geo-grouping.s-onetag.com signal-beacon.s-onetag.com
1 audit-tcfv2.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 match.sharethrough.com perezhilton.com
1 cm.idealmedia.io perezhilton.com
1 cm.lentainform.com perezhilton.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 di.rlcdn.com perezhilton.com
1 www.google.de perezhilton.com
1 test.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 thrtle.com perezhilton.com
1 px.britepool.com 1 redirects
1 get.s-onetag.com perezhilton.com
1 servicer.mgid.com jsc.mgid.com
1 prd-collector-anon.ex.co mcd-sdk.playbuzz.com
1 rules.quantcount.com secure.quantserve.com
1 events-collector.spot.im launcher.spot.im
1 direct-events-collector.spot.im launcher.spot.im
1 scontent-sjc3-1.cdninstagram.com perezhilton.com
1 secure.quantserve.com quantcast.mgr.consensu.org
1 mcd-sdk.playbuzz.com perezhilton.com
1 cdn.onesignal.com perezhilton.com
1 launcher.spot.im perezhilton.com
1 jsc.mgid.com perezhilton.com
1 platform.instagram.com 1 redirects
1 socialcanvas-cdn.kargo.com perezhilton.com
1 s.ntv.io perezhilton.com
0 usr.undertone.com Failed cdn.undertone.com
0 onetag-sys.com Failed p.delivercdn.com
0 ice.360yield.com Failed player.spotim.market
p.delivercdn.com
0 spot-im-d.openx.net Failed player.spotim.market
0 prebid-us.creativecdn.com Failed player.spotim.market
0 api.rlcdn.com Failed ads.pubmatic.com
0 api.britepool.com Failed ads.pubmatic.com
0 s.w.org Failed perezhilton.com
583 185
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-08 -
2021-08-08		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-01-25 -
2022-02-01		 a year crt.sh
*.powerad.ai
Go Daddy Secure Certificate Authority - G2		 2020-10-12 -
2021-10-12		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.kargo.com
Amazon		 2020-07-27 -
2021-08-27		 a year crt.sh
*.www.instagram.com
DigiCert SHA2 High Assurance Server CA		 2021-03-03 -
2021-06-01		 3 months crt.sh
*.spot.im
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2020-11-26 -
2021-11-30		 a year crt.sh
yappaapp.com
Cloudflare Inc ECC CA-3		 2020-07-02 -
2021-07-02		 a year crt.sh
www.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
quantcast.mgr.consensu.org
Amazon		 2021-04-24 -
2022-05-23		 a year crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-26		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.playbuzz.com
Go Daddy Secure Certificate Authority - G2		 2019-07-08 -
2021-09-10		 2 years crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.instagram.com
DigiCert SHA2 High Assurance Server CA		 2021-03-21 -
2021-06-19		 3 months crt.sh
hb.brainlyads.com
Go Daddy Secure Certificate Authority - G2		 2020-11-23 -
2021-12-25		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2020-12-27 -
2022-01-28		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.s-onetag.com
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
*.thrtle.com
Go Daddy Secure Certificate Authority - G2		 2020-03-22 -
2021-05-21		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
www.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
sync.spotim.market
R3		 2021-04-06 -
2021-07-05		 3 months crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-22 -
2021-09-15		 6 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
rumcdn.geoedge.be
Amazon		 2020-10-02 -
2021-11-03		 a year crt.sh
player.spotim.market
R3		 2021-03-02 -
2021-05-31		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.sharethrough.com
Amazon		 2020-09-09 -
2021-10-11		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
p.delivercdn.com
R3		 2021-03-26 -
2021-06-24		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-04-07 -
2021-07-06		 3 months crt.sh
hb.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2021-04-11 -
2021-07-10		 3 months crt.sh
*.adtelligent.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-28 -
2021-11-27		 a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-02-23 -
2022-02-27		 a year crt.sh
sync.adtelligent.com
R3		 2021-04-06 -
2021-07-05		 3 months crt.sh
ghb.adtelligent.com
R3		 2021-03-07 -
2021-06-05		 3 months crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA		 2020-11-25 -
2021-12-25		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-03-01 -
2021-08-24		 6 months crt.sh
ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-11-17		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
*.tremorhub.com
Amazon		 2020-07-25 -
2021-08-25		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
revcontent.com
Amazon		 2020-07-08 -
2021-08-08		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.gumgum.com
Amazon		 2020-07-03 -
2021-08-03		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-18 -
2021-09-08		 6 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-18 -
2021-06-18		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.brand-display.com
GeoTrust RSA CA 2018		 2020-06-24 -
2022-06-24		 2 years crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
um3.eqads.com
Amazon		 2020-07-24 -
2021-08-24		 a year crt.sh
*.id5-sync.com
R3		 2021-03-23 -
2021-06-21		 3 months crt.sh
*.stickyadstv.com
DigiCert SHA2 High Assurance Server CA		 2019-11-25 -
2022-02-18		 2 years crt.sh
*.ad.gt
Amazon		 2020-07-07 -
2021-08-07		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.yieldmo.com
Amazon		 2020-06-23 -
2021-07-23		 a year crt.sh
*.undertone.com
Amazon		 2020-11-03 -
2021-12-02		 a year crt.sh
report.hb.brainlyads.com
R3		 2021-03-01 -
2021-05-30		 3 months crt.sh
aufp.io
Amazon		 2020-12-26 -
2022-01-24		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh

This page contains 56 frames:

Primary Page: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Frame ID: D2C3EB24080A6DFBFD2ABCDCB44C60D7
Requests: 351 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Frame ID: 65E1B7DAF82335993B556C9C13E88A94
Requests: 13 HTTP requests in this frame

Frame: https://widget.yappaapp.com/?url=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&content-id=&disable-ads=false
Frame ID: 4ECD57F38FF65B0173D59C4675EA3424
Requests: 11 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lel6LwZAAAAAOWBQsyuijMbyGWGbJCfx8DOYNnc&co=aHR0cHM6Ly9wZXJlemhpbHRvbi5jb206NDQz&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=invisible&cb=s3qye3pveeya
Frame ID: 5515252425E120B3835561515F50B27B
Requests: 6 HTTP requests in this frame

Frame: https://www.instagram.com/accounts/login/
Frame ID: AA1192766D7CB80BDA0EF5EC2AADD24C
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=161929569185015096385
Frame ID: 196A5C5E533AA7EC790FF5B5FBB473B1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: A67E4AD0D75DCE200C0412A55FD6006D
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Frame ID: 3B72F88542F4C29DF20DB29A335A3426
Requests: 38 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 6FF3314F921EDC514699429C1CD4CBBB
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: CAEE95F492E3D49840D6658C687F13F5
Requests: 25 HTTP requests in this frame

Frame: https://p.delivercdn.com/prebidlink/18741/j.html?i=6864
Frame ID: 6B2EAE680933CA3D1D73FECBB8527A82
Requests: 10 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=572165
Frame ID: AEAE0871787C7BA699250B517D8705F0
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Frame ID: 52F440185D17F4C1000FCFD9E11CA85B
Requests: 2 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 83A7B1D03DF2100CA319F8080CD837E3
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 31CF702D3A5B02B56896BFBA87E36207
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6954822044008904848
Frame ID: 7F1374939CEB95D17F6A44A75B808414
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAETRk7BCPwAACnK6UvnwA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Frame ID: B5F6E34CF473126E529C5DBB5B762F4D
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 198823BA99DEEEF5C350B14A91128DBA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Y9EkSGPhVbZw0GjeEow0Wsml
Frame ID: B8DAAB0A8BD0619741C22ED9B30C6A78
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5cec51e5-52d2-4cfe-9bc9-89ab01ba53e3-003
Frame ID: 77296760328A3EF58FE1BB59A95B2474
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: B264E0107BB40998B65DEBCA7A4118A6
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 9DF3752F87777E6001BA668C1D24C515
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=d1DIBUYopJ31&pid=557219
Frame ID: E5A7F7A0F3ABC06721D019C8573FDF17
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3764d166-5f4d-4127-811a-b85ca6f4d682-tuct77e034e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: AF9ABD0D057613882F1A7D3C6311FEFA
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Frame ID: 525F4087BB0D032B8DCC45CA0D35680A
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=281178&extuid=15A37826-A991-4168-A89E-1E36D7193DE7
Frame ID: 777A08351D085F199A67F86EC2FEAA2A
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1619295693899-998406242191-020775-010-000380&biddername=55&key=7962826482425836735
Frame ID: 0E4758818BF626689A6C3B746A02981D
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D42%26key%3D&C=1
Frame ID: 2C9E01A1AE585F0CBD1A0B60442B734D
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D1%26key%3D
Frame ID: F05B821C1DD3752B4387A0690E6D03EA
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1619295693899-998406242191-020775-010-000380&biddername=2&key=a9cf5301-a53a-11eb-8086-191344880506
Frame ID: 767D790A05426C66CBC666626E62E261
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Frame ID: 4E2DD82AA32AEF72BAC8C04D1425F022
Requests: 3 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1619295693899-998406242191-020775-010-000380&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
Frame ID: B4BBA22E02D39D4D66F3B1C7C2B6F7F9
Requests: 1 HTTP requests in this frame

Frame: https://pixel.advertising.com/ups/58268/sync?&gdpr=1&gdpr_consent=&redir=true
Frame ID: 58D146E5610CCC352CEBCC7E114AF907
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: EF1E4F87324B62A1FA431EC38BBEF105
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 29BDFBAE4C3BAC4195CE9AC5BE168844
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: A2CCD84C61D71EBEE2A13AAD92CB70D6
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: F44C6F9BB34B81601B2DE97092AB4113
Requests: 2 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 64ED084D033A99F1A7965F24D8D0A5BD
Requests: 2 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 24A490CD2B15156E1D2BF245E7A1040E
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 1C74C08ECE03DE25FD49FD3BAE8B1178
Requests: 6 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 4240D5425A34D107EE4ED242171F10EC
Requests: 6 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 71F098C53095DF6BCE7F33E8D31D79F5
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=perezhilton.com&gdpr=1&gdpr_consent=
Frame ID: EAD0655C2F154AD5546ACD1D9423866D
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/json-parts/2283/?ver=1.0&pageId=1620440609&sizes=[[728,90]]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/%22],[%22referrer%22,%22%22]]
Frame ID: CE42B36C8FAEA99E9FAB1E178E1DB992
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/json-parts/1642/?ver=1.0&pageId=1620440609&sizes=[[300,600],[160,600],[120,600]]&winbidder=&keyValues=[[%22refresh%22,0]]
Frame ID: B4241B3B52278A3C740E3A51AA5DD608
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 5908791310EA4DD0BDD6070777ADBCC6
Requests: 5 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: A2BCAEC23417D463ADA5270A9AE82D94
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 35C4ED260082B777A9B934772F36E8D8
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 09C685D67A96C8A1CE08F3C424FEEE9D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 6A9481077E770D9FC825C7F99C0F3FCF
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8EC013C4E109288043288F9D97B2631D
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 336E9931C981A638E28B3A2368ED69A6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: 2BBF7A020FDC16F1511E71B4FCDE423D
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 162F2B9B6A73F1036F7DC68D2474B245
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 3CA7DAC3BAF3BB4449A79D60630FDB86
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: CA9481C2F45A4E6694405A13C6A4811A
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • script /\/wp-(?:content|includes)\//i
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/prebid\.js/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

583
Requests

93 %
HTTPS

27 %
IPv6

108
Domains

185
Subdomains

130
IPs

10
Countries

6847 kB
Transfer

15679 kB
Size

64
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://platform.instagram.com/en_US/embeds.js HTTP 301
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Request Chain 14
  • https://comments.yappaapp.com/embed/yappa-comments.js HTTP 301
  • https://embed.yappaapp.com/yappa-comments.js
Request Chain 121
  • https://jadserve.postrelease.com/ce.gif?do=gci&fpd=perezhilton.com&ntv_it HTTP 302
  • https://perezhilton.com/ntv-ce-sync/-1401875664/?id=000000&o=1&s=2&do=syn
Request Chain 124
  • https://www.instagram.com/p/WsspMAuS2A/embed/captioned/?cr=1&v=13&wp=640&rd=https%3A%2F%2Fperezhilton.com&rp=%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F HTTP 302
  • https://www.instagram.com/accounts/login/
Request Chain 128
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fperezhilton.com%2F&domain=perezhilton.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=fX4olXx6V0d6c09OcGg5Yk5BeFdhb21RWkVtbWltTVBmU1ZJQWZIVXA5dkxwdDdXZ2UveFVBUHRyN2psY2R5ei9ZWVZJWEJUTG5uYnVBVCtBUU1HRmRZVlB3MnpTVm01clByOGVYMzBWVEpabHZWK2hjeFozVFluanNLdzY2bUp3S0ZrRUdpYzh4Qm8va1NOWGNXKzNxTk5DUkg4ZkNwbjc0a2FjWDlwUFhuK0VZZlFPNkt5ZWNqL3pzTjhBZGhvalAvZm9neDBTdkNwbTlVM2o2YXUzbzI1QlVUYWZMWGVraEMybHJIR2VFL1ZDdFdvPXw&cppv=2
Request Chain 132
  • https://px.britepool.com/new?partner_id=t HTTP 302
  • https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=d67dedd7-414e-46e3-82d3-b1a0df5ecf50
Request Chain 171
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D271858%2526extuid%253D%2524UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=8181359259227230873
Request Chain 172
  • https://sync.search.spotxchange.com/partner?source=211945 HTTP 302
  • https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=a8c309fa-a53a-11eb-b42c-1a404fd50306
Request Chain 173
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPa8b28511-a53a-11eb-83f2-02785469d8c6 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPa8b28511-a53a-11eb-83f2-02785469d8c6&verify=true
Request Chain 174
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=a8f8355c-a53a-11eb-bfb6-132476d60406 HTTP 302
  • https://sync.spotim.market/csync/?t=a&ep=301276&extuid=a8f8351e-a53a-11eb-bfb6-132476d60406
Request Chain 195
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Request Chain 198
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l3ov1LLMv6ld HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l3ov1LLMv6ld HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=33dbfaa4-66e3-4d72-afc0-0af2fa72c13d&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Request Chain 199
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDNvdjFMTE12Nmxk&muidn=l3ov1LLMv6ld HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDNvdjFMTE12Nmxk&muidn=l3ov1LLMv6ld&google_tc= HTTP 302
  • https://cm.mgid.com/google?muidn=l3ov1LLMv6ld&google_ula={guid},5&google_gid=CAESEN9lqrldQmoSsZ7tL9zYMBs&google_cver=1
Request Chain 200
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
  • https://cm.mgid.com/m?cdsp=371158&c=de95517e-4e1b-49ba-8eef-27359a05f9a3&ttl=1621887692
Request Chain 201
  • https://x.bidswitch.net/sync?ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=Y9EkSGPhVbZw0GjeEow0Wsml&ssp=mgid HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=270&expires=10&user_id=Y9EkSGPhVbZw0GjeEow0Wsml&ssp=mgid HTTP 302
  • https://cm.mgid.com/m?cdsp=433145&c=b8512af5-b7bd-4f8e-b480-6fafde8685e2&gdpr=&gdpr_consent=&us_privacy=
Request Chain 202
  • https://creativecdn.com/cm-notify?pi=mgid HTTP 302
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1
Request Chain 207
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1619295692658&ns_c=UTF-8&cv=3.5&c8=Salon%20Owner%20Charged%20After%20Two%20Clients%20Contract%20HIV%20From%20A%20%E2%80%98Vampire%20Facial%E2%80%99!%20-%20Perez%20Hilton&c7=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1619295692658&ns_c=UTF-8&cv=3.5&c8=Salon%20Owner%20Charged%20After%20Two%20Clients%20Contract%20HIV%20From%20A%20%E2%80%98Vampire%20Facial%E2%80%99!%20-%20Perez%20Hilton&c7=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&c9=
Request Chain 234
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
Request Chain 241
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6954822044008904848
Request Chain 242
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFVFJrN0JDUHdBQUNuSzZVdm53QQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFVFJrN0JDUHdBQUNuSzZVdm53QQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1&google_tc= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAETRk7BCPwAACnK6UvnwA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAETRk7BCPwAACnK6UvnwA&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAETRk7BCPwAACnK6UvnwA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Request Chain 244
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Y9EkSGPhVbZw0GjeEow0Wsml
Request Chain 245
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4708793126 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/de95517e-4e1b-49ba-8eef-27359a05f9a3 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-5cec51e5-52d2-4cfe-9bc9-89ab01ba53e3-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-5cec51e5-52d2-4cfe-9bc9-89ab01ba53e3-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5cec51e5-52d2-4cfe-9bc9-89ab01ba53e3-003
Request Chain 247
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 248
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=d1DIBUYopJ31&pid=557219
Request Chain 249
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3764d166-5f4d-4127-811a-b85ca6f4d682-tuct77e034e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 252
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FaN4JqmRQWionh421xk95w%3D%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FaN4JqmRQWionh421xk95w%3D%3D&google_tc= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 255
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=15A37826-A991-4168-A89E-1E36D7193DE7&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=15A37826-A991-4168-A89E-1E36D7193DE7&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=15A37826-A991-4168-A89E-1E36D7193DE7&addseg=21
Request Chain 256
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTVBMzc4MjYtQTk5MS00MTY4LUE4OUUtMUUzNkQ3MTkzREU3&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTVBMzc4MjYtQTk5MS00MTY4LUE4OUUtMUUzNkQ3MTkzREU3&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBNf17irN2OSnP32JKsQPes&google_cver=1
Request Chain 259
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=de95517e-4e1b-49ba-8eef-27359a05f9a3
Request Chain 260
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=363877213540098050
Request Chain 261
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:21676084-7dd0-4600-846a-ede0a2f43f77&gdpr=0&gdpr_consent=
Request Chain 262
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7962826482425836735&gdpr=0&gdpr_consent=
Request Chain 264
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=15A37826-A991-4168-A89E-1E36D7193DE7&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-P8yGQ0FE2uXUYqSKNlfkly8RpM.DhZg-~A&gdpr=0&gdpr_consent=
Request Chain 265
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=b8512af5-b7bd-4f8e-b480-6fafde8685e2 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=b8512af5-b7bd-4f8e-b480-6fafde8685e2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=3e473953-e7c2-4470-98a9-c8ced8bc82fc&user_group=1&ssp=pubmatic&bsw_param=b8512af5-b7bd-4f8e-b480-6fafde8685e2 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b8512af5-b7bd-4f8e-b480-6fafde8685e2&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 266
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PuCRtT-0yuUlsZG1POiEsWnhkbgl6Zm4MOX23k_8
Request Chain 267
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3930141244502956213&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 268
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YIR9zgAAby6y9wAC HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIR9zgAAby6y9wAC&gdpr=0&gdpr_consent=&_test=YIR9zgAAby6y9wAC
Request Chain 269
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:e177c3ec-0bf9-4c60-8e77-84024b07186c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 270
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 272
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7962826482425836735
Request Chain 273
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2ea32158-1114-4ddf-92ea-a9a7601d826c
Request Chain 280
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D55%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1619295693899-998406242191-020775-010-000380&biddername=55&key=7962826482425836735
Request Chain 281
  • https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D42%26key%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D42%26key%3D&C=1
Request Chain 283
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D2%26key%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D2%26key%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=a9cf5336-a53a-11eb-8086-191344880506 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1619295693899-998406242191-020775-010-000380&biddername=2&key=a9cf5301-a53a-11eb-8086-191344880506
Request Chain 284
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Request Chain 285
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D72%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BuserId%7D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1619295693899-998406242191-020775-010-000380&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
Request Chain 309
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
Request Chain 318
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fperezhilton.com%2F&domain=perezhilton.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=mNNhtnxwdFY1dTJCVWE1Z2hzS01oM3JIdm92NlZFNjFzTUxIazV0bkdZempmcG9KbGt1bVhuSWV5c28xMHFoa3NQMW9RcE5wVFJjOW9FNllubUpVRmxseVNYUllUeUdZN1k5SjhCekwyeklQRmJlbFo3WDhhUHlrREJ6dW1HUFF2bUIrTEw1MS81bWt1akNOa1VrNXFTZHkyNlVxRFlib0FqZEFDblJ5Mk01aCtlYkNzcEFQRzdWdTUySEgvWUw2MFE2eEFEbEgzVEM5SmxJYWovMVNua0ZLNThBRU8rVitmemhuQnFuSnJGdnJXS0E0PXw&cppv=2
Request Chain 348
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 350
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YIR90GoS1NI1hoTESwKCFAAABIgAAAAB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDF8px5n25nEc-D8q-zBi1Y&google_cver=1
Request Chain 351
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIR90GoS1NI1hoTESwKCFAAABIgAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIR90GoS1NI1hoTESwKCFAAABIgAAAAB&dcc=t
Request Chain 353
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YIR90GoS1NI1hoTESwKCFAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIRxqTH6mkNA-eUDRFidb14&google_cver=1
Request Chain 355
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-9e1343fc-62ee-4bb9-8592-d354b986fee1
Request Chain 356
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=YIR90GoS1NI1hoTESwKCFAAA%261160 HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=302c4a9f28511ef04cc256ae0c42fb5&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&34673=YIR90GoS1NI1hoTESwKCFAAA%261160 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g100_6954822056874330276 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=de95517e-4e1b-49ba-8eef-27359a05f9a3 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/302c4a9f28511ef04cc256ae0c42fb5&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-qHNvsKRE2oOfMvADcUVtwfygJl.bnBIVP6fhUlkt~A HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=7962826482425836735 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=20a76084-7dd0-4100-a3ed-4da25942f8e3&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=tUJyBPrE1LAoMy5&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAETRk7BCPwAACnK6UvnwA&gdpr=0 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YIR9zgAAby6y9wAC&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=6154775849588494842
Request Chain 357
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YIR90GoS1NI1hoTESwKCFAAA%261160 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YIR90GoS1NI1hoTESwKCFAAA%261160
Request Chain 367
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAETRk7BCPwAACnK6UvnwA&expiration=1620505297&gdpr=1
Request Chain 368
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YIR90X-t-YufiQktn5vrKwAABIgAAAAB HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YIR90X-t-YufiQktn5vrKwAABIgAAAAB
Request Chain 370
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06262204001249a0f46a217b&expiration=[EXPIRATION]&gdpr=1
Request Chain 373
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 383
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
  • https://ad.turn.com/r/cs?pid=34&gdpr=1&gdpr_consent=null&gdpr=1&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=3930141244502956213 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D721%26userId%3D%7BuserId%7D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=721&userId=no-consent HTTP 302
  • https://sync.adotmob.com/cookie/stickyads?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=257&userId=06262204001249a0f46a217b&gdpr=0&gdprConsent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=2089911&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=aec58b1b-a53a-11eb-ba59-17e3a23ecc4a HTTP 302
  • https://7e1d5.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D993%26userId%3d%23%7buser.id%7d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=993&userId=g100_6954822056874330276 HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?dsp_user_mapping=true&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D849&1501=06262204001249a0f46a217b&171=3930141244502956213&23329=tUJyBPrE1LAoMy5&25522=no-consent&25746=aed96149-a53a-11eb-bd89-6b8ad9c889b9&26913=AAETRk7BCPwAACnK6UvnwA&45=YIR9zgAAby6y9wAC&529=20a76084-7dd0-4100-a3ed-4da25942f8e3&617=6154775849588494842&717=y-qHNvsKRE2oOfMvADcUVtwfygJl.bnBIVP6fhUlkt%7EA&892=de95517e-4e1b-49ba-8eef-27359a05f9a3&951=7962826482425836735 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=849 HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&_cvt=t HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=609&userId=d6.aada98b43aa74d0a81dd3f9b009cb8f5 HTTP 302
  • https://x.bidswitch.net/sync?ssp=stickyads&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=stickyads HTTP 302
  • https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=stickyads HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=8bbc1caa-9baf-4e6a-8017-f96106195627&ssp=stickyads HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=204&userId=b8512af5-b7bd-4f8e-b480-6fafde8685e2
Request Chain 387
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=3930141244502956213 HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=5518897&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=aeb648e2-a53a-11eb-bd54-dda18c63c291 HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?dsp_user_mapping=true&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D849&1501=06262204001249a0f46a217b&171=3930141244502956213&23329=tUJyBPrE1LAoMy5&25522=no-consent&25746=aeb648e2-a53a-11eb-bd54-dda18c63c291&26913=AAETRk7BCPwAACnK6UvnwA&45=YIR9zgAAby6y9wAC&529=20a76084-7dd0-4100-a3ed-4da25942f8e3&617=6154775849588494842&717=y-qHNvsKRE2oOfMvADcUVtwfygJl.bnBIVP6fhUlkt%7EA&892=de95517e-4e1b-49ba-8eef-27359a05f9a3&951=7962826482425836735 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=849 HTTP 302
  • https://7e1d5.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D993%26userId%3d%23%7buser.id%7d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=993&userId=g100_6954822056874330276 HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?dsp_user_mapping=true&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D849&1501=06262204001249a0f46a217b&171=3930141244502956213&23329=tUJyBPrE1LAoMy5&25522=no-consent&25746=aed96149-a53a-11eb-bd89-6b8ad9c889b9&26913=AAETRk7BCPwAACnK6UvnwA&45=YIR9zgAAby6y9wAC&529=20a76084-7dd0-4100-a3ed-4da25942f8e3&617=6154775849588494842&717=y-qHNvsKRE2oOfMvADcUVtwfygJl.bnBIVP6fhUlkt%7EA&892=de95517e-4e1b-49ba-8eef-27359a05f9a3&951=7962826482425836735 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=849 HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&_cvt=t HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=609&userId=d6.51d8926b3aa24c8f8d2d21231fd07db7 HTTP 302
  • https://x.bidswitch.net/sync?ssp=stickyads&gdpr=0&gdpr_consent= HTTP 302
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=stickyads HTTP 302
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=stickyads HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=afcc440a-491a-480c-832f-ad9c1baa9e48&ssp=stickyads HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=204&userId=b8512af5-b7bd-4f8e-b480-6fafde8685e2 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b25&u=302c4a9f28511ef04cc256ae0c42fb5&gdpr=0&gdpr_consent=&redirect=https%3A//ads.stickyadstv.com/user-registering%3FdataProviderId%3D977%26userId%3D%24TF_USER_ID_ENC%24
Request Chain 390
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzAyYzRhOWYyODUxMWVmMDRjYzI1NmFlMGM0MmZiNQ==&gdpr=0&gdpr_consent=
Request Chain 391
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=302c4a9f28511ef04cc256ae0c42fb5&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 394
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzAyYzRhOWYyODUxMWVmMDRjYzI1NmFlMGM0MmZiNQ==&gdpr=0&gdpr_consent=
Request Chain 396
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=302c4a9f28511ef04cc256ae0c42fb5&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 423
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=4360047&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=1&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=aecb30ef-a53a-11eb-bd54-dda18c63c291 HTTP 302
  • https://7e1d5.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D993%26userId%3d%23%7buser.id%7d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=993&userId=g100_6954822056874330276 HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?dsp_user_mapping=true&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D849&1501=06262204001249a0f46a217b&171=3930141244502956213&23329=tUJyBPrE1LAoMy5&25522=no-consent&25746=aed96149-a53a-11eb-bd89-6b8ad9c889b9&26913=AAETRk7BCPwAACnK6UvnwA&45=YIR9zgAAby6y9wAC&529=20a76084-7dd0-4100-a3ed-4da25942f8e3&617=6154775849588494842&717=y-qHNvsKRE2oOfMvADcUVtwfygJl.bnBIVP6fhUlkt%7EA&892=de95517e-4e1b-49ba-8eef-27359a05f9a3&951=7962826482425836735 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=849 HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&_cvt=t HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=609&userId=d6.05787f263aa64a47966a6166e45204f9 HTTP 302
  • https://x.bidswitch.net/sync?ssp=stickyads&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=stickyads HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=hhEC4Wb_QSxa-itDcKoxIwX9zpQ&user_group=1&ssp=stickyads&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=204&userId=b8512af5-b7bd-4f8e-b480-6fafde8685e2 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b25&u=302c4a9f28511ef04cc256ae0c42fb5&gdpr=0&gdpr_consent=&redirect=https%3A//ads.stickyadstv.com/user-registering%3FdataProviderId%3D977%26userId%3D%24TF_USER_ID_ENC%24
Request Chain 427
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=2058008&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=aed96149-a53a-11eb-bd89-6b8ad9c889b9 HTTP 302
  • https://7e1d5.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D993%26userId%3d%23%7buser.id%7d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=993&userId=g100_6954822056874330276 HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?dsp_user_mapping=true&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D849&1501=06262204001249a0f46a217b&171=3930141244502956213&23329=tUJyBPrE1LAoMy5&25522=no-consent&25746=aed96149-a53a-11eb-bd89-6b8ad9c889b9&26913=AAETRk7BCPwAACnK6UvnwA&45=YIR9zgAAby6y9wAC&529=20a76084-7dd0-4100-a3ed-4da25942f8e3&617=6154775849588494842&717=y-qHNvsKRE2oOfMvADcUVtwfygJl.bnBIVP6fhUlkt%7EA&892=de95517e-4e1b-49ba-8eef-27359a05f9a3&951=7962826482425836735 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=849 HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&_cvt=t HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=609&userId=d6.a58ecb933aae44d8bec76b489730cce7 HTTP 302
  • https://x.bidswitch.net/sync?ssp=stickyads&gdpr=0&gdpr_consent= HTTP 302
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=stickyads HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=0&user_id=&ssp=stickyads HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=204&userId=b8512af5-b7bd-4f8e-b480-6fafde8685e2 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b25&u=302c4a9f28511ef04cc256ae0c42fb5&gdpr=0&gdpr_consent=&redirect=https%3A//ads.stickyadstv.com/user-registering%3FdataProviderId%3D977%26userId%3D%24TF_USER_ID_ENC%24
Request Chain 431
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzAyYzRhOWYyODUxMWVmMDRjYzI1NmFlMGM0MmZiNQ==&gdpr=0&gdpr_consent=
Request Chain 433
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=302c4a9f28511ef04cc256ae0c42fb5&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 435
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzAyYzRhOWYyODUxMWVmMDRjYzI1NmFlMGM0MmZiNQ==&gdpr=0&gdpr_consent=
Request Chain 437
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=302c4a9f28511ef04cc256ae0c42fb5&ex=freewheel.tv&gdpr=0&gdpr_consent=
Request Chain 536
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=3078499a-c220-4db0-9be3-5551b0657e7f&adnxs_id=$UID HTTP 302
  • https://ids.ad.gt/api/v1/match?id=3078499a-c220-4db0-9be3-5551b0657e7f&adnxs_id=484300030681540270
Request Chain 537
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=3078499a-c220-4db0-9be3-5551b0657e7f HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=3078499a-c220-4db0-9be3-5551b0657e7f HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=90e1a64a-ee12-4e34-854a-f98690a6ec4e&id=3078499a-c220-4db0-9be3-5551b0657e7f
Request Chain 538
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D3078499a-c220-4db0-9be3-5551b0657e7f HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D3078499a-c220-4db0-9be3-5551b0657e7f HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=F5CE1084-D981-4EE7-BB5A-C698BB77894F&id=3078499a-c220-4db0-9be3-5551b0657e7f
Request Chain 539
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=3078499a-c220-4db0-9be3-5551b0657e7f HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=3078499a-c220-4db0-9be3-5551b0657e7f&google_tc= HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=3078499a-c220-4db0-9be3-5551b0657e7f&google_gid=CAESEBAdlJ3_AwhbDjVG-3Ix0tQ&google_cver=1&google_ula=450542624,0
Request Chain 540
  • https://ids.ad.gt/api/v1/g_hosted?id=3078499a-c220-4db0-9be3-5551b0657e7f HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MzA3ODQ5OWEtYzIyMC00ZGIwLTliZTMtNTU1MWIwNjU3ZTdm
Request Chain 541
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=3078499a-c220-4db0-9be3-5551b0657e7f&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D3078499a-c220-4db0-9be3-5551b0657e7f HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=3078499a-c220-4db0-9be3-5551b0657e7f&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D3078499a-c220-4db0-9be3-5551b0657e7f HTTP 302
  • https://ids.ad.gt/api/v1/adb_match?adb=81340870076996171530840746490421546506&id=3078499a-c220-4db0-9be3-5551b0657e7f
Request Chain 551
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0300b69q6w07jv2yg08xizqr0bwpa1w0evvmq41k7cm960ome3m40ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91ayhfwi1elzfjf1hl5r1i1kkc2jl%26auid%3D3078499a-c220-4db0-9be3-5551b0657e7f HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0300b69q6w07jv2yg08xizqr0bwpa1w0evvmq41k7cm960ome3m40ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91ayhfwi1elzfjf1hl5r1i1kkc2jl%26auid%3D3078499a-c220-4db0-9be3-5551b0657e7f HTTP 302
  • https://ids.ad.gt/api/v1/openx?openx_id=c4998d24-198b-4750-b048-9b73891e5329&id=0300b69q6w07jv2yg08xizqr0bwpa1w0evvmq41k7cm960ome3m40ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91ayhfwi1elzfjf1hl5r1i1kkc2jl&auid=3078499a-c220-4db0-9be3-5551b0657e7f
Request Chain 561
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 562
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=484300030681540270
Request Chain 563
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=a6b4f366-90a8-44cf-8936-90e469cdbc7f
Request Chain 564
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb82a0651-a53a-11eb-8cd5-06f3176763d2 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb82a0651-a53a-11eb-8cd5-06f3176763d2&verify=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-MBpOm8pE2uEftgOq9D4vs8eqncxE9H3X~A~UPb82a0651-a53a-11eb-8cd5-06f3176763d2
Request Chain 565
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=90e1a64a-ee12-4e34-854a-f98690a6ec4e&ttl=1621887718
Request Chain 567
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=4833eb2c9129ecd367b6d898f4e993ee4d3e2d36
Request Chain 569
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 570
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 575
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YIR95p7F5nMVRqmmgC6lrAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOgna64ok2zUuLGC0ryceEM&google_cver=1
Request Chain 576
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YIR95p7F5nMVRqmmgC6lrAAABJ4AAAAB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEKGuczK4rwtrEPZKpFOfehs&google_cver=1
Request Chain 578
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIR95p7F5nMVRqmmgC6lrAAABJ4AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIR95p7F5nMVRqmmgC6lrAAABJ4AAAAB&dcc=t
Request Chain 579
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YIR95gAAba0mHgBg HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YIR95gAAba0mHgBg&gdpr=1&_test=YIR95gAAba0mHgBg
Request Chain 580
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 584
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YIR95p7F5nMVRqmmgC6lrgAABLoAAAIB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEKGuczK4rwtrEPZKpFOfehs&google_cver=1
Request Chain 586
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIR95p7F5nMVRqmmgC6lrgAABLoAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIR95p7F5nMVRqmmgC6lrgAABLoAAAIB&dcc=t
Request Chain 587
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YIR95p7F5nMVRqmmgC6lrgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOgna64ok2zUuLGC0ryceEM&google_cver=1
Request Chain 588
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0626220400620762df1992fd&expiration=[EXPIRATION]&gdpr=1
Request Chain 590
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YIR95p7F5nMVRqmmgC6lrgAABLoAAAIB HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YIR95p7F5nMVRqmmgC6lrgAABLoAAAIB
Request Chain 591
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=9A9F10FE157E46E693EE78BF22BC94CC&gdpr=1

583 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/ 		128 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6881530bd6ad594c51f17b893b3ec928af01cc14220a6f6efea9e978ee9a1d3b

Request headers

:method
GET
:authority
perezhilton.com
:scheme
https
:path
/salon-owner-charged-clients-contract-hiv-vampire-facials/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; expires=Mon, 24-May-21 20:21:29 GMT; path=/; domain=.perezhilton.com; HttpOnly; SameSite=Lax; Secure ntv_as_opt_out=1; Domain=.perezhilton.com; Expires=Sun Apr 24 2022 20:21:29 GMT+0000 (Coordinated Universal Time); Path=/; Secure; ntv_ce_visitor=3fb62f36-ff14-4b28-933a-8784e491b840; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
cf-ray
645209c9e98d5470-LHR
cache-control
private, max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires
Mon, 1 Jan 1990 12:00:00 GMT
link
<https://perezhilton.com/wp-json/>; rel="https://api.w.org/", <https://perezhilton.com/wp-json/wp/v2/posts/822756>; rel="alternate"; type="application/json", <https://perezhilton.com/?p=822756>; rel=shortlink
cf-cache-status
DYNAMIC
cf-request-id
09a724722c0000547091345000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma
no-cache
x-ntv-te
815 c:815 a:66
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
x-pingback
https://perezhilton.com/xmlrpc.php
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5LzA%2Ftf9E0eMWxIMnAT8vKGFl3CDAPpJIKJIrkfmEER5ToU%2FQML18a9OwcPnqOZOmeezJeRmcfaO4RIjpm1zgNxkrgDKwOVCCs3ryrQm%2BfQ%3D"}]}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
content-encoding
br
css
fonts.googleapis.com/ 		10 KB
947 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,700|Lobster|Rustico|Quicksand:400,700&display=swap
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d2ecd40a81ef0b38ac62fb8862755c327b38bbe48c3878d7be8aa606c681a695
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Apr 2021 20:21:30 GMT
server
ESF
date
Sat, 24 Apr 2021 20:21:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Apr 2021 20:21:30 GMT
load.js
s.ntv.io/serve/ 		353 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-163.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1550346cc4acb90924ac38fd0a7157a20e8750c2df0fa0cfab411980c9bc1cfe

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:30 GMT
Content-Encoding
gzip
x-amz-request-id
ASQN1PRP804NWXA1
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
ZRYmF8laE7W+rNo0x0Br73VtWDGUnCeQql5FC+nFnIixtRsOx5apfEAX89EIzwNW9q+1JUjv2Ts=
Last-Modified
Tue, 13 Apr 2021 17:19:57 GMT
Server
AmazonS3
ETag
"4330b9a8c8acd8b7385eb09575a0f098"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
sbi-styles.min.css
perezhilton.com/wp-content/plugins/instagram-feed/css/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df15236d4098113e3479fc540a9bd1046ca6029f5508098e9c4245a0e12fab05

Request headers

:path
/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3748
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
cf-request-id
09a72475ce00005470f13e1000000001
x-ntv-te
8 c:0 a:0
last-modified
Wed, 28 Oct 2020 11:54:13 GMT
server
cloudflare
etag
W/"5f995be5-41cd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rXj%2BCagWQHgbBJPxFejKsc1b77GdvoEWIfnM6RY6nAaouFDhbEP%2Bmg6mToUkow4cglEQz2lzcc8j%2F52gO426ZI5TO9Zj%2FRhj2v9wPzESF7k%3D"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
set-cookie
ntv_ce_visitor=b6b27e3f-35aa-4870-904e-7c98c3ffc747; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
cf-ray
645209cfaf515470-LHR
style.min.css
perezhilton.com/wp-includes/css/dist/block-library/ 		53 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3749
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
cf-request-id
09a72475da00005470c63ef000000001
x-ntv-te
7 c:0 a:0
last-modified
Mon, 21 Dec 2020 12:22:11 GMT
server
cloudflare
etag
W/"5fe09373-d293"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FiGb8ez1VsMFj6jNIiZaRgfA1JO7Fh01zK6RFZz14qSYDWFA5NnxcEFyHXvj%2B7NdSIL8siFFOxuPF%2FGFdOPwvRnnP61JisiaaDdP6TqvbCg%3D"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
set-cookie
ntv_ce_visitor=d49f970b-14b8-4073-980d-7b204beff69e; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
cf-ray
645209cfaf555470-LHR
styles.css
perezhilton.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
284401fd9cc6074e6211119acdfbb4abb56b1d4c0be4323ccce1d6f6da7642ea

Request headers

:path
/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3749
cf-polished
origSize=2630
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
cf-request-id
09a72475d000005470bca6f000000001
x-ntv-te
7 c:0 a:0
last-modified
Sat, 27 Feb 2021 17:35:57 GMT
server
cloudflare
etag
W/"603a82fd-a46"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0%2BHDChhevtEibj7lM%2B%2BCm7%2F5fIodGVW%2BXFashdOqycUPJ6oEdp89yVHORb6jNfmoOGUy9d5k1sQPke5WQlCrgYC6jlI1Gm1n6juTZKyehrM%3D"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
set-cookie
ntv_ce_visitor=f36ffffc-f765-453b-9b18-bff1a9a9e78e; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
cf-ray
645209cfaf5e5470-LHR
cf-bgj
minify
theme.min.css
perezhilton.com/wp-content/themes/understrap-master/css/ 		383 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
431e29d65b6ceb09901b0f0e4d6bfbbe30f4bd1582861672c6d0a036c494ecdf

Request headers

:path
/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1328
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
cf-request-id
09a72475d100005470b0a84000000001
x-ntv-te
16 c:0 a:0
last-modified
Mon, 30 Nov 2020 22:53:28 GMT
server
cloudflare
etag
W/"5fc577e8-5fa05"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NTpOaL4M%2FhJ0ViUmpH4V9K49ink1r5HAVet7yplEsKmZnbOMyQc9BKzCKhPvLP%2BJ0FRH94yza6iqbnMcUgMK8MAbR%2BM6pzQ7SraNHMXDM1U%3D"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
set-cookie
ntv_ce_visitor=ddbdd6e6-3ae1-4822-a3f5-a4d70887cf6a; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
cf-ray
645209cfaf605470-LHR
jquery.js
perezhilton.com/wp-includes/js/jquery/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

:path
/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3748
cf-polished
origSize=96873
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
cf-request-id
09a72475d100005470b8ba3000000001
x-ntv-te
16 c:0 a:0
last-modified
Mon, 21 Dec 2020 12:22:11 GMT
server
cloudflare
etag
W/"5fe09373-17a69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kR%2BGCdX1ykH2iofRK27gejHFUgD8akd0q%2B6t5lL278GfQnDOU8NKv38pdGaiV6FFriBnIh4vP0WzcnLLV1gtX04hrCSO27WGc3P%2FOL51fhg%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
set-cookie
ntv_ce_visitor=5ceb73a8-58dd-4f56-958f-f27a68c82df2; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
cf-ray
645209cfaf615470-LHR
cf-bgj
minify
quantcast.js
perezhilton.com/wp-content/themes/understrap-master/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-content/themes/understrap-master/js/quantcast.js?ver=0.9.4.1610619161
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea4297365b0987ae8ac6cdb3c4fb2f0f8a597ca186e9fd006cfa9da741edd51b

Request headers

:path
/wp-content/themes/understrap-master/js/quantcast.js?ver=0.9.4.1610619161
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3749
cf-polished
origSize=3939
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
cf-request-id
09a72475d100005470913a9000000001
x-ntv-te
16 c:0 a:0
last-modified
Thu, 09 Jul 2020 20:23:23 GMT
server
cloudflare
etag
W/"5f077cbb-f63"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YXQLMzZY%2BhNDNdC9NhCJJCkXgKsJlkFXFD4lXVjxD2w7lVBsiVsPUp8MBTEVLla2VOeKKkn2el6XVeL5dBxaiLEwBxEY%2FnnKD2WW94rCX0s%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
set-cookie
ntv_ce_visitor=917f62d3-9014-41d4-8e12-f81873745ae3; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
cf-ray
645209cfaf625470-LHR
cf-bgj
minify
script.js
powerad.ai/ 		146 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/script.js?ver=0.9.4.1610619161
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-226-152.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
554de259d6e2adf1ef030f6ef8ff9f8c227984299d83c6845cbe652bcf86fddc

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:30 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Apr 2021 21:09:56 GMT
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
Express
ETag
W/"248a5-178f644a447"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
*
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-338092-8
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eb56ff85fb747aed4f89be26055e6669d119f68165a52e441f4e670aad8d048d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36571
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:21:30 GMT
rh.min.js
socialcanvas-cdn.kargo.com/js/ 		245 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://socialcanvas-cdn.kargo.com/js/rh.min.js
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:7c00:13:6a46:aa00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c307be905947f4a92b8b4538d7a3012c9515ae79461111899de9c9aa4399b42c

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 23:58:42 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 23:56:32 GMT
server
AmazonS3
age
149345
etag
W/"8f59f2d2dbb3de3cf61c4792af760e46"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
uBQ2DHLiNQbjuMd0amiAbNyr-r8UrdzV54_sKo53QQILkBtpi1BxWQ==
58b07fec4121.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain
  • https://platform.instagram.com/en_US/embeds.js
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f21c:81e5:face:b00c:0:4420 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 13 Apr 2021 08:58:53 GMT
content-encoding
br
etag
"58b07fec4121"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
content-length
4824
priority
u=3,i

Redirect headers

date
Sat, 24 Apr 2021 20:21:31 GMT
x-fb-trip-id
1679558926
x-ig-origin-region
vll
content-type
text/html; charset=utf-8
location
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
cache-control
max-age=21600
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
aditude.io.perezhilton.com.1017368.js
jsc.mgid.com/a/d/ 		279 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.mgid.com/a/d/aditude.io.perezhilton.com.1017368.js
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
382a0d99e04f15ea8202e5269d73585527cb39e33b3ca8b917ebaf674510f255

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
age
2641
cf-polished
origSize=285437
last-modified
Sat, 24 Apr 2021 05:55:56 GMT
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
5M9CHKC9H0RCP4K5
x-amz-id-2
5fVW3xJdj4pF+g1PILjSEenyQusSFOBOZlovgwWa7Uf7W+6x46abPviXsrnxPwd7TrvqOrknWZg=
cf-bgj
minify
server
cloudflare
etag
W/"aa26d9edda8cb85f7e52237645e70504"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
cf-request-id
09a724786400004c79b13c8000000001
cf-ray
645209d3df6b4c79-AMS
expires
Sat, 24 Apr 2021 23:21:30 GMT
sp_6oLVLzgr
launcher.spot.im/spot/ 		376 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launcher.spot.im/spot/sp_6oLVLzgr
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.60 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-60.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
f5591a4946b6102005f0c62e26072fa0754fb1dbb6ca37ca440bf01d1f6dd246

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
server
fasthttp
cache-control
max-age=600
content-type
application/javascript; charset=UTF-8
content-length
86341
expires
Sat, 24 Apr 2021 20:31:30 GMT
yappa-comments.js
embed.yappaapp.com/
Redirect Chain
  • https://comments.yappaapp.com/embed/yappa-comments.js
  • https://embed.yappaapp.com/yappa-comments.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.yappaapp.com/yappa-comments.js
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b57916af1cef2a55be28cd3a66468f93f2bcec023bfbac9eb3a6d648ba42ff7

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
710366
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09a72475ea00004a8b159b1000000001
last-modified
Mon, 21 Dec 2020 11:52:23 GMT
server
cloudflare
etag
W/"5fe08c77-1ac4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RJhSBnCqGCgFv5I7%2BRkUmCz0QVGWBuh0jcTzw4Pbjyz1FyLfIz5YWQsJkuLCH1%2F5oCkECXQ8J5eoob2aY%2FkkvSpqc1XFNWYSYGxKmBYBFZRSyN9mPlIUDwsiyAFtM2M%3D"}]}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
645209cfde394a8b-FRA

Redirect headers

date
Sat, 24 Apr 2021 20:21:30 GMT
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yPD7R0cIvBl%2BPN4m1ENQavaPDGQ9%2FhmnbmlPdNLgdlwNfClJOoZcW%2BBizaemXX75LvSabG51aAe12qjkLaC4NhN%2BM90FHuIh03Jpb8xf%2BB5Wvb4TnW%2B%2B5hAbiB%2FJmrbvBfU%3D"}]}
location
https://embed.yappaapp.com/yappa-comments.js
cache-control
max-age=3600
cf-ray
645209cfbdcd4a8b-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09a72475ce00004a8bf7857000000001
expires
Sat, 24 Apr 2021 21:21:30 GMT
wp-emoji-release.min.js
perezhilton.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3
pragma
no-cache
cookie
ntv_ce_visitor=fbae7827-c393-41f3-8fcb-031af02f5fa0; __cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3747
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
cf-request-id
09a72477e600005470cbbcf000000001
x-ntv-te
12 c:0 a:0
last-modified
Mon, 21 Dec 2020 12:22:11 GMT
server
cloudflare
etag
W/"5fe09373-37a6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GbPaKzwI81zJt00ay56v7hMfwXylY9gfSte4IQrQLs%2BX0hmxw5ALoD8IsHlKT98AS%2BTR14AiqkcRSNu6wWMDalFSIO9qO3CyQL%2FfkmyigKU%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
645209d30ede5470-LHR
wp-polyfill.min.js
perezhilton.com/wp-includes/js/dist/vendor/ 		97 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

:path
/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3748
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
cf-request-id
09a724760100005470971ef000000001
x-ntv-te
25 c:0 a:0
last-modified
Wed, 28 Oct 2020 11:54:12 GMT
server
cloudflare
etag
W/"5f995be4-183ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ryjGW7YormbzMlRdo%2FP6URXbAZhNkCIqSWEtseZM2r3MVO%2BHeVNttQHlV5xHzX8srbPMYKBkvfGaWUDhC3swcO0iwnNQZTPnXwvHH6rF49s%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
set-cookie
ntv_ce_visitor=3a522f5a-0c0c-4522-bb38-218a688eb91d; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
cf-ray
645209cfffd65470-LHR
i18n.min.js
perezhilton.com/wp-includes/js/dist/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-includes/js/dist/i18n.min.js?ver=bb7c3c45d012206bfcd73d6a31f84d9e
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f24e5b8b2578ab1e9fd5345e93f0eaee37a41bbdc10b8d256a60e5dc9880705

Request headers

:path
/wp-includes/js/dist/i18n.min.js?ver=bb7c3c45d012206bfcd73d6a31f84d9e
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3749
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
cf-request-id
09a72475fe0000547089b90000000001
x-ntv-te
26 c:0 a:0
last-modified
Mon, 21 Dec 2020 12:22:11 GMT
server
cloudflare
etag
W/"5fe09373-253c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NbNwYCuPCaHnOLxtLmhmmMwjbosgov0I7ahQp3ZmNN%2FshwZzto%2F8UaGMxSQXWf13%2BnRlqoywHMyFoaR7f51lkI19Bxl8Sar0rEwDChdzF8c%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
set-cookie
ntv_ce_visitor=a0506cbe-2e98-4650-9583-61cafbc0494e; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
cf-ray
645209cfffde5470-LHR
lodash.min.js
perezhilton.com/wp-includes/js/dist/vendor/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.15
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26f87df80e0735b6d6b169750f0ee403336c537cbc7a51888cb9d449434cb4b8

Request headers

:path
/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.15
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3749
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
cf-request-id
09a72475ff000054708e158000000001
x-ntv-te
17 c:0 a:0
last-modified
Wed, 28 Oct 2020 11:54:14 GMT
server
cloudflare
etag
W/"5f995be6-11c65"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Sz%2F58fdaH43zlJYspEbe%2Fas8AdS3lwhqrn8%2BaJsPz41ZSPG%2BQxi082vHM8dwUmg59QaFks7zb79eCLC4N9K4%2BOgQxmcIySQxsgUUd7igQFw%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
set-cookie
ntv_ce_visitor=f6616bdd-47a8-4d67-92db-315899628e1d; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
cf-ray
645209cfffe25470-LHR
url.min.js
perezhilton.com/wp-includes/js/dist/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-includes/js/dist/url.min.js?ver=9dd4e33d1648e90d1390113c29d21f27
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19b189704d2c4dc6a0b6889eca5c676e1af451db42932589c178e2cddb7bcfe6

Request headers

:path
/wp-includes/js/dist/url.min.js?ver=9dd4e33d1648e90d1390113c29d21f27
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3749
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
cf-request-id
09a72475ff00005470d9bd4000000001
x-ntv-te
17 c:0 a:0
last-modified
Mon, 21 Dec 2020 12:22:14 GMT
server
cloudflare
etag
W/"5fe09376-35f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TmOZfPn65y94VAlZ9JfTGF5dogIZg%2F2JOlRchUCVTbOSVfu57kiXuiTCiWmUbh2QcxgHI9fCNjJXraxVARWZCtLO8jiE5smWz6Xuwa5M10o%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
set-cookie
ntv_ce_visitor=573c4039-ad2d-4b4e-9d65-9f6d2a656571; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
cf-ray
645209cfffe55470-LHR
hooks.min.js
perezhilton.com/wp-includes/js/dist/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-includes/js/dist/hooks.min.js?ver=b4778690e29d8a2b7518413652ba30c4
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101412a2a4164836f6a2ab21e918022aaf23bb44b9a4e1eb4ef56962ca8bc5c5

Request headers

:path
/wp-includes/js/dist/hooks.min.js?ver=b4778690e29d8a2b7518413652ba30c4
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3749
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
cf-request-id
09a72475ff00005470f1a83000000001
x-ntv-te
14 c:0 a:0
last-modified
Mon, 21 Dec 2020 12:22:11 GMT
server
cloudflare
etag
W/"5fe09373-181e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fzqTZK0aF7H8E8dR5g2jzDKMDy3Y7Vh64XlGWCCYdev0obtSMlnU6O2%2BOn8HdTQW2AeBAhmm48ZOWysQ8QbBNsp9FbHLjMd8AEvylYCp9ys%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
set-cookie
ntv_ce_visitor=07e216b7-2749-4e87-9734-e99a8bb19645; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
cf-ray
645209cfffe85470-LHR
api-fetch.min.js
perezhilton.com/wp-includes/js/dist/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-includes/js/dist/api-fetch.min.js?ver=8773a93ea0d1278a2eaa147fdb6eb96d
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c89b8c809b8b77893dee599e8dbd0ecc9a3a6ef7107d9865bc20e5297c61f9f4

Request headers

:path
/wp-includes/js/dist/api-fetch.min.js?ver=8773a93ea0d1278a2eaa147fdb6eb96d
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3749
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
cf-request-id
09a724760000005470d327c000000001
x-ntv-te
7 c:0 a:0
last-modified
Mon, 21 Dec 2020 12:22:11 GMT
server
cloudflare
etag
W/"5fe09373-303a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ULFPkiHdcra5fwLm2tQbVh3ErRBMLPIxW8mlsy5YaEyqLU9OOF79iCxmZJ8JTfxzR4kza6tnLlgXiUwKqKIYkSJnCf0k92E5HrlTWMsISeA%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
set-cookie
ntv_ce_visitor=5c6f2ac0-dca8-4ab9-a087-67ee567e94b9; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
cf-ray
645209d00feb5470-LHR
index.js
perezhilton.com/wp-content/plugins/contact-form-7/includes/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccff49c86ee1937dd371734a05307e1abc057b3c255587ed918e47b1cf728d93

Request headers

:path
/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3749
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
cf-request-id
09a724760000005470ca0ba000000001
x-ntv-te
17 c:0 a:0
last-modified
Sat, 27 Feb 2021 17:35:58 GMT
server
cloudflare
etag
W/"603a82fe-2ac2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FyJzhoF5PzxX606YQNUiVQdgPhu4EL1GAjwytObCM9Zy65ZCx2VSlppFp2lizFghN5%2B%2F0cO3e%2F0pdNlNAqB3AY3Kv%2By5GEyffnornsrCyi0%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
set-cookie
ntv_ce_visitor=b443e162-1535-4b6d-9d7f-c52adfc2d4bc; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
cf-ray
645209d00fec5470-LHR
cf-bgj
minify
theme.min.js
perezhilton.com/wp-content/themes/understrap-master/js/ 		125 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-content/themes/understrap-master/js/theme.min.js?ver=0.9.4.1610619161
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55d39a852fd547eeeffe91cac325ff702d03a619445711ed33435cd5afff11dd

Request headers

:path
/wp-content/themes/understrap-master/js/theme.min.js?ver=0.9.4.1610619161
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3749
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
cf-request-id
09a724760300005470dbb36000000001
x-ntv-te
15 c:0 a:0
last-modified
Thu, 14 Jan 2021 10:12:41 GMT
server
cloudflare
etag
W/"60001919-1f3e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RbZr2h4DVWeR5j5NlHAg6JewvtgSI%2F6ZZDAWd%2FXyveUgC2OYKMjCZ7De68aZkVmuOOO2Q0jXVXxjdHTOa6O5ZuVEBeqa%2F2C9bFIFnCol4D4%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
set-cookie
ntv_ce_visitor=5c124e99-a7a3-448b-b2e2-69427c1c932b; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
cf-ray
645209d00fee5470-LHR
checkMobile.js
perezhilton.com/wp-content/themes/understrap-master/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-content/themes/understrap-master/js/checkMobile.js?ver=0.9.4.1610619161
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
473ed2b3cc909e671ececf33b6f8a17c0762e996cc357fa4e71a2948a4ec8435

Request headers

:path
/wp-content/themes/understrap-master/js/checkMobile.js?ver=0.9.4.1610619161
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3749
cf-polished
origSize=4411
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
cf-request-id
09a724760100005470c6acd000000001
x-ntv-te
8 c:0 a:0
last-modified
Fri, 19 Jun 2020 14:51:05 GMT
server
cloudflare
etag
W/"5eecd0d9-113b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HPYVVm7GDyRZ4TXwT54T0LrS2Wd25o%2FTKud6hCMQOYHcRzSlHlTQjGHQk9hwKycDgCS7Ltpmbdi8Qciuxe046u%2FlyfNnxs9ljDQk6lNZtKM%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
set-cookie
ntv_ce_visitor=151e2912-d25e-43af-b223-c07ad9a0042b; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
cf-ray
645209d00ff25470-LHR
cf-bgj
minify
intersectionObserver.pollyfill.min.js
perezhilton.com/wp-content/themes/understrap-master/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-content/themes/understrap-master/js/intersectionObserver.pollyfill.min.js?ver=0.9.4.1610619161
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5da1b7de6689ca5f3bd142b9810450d30f13ff29781ae85e91dc34603762d34c

Request headers

:path
/wp-content/themes/understrap-master/js/intersectionObserver.pollyfill.min.js?ver=0.9.4.1610619161
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3749
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
cf-request-id
09a724760100005470ac23b000000001
x-ntv-te
10 c:0 a:0
last-modified
Fri, 19 Jun 2020 14:51:05 GMT
server
cloudflare
etag
W/"5eecd0d9-1b4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qt9UkhDSGdFgey8bpCB7wpqEDlizYDwq0sVOdzl6FvLJiLvZYK75bcqvK0G0lJ72ngjzDae%2F7NQOP9Bc6I68d64mHZRiiR0oG%2BjegOMSfFY%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
set-cookie
ntv_ce_visitor=d183e52a-019f-4b4a-93e9-563b567a89ca; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
cf-ray
645209d00ff35470-LHR
article-ads.js
perezhilton.com/wp-content/themes/understrap-master/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-content/themes/understrap-master/js/article-ads.js?ver=0.9.4.16148718135
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b109f3bc0a79d117de72fe268a344a9d3a1d7491bd9e48008d99af135bc2d74

Request headers

:path
/wp-content/themes/understrap-master/js/article-ads.js?ver=0.9.4.16148718135
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5260
cf-polished
origSize=29064
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
cf-request-id
09a724760200005470a9a30000000001
x-ntv-te
8 c:0 a:0
last-modified
Thu, 18 Mar 2021 14:09:04 GMT
server
cloudflare
etag
W/"60535f00-7188"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=A5AP6jJJOWXNP0fs1ERkGcSzfSIpkchAF%2Ftmg7XU9tV7qO9wxjL%2FgmIS4C45u2eSGrdvdZG1n%2FshRX%2Fh82Df6Mi6UZRqqIJD7ynmjj%2FIaM0%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
set-cookie
ntv_ce_visitor=0ae5e741-55fc-4f8e-ab5c-1937c9c589e1; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
cf-ray
645209d00ff65470-LHR
cf-bgj
minify
ph-ads-old.js
perezhilton.com/wp-content/themes/understrap-master/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-content/themes/understrap-master/js/ph-ads-old.js?ver=0.9.4.1614871813
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0c668a87d9c7d81bdd971ca9196007607173987309dd1d2114b4a64c0761841

Request headers

:path
/wp-content/themes/understrap-master/js/ph-ads-old.js?ver=0.9.4.1614871813
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1064
cf-polished
origSize=22729
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
cf-request-id
09a724760200005470f9801000000001
x-ntv-te
9 c:0 a:0
last-modified
Thu, 04 Mar 2021 15:30:13 GMT
server
cloudflare
etag
W/"6040fd05-58c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FVAy8g%2F0Rg7n3LhL%2FnwCfaDb8N8i9PUg5RFuSs64osnJ%2FsHuY89Uq12CJB97QaoqnHbmAEIbQz3xG%2F9E3Q7kcUf5vp%2FAHPq1d7bj%2B9DkJlo%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
set-cookie
ntv_ce_visitor=1009b00a-72f4-432f-b405-f95fc73cc0c7; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
cf-ray
645209d00ffe5470-LHR
cf-bgj
minify
comment-reply.min.js
perezhilton.com/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-includes/js/comment-reply.min.js?ver=5.5.3
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a16df2f75e04129b12a5fde7311c7ea9131418080fd3f6bcb2b28ce1faa2fe8e

Request headers

:path
/wp-includes/js/comment-reply.min.js?ver=5.5.3
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3631
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
cf-request-id
09a724761d00005470b8bac000000001
x-ntv-te
7 c:0 a:0
last-modified
Sun, 20 Dec 2020 19:23:46 GMT
server
cloudflare
etag
W/"5fdfa4c2-bdb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8dBaq53EvWjHQ63YK8PS5XGlXOt2Px37%2BO%2FsyVz99oyy%2FBrLSLa9BHoask8C3XXJUi5W9nRD5DSfzwgH3sfYDPYuK6XMRJ4ZafJlKUv7Jwo%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
set-cookie
ntv_ce_visitor=58b50b50-c8f9-4472-83e8-b64416d043bf; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
cf-ray
645209d028675470-LHR
lazysizes.min.js
perezhilton.com/wp-content/plugins/lazy-load-optimizer/assets/frontend/js/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-content/plugins/lazy-load-optimizer/assets/frontend/js/lazysizes.min.js?ver=1.4.7
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
876b4c12685e991d88378c1b6dd3638fd2da0c88f3c24da1ada950c1f26604e1

Request headers

:path
/wp-content/plugins/lazy-load-optimizer/assets/frontend/js/lazysizes.min.js?ver=1.4.7
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3747
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
cf-request-id
09a72477e200005470fc24e000000001
x-ntv-te
12 c:0 a:0
last-modified
Wed, 01 Jul 2020 22:16:26 GMT
server
cloudflare
etag
W/"5efd0b3a-1c43"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9ZTf6Me%2BhBaXHOPMJ8KuB7jQsvlxrCXNSvAN6LZpPybcm641dNvdzmT895Vg773N3SI67hE%2Fcj%2Fz%2BSTrGcFRbpRR2rCE229%2Bx%2Be7urLrrK4%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
set-cookie
ntv_ce_visitor=7e999504-7f76-4d97-bc39-e88ad2a5455f; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
cf-ray
645209d30ee25470-LHR
api.js
www.google.com/recaptcha/ 		884 B
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Lel6LwZAAAAAOWBQsyuijMbyGWGbJCfx8DOYNnc&ver=3.0
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
87bc4dc7ce342f7e7e54b7a64ef8cac0ac4b15f58a2ca790a743590609692b95
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
586
x-xss-protection
1; mode=block
expires
Sat, 24 Apr 2021 20:21:30 GMT
index.js
perezhilton.com/wp-content/plugins/contact-form-7/modules/recaptcha/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
671792033b9675a4d8ddbdfbb6b048da36b11b6d569c4f92ad3f785e71bba8de

Request headers

:path
/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3749
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
cf-request-id
09a724762200005470fc215000000001
x-ntv-te
11 c:0 a:0
last-modified
Sat, 27 Feb 2021 17:35:57 GMT
server
cloudflare
etag
W/"603a82fd-e8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WuKPVJx9v0vrdwCEvEyA0vyFEq20PTqgzmCrU1pAi4I5kbFVEYqn6SF%2FkdHm73hU6s1hTjBKI%2BnJfVCIeB23n7Atz0xCzf5GuKVLum7vPGw%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
set-cookie
ntv_ce_visitor=4de359b3-cf74-4871-973e-6906d50b3812; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
cf-ray
645209d0286a5470-LHR
cf-bgj
minify
wp-embed.min.js
perezhilton.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-includes/js/wp-embed.min.js?ver=5.5.3
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.5.3
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3749
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
cf-request-id
09a724761d00005470e6248000000001
x-ntv-te
13 c:0 a:0
last-modified
Wed, 28 Oct 2020 11:54:13 GMT
server
cloudflare
etag
W/"5f995be5-59a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gfhF7G6WulGJfuzIEcxch%2F09foVdAasA%2FxZs4O%2FPGBwkQUFDbLK6tafFaBFUW7n00L4dY0rPbtIwn6YrQWeY5zfEs6WjTGDRHor4STbZiHE%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
set-cookie
ntv_ce_visitor=fbae7827-c393-41f3-8fcb-031af02f5fa0; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
cf-ray
645209d0286c5470-LHR
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.5.3
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53d498637d3729f9082115b547255e3741d328021543c3cc38814a1112a26901

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
3572
etag
W/"d199313092146033fbc76e9fc961ead7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
645209d2fae305b3-FRA
cf-request-id
09a72477dd000005b39594b000000001
expires
Tue, 27 Apr 2021 20:21:30 GMT
ajax-load-more.min.js
perezhilton.com/wp-content/plugins/ajax-load-more/core/dist/js/ 		204 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-content/plugins/ajax-load-more/core/dist/js/ajax-load-more.min.js?ver=5.4.4
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a3358479564a40c3dba8fb9515b767068bdc9fcc989763fc8ca8af4e7bbfe1f

Request headers

:path
/wp-content/plugins/ajax-load-more/core/dist/js/ajax-load-more.min.js?ver=5.4.4
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4411
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
cf-request-id
09a724761d00005470cbb93000000001
x-ntv-te
16 c:0 a:0
last-modified
Wed, 31 Mar 2021 20:53:45 GMT
server
cloudflare
etag
W/"6064e159-33148"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qWA6KZdf3C9I4aKRXjl7kOn6im9f1GqNlN0I2hEHN8LX%2FRD2FNWK8NrC2C0SKYDQ%2F4aaLHvVXHXiXonaneW5J4REK9JdL2615Ls5yaSHbII%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
set-cookie
ntv_ce_visitor=e2f6ebb1-f0c8-446f-b302-0cdb821d780c; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
cf-ray
645209d0286e5470-LHR
sbi-scripts.min.js
perezhilton.com/wp-content/plugins/instagram-feed/js/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=2.9
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2717481d28d98b22e3277c45a2a0529b5044aef42d8f262ca7e11e73240c563d

Request headers

:path
/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=2.9
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3749
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
cf-request-id
09a724761e00005470bca79000000001
x-ntv-te
11 c:0 a:0
last-modified
Wed, 31 Mar 2021 20:53:45 GMT
server
cloudflare
etag
W/"6064e159-6571"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=b8WJqeCgXCbruY5cBFiLjFH%2FHaSe65cTg8GPamF9iTHZ5iL4HnEyW6B3jtaeFnqwKxHg4Fd3ISd1EoyQut74Ga%2FXhuUpovFMrrKYfS0ruDc%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
set-cookie
ntv_ce_visitor=6a0bc770-f61e-4b8d-a5a8-ddbe9212b9fc; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
cf-ray
645209d0286f5470-LHR
choice.js
quantcast.mgr.consensu.org/choice/GANCBjEfRH5Fe/perezhilton.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/GANCBjEfRH5Fe/perezhilton.com/choice.js?timestamp=1619295690461
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/wp-content/themes/understrap-master/js/quantcast.js?ver=0.9.4.1610619161
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2021:4a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7fefc3c0b0ecf4b77d05fe57ead2543ae951e1506595d1331ff4c6012c31327d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
br
etag
W/"d992a595380b60d4daefe6b9d32946bf"
last-modified
Wed, 10 Feb 2021 18:15:06 GMT
server
AmazonS3
x-amz-cf-pop
CPH50-C2
x-amz-server-side-encryption
AES256
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0797e49e9b926d7fa39bfcaf87f5e51d.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-id
NYt5j1lLZSL4Z1IhzhAjJVUcEOUY8xl4rEG4DTD0P3lyzEBof3l-eg==
t
jadserve.postrelease.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&ntv_mvi&ntv_rtr&ntv_ptd=1114139
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.67.80.248 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-67-80-248.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
b5c95244731527f9678a2c06919fe776517e7a1a80b47d1588cf155f5d6840ab

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:31 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
696
expires
Mon, 1 Jan 1990 12:00:00 GMT
/
reporting.powerad.ai/ 		2 B
412 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://reporting.powerad.ai/
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js?ver=0.9.4.1610619161
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-151-247.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 24 Apr 2021 20:21:31 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
2
/
powerad.ai/pubPls/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js?ver=0.9.4.1610619161
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-226-152.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
d627c5efafdfa214ce32052d123ff17f341c5b5f9e21dad826ef0e791d004d29

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:31 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
Express
ETag
W/"11a5-hPffEFQ8MdycUKMGf+gF/4clvic"
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://perezhilton.com
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
*
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		67 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1a16a47700ca3491e948b4e70b0269c2f7569b803ef695d1aa1aa7b09b7de6d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
74c084085d11213e42caadfd5631fb4a65a03be8a7e4aa33fd75bf8bb22d670b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
title-bg-2.png
perezhilton.com/wp-content/themes/understrap-master/images/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/themes/understrap-master/images/title-bg-2.png
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2408bf89259349f212995f3d934008346ed92755c380b3a0797012a91b3e4825

Request headers

:path
/wp-content/themes/understrap-master/images/title-bg-2.png
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
159826
cf-polished
origFmt=png, origSize=8774
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
content-disposition
inline; filename="title-bg-2.webp"
cf-bgj
imgq:100,h2pri
content-length
5240
cf-request-id
09a72477e500005470ec139000000001
x-ntv-te
10 c:0 a:0
last-modified
Fri, 19 Jun 2020 14:51:05 GMT
server
cloudflare
etag
"5eecd0d9-2246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ec518wSOlk8c9ZkV3uA%2BVzkvjRtEIpvqC1RRwb%2BTVz0Tq%2BMJ0z1lX7VRt%2FFK27YD%2FFy1IGAPDlia%2B9rBO%2Bfo7UrXh2n9RDKwfwj5TxfyHlc%3D"}]}
content-type
image/webp
cache-control
max-age=691200
set-cookie
ntv_ce_visitor=d53d5301-3519-4c2b-a6b8-ff5fd62aa58f; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
accept-ranges
bytes
cf-ray
645209d30ee95470-LHR
expires
Fri, 30 Apr 2021 23:57:44 GMT
22.png
perezhilton.com/wp-content/themes/understrap-master/images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/themes/understrap-master/images/22.png
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f292eb5c5e04d849233aaaa81692af8cd61e16844b3c5ecb474979f558be99

Request headers

:path
/wp-content/themes/understrap-master/images/22.png
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
138201
cf-polished
origFmt=png, origSize=16560
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
content-disposition
inline; filename="22.webp"
cf-bgj
imgq:100,h2pri
content-length
9532
cf-request-id
09a72477e600005470b8bdd000000001
x-ntv-te
9 c:0 a:0
last-modified
Fri, 19 Jun 2020 14:51:05 GMT
server
cloudflare
etag
"5eecd0d9-40b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nSL87fVApk0IDbUcn9d%2BEFXAdhfwhBNB5kU0Ah2L3XQl7JHxOxA0IK5nBp2hi2apB%2FWlAZSqQHbatvZL1jC%2BAAJ7m6vwSRqHTJVec8V9qqw%3D"}]}
content-type
image/webp
cache-control
max-age=691200
set-cookie
ntv_ce_visitor=75bc4742-dbdc-4df1-80fb-8b283c176ebe; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
accept-ranges
bytes
cf-ray
645209d30eeb5470-LHR
expires
Sat, 01 May 2021 05:58:08 GMT
fontawesome-webfont.woff2
perezhilton.com/wp-content/themes/understrap-master/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-content/themes/understrap-master/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-fetch-mode
cors
origin
https://perezhilton.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0
:path
/wp-content/themes/understrap-master/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
perezhilton.com
referer
https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://perezhilton.com
Referer
https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4359
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
content-length
77160
cf-request-id
09a72477e600005470999e8000000001
x-ntv-te
18 c:0 a:0
last-modified
Fri, 19 Jun 2020 14:51:05 GMT
server
cloudflare
etag
"5eecd0d9-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hCqp%2FuBPvui8G5RL0mqRYFg0ZKcvUhXpUew0FeQyUnFw1s%2F%2BdWjPejTxzyx3TIGvA2QcflakGmRho%2B4d7mdAtrqFtRwc5oE0J4PAren%2B46A%3D"}]}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
set-cookie
ntv_ce_visitor=078923a2-9206-452d-a313-69beb185f80c; Expires=Thu, 23 Apr 2026 20:21:30 GMT; Domain=.perezhilton.com; Secure; HttpOnly
accept-ranges
bytes
cf-ray
645209d30eed5470-LHR
6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v22/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v22/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700|Lobster|Rustico|Quicksand:400,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed8c9ed710b14cb20237ee17d9fe721bab7b78777b9bdcf9a5afb35e72245c70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://perezhilton.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:35:36 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 23:13:35 GMT
server
sffe
age
189954
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26176
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:35:36 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700|Lobster|Rustico|Quicksand:400,700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://perezhilton.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 12:08:41 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
115969
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
expires
Sat, 23 Apr 2022 12:08:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700|Lobster|Rustico|Quicksand:400,700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://perezhilton.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 21:15:20 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
age
428770
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
expires
Tue, 19 Apr 2022 21:15:20 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700|Lobster|Rustico|Quicksand:400,700&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://perezhilton.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 21:15:49 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
age
428741
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
expires
Tue, 19 Apr 2022 21:15:49 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f5fb2c39d3ae84523a7a4be35ec82e19c6ad3cad21061a9862a5ab1f337a70c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
06.png
perezhilton.com/wp-content/themes/understrap-master/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/themes/understrap-master/images/06.png
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6685a3a8df5bc7d0d40c2aa7f4ec191f804c3ab0ec5160acd486b826cddb4d35

Request headers

:path
/wp-content/themes/understrap-master/images/06.png
pragma
no-cache
cookie
ntv_ce_visitor=75bc4742-dbdc-4df1-80fb-8b283c176ebe; __cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
159929
cf-polished
origFmt=png, origSize=12121
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:30 PM
content-disposition
inline; filename="06.webp"
cf-bgj
imgq:100,h2pri
content-length
6486
cf-request-id
09a72478c200005470fda99000000001
x-ntv-te
10 c:0 a:0
last-modified
Fri, 19 Jun 2020 14:51:05 GMT
server
cloudflare
etag
"5eecd0d9-2f59"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=akQix%2FXUhrHzRdezmNNrT3f8yqJwyvcRNlQ4rBbHj%2BmyoKhYu1kUdmUP4KrHPoAuLLBL0lcoBkbc3fJRR2pcQvDc2Vu%2BDW8HPGSYDMVM%2B%2Bg%3D"}]}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
645209d46a4c5470-LHR
expires
Fri, 30 Apr 2021 23:56:01 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=b8420682-29cd-42b6-a9a3-950e83dfd651&ntv_fl=k4_euJ5Ww-btn4yGYn2KgGLMmajNHTrgv7t5ZM1UcNJ48nup4E9cpBXP_f75nSGi9BCnxIkubp1ciRX1JE2gNcLhRWxTl2kphOtk-vEM0-YqGAG2ZH7mPt-m2ciwnSRzsViMuwT7XArfDryYLmlQhUC3Fsv0_aY6bKHI0nXPwrMqWZOemM9KhFcTZPBFwEwC&ntv_ht=yX2EYAA&ntv_tpvcs=&ntv_at=303,302&ntv_a=AAAAAAAAAAGxgRA&ord=1619295690923&ntv_it
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.67.80.248 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-67-80-248.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:31 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
sdk.js
mcd-sdk.playbuzz.com/embed/ 		607 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mcd-sdk.playbuzz.com/embed/sdk.js?embedId=7bf0df57-3cb6-41b5-be24-76e9e5f90af4
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a5a7ec40d58b775fb55ed71b21e3977da65ca762f046e77a20c2519a8fff6044

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
content-encoding
gzip
age
34480
x-cache
HIT
access-control-max-age
600
content-length
185245
x-served-by
cache-hhn4058-HHN
access-control-allow-origin
*
server
nginx
x-timer
S1619295691.091359,VS0,VE3
etag
W/"97bb0-/jHgXzDAwU6Pl0l3AGiNNOSyc1o"
vary
Accept-Encoding, x-pb-country, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
1
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20a4511b44d65c98c5986afbe05b1858252bfb71f2f33f71636da9cc20c376e1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
734b8a197f82abbdf3e01bdeec2191cf1f98ff6fdebffccb5458261ecf3fdb7d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
344c68745ffbc884ce5dccfdb8a19b222d67821a2675edbc27672082a05da8f7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/GANCBjEfRH5Fe/perezhilton.com/choice.js?timestamp=1619295690461
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:30 GMT
content-encoding
gzip
etag
"9iaPKZLFg6XYoMRMhilE8g=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Sat, 01 May 2021 20:21:30 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/23/ 		266 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=perezhilton.com
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/GANCBjEfRH5Fe/perezhilton.com/choice.js?timestamp=1619295690461
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2021:4a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sat, 24 Apr 2021 20:21:03 GMT
content-encoding
br
last-modified
Fri, 18 Dec 2020 15:09:37 GMT
server
AmazonS3
age
61
etag
W/"1d55b13d85c9837da884d1e8594cc025"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 0797e49e9b926d7fa39bfcaf87f5e51d.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-meta-qc-ineu
True
x-amz-cf-pop
CPH50-C2
x-amz-cf-id
otAUY4oz-px3eTJ_ovx7aFV29sjZOtfyRPPjrmtjJr-mH1RYbLrmmw==
04.jpg
perezhilton.com/wp-content/themes/understrap-master/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/themes/understrap-master/images/04.jpg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eba32bc5ef70516ebba66efde63a169dc4696cd642ad06a7a2feabc2996963a7

Request headers

:path
/wp-content/themes/understrap-master/images/04.jpg
pragma
no-cache
cookie
ntv_ce_visitor=75bc4742-dbdc-4df1-80fb-8b283c176ebe; __cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
138095
cf-polished
origFmt=jpeg, origSize=22076
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
content-disposition
inline; filename="04.webp"
cf-bgj
imgq:100,h2pri
content-length
5096
cf-request-id
09a72478ee00005470cbbf3000000001
x-ntv-te
8 c:0 a:0
last-modified
Fri, 19 Jun 2020 14:51:05 GMT
server
cloudflare
etag
"5eecd0d9-563c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B4xjWfZ70lSUny9p83VxIaMV%2BgZ38TlDJAunNJXqLqLU1fn2KLshKb1Jpxr9v97lHmwEKpg3K5mpB%2FBXtIGo74q2BHfFOMageC2lccu97zk%3D"}]}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
645209d4ab045470-LHR
expires
Sat, 01 May 2021 05:59:56 GMT
play-button-6.png
perezhilton.com/wp-content/themes/understrap-master/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/themes/understrap-master/images/play-button-6.png
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd23ee2d447749cbbc982f7ee9cc9a88fbf70dd9a712324c8b1bdbea05209f0c

Request headers

:path
/wp-content/themes/understrap-master/images/play-button-6.png
pragma
no-cache
cookie
ntv_ce_visitor=75bc4742-dbdc-4df1-80fb-8b283c176ebe; __cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
159827
cf-polished
origFmt=png, origSize=8970
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
content-disposition
inline; filename="play-button-6.webp"
cf-bgj
imgq:100,h2pri
content-length
4996
cf-request-id
09a72478ee00005470fab0c000000001
x-ntv-te
11 c:0 a:0
last-modified
Fri, 19 Jun 2020 14:51:05 GMT
server
cloudflare
etag
"5eecd0d9-230a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fDpDqxVNIzNbRYcGhwqTW6TyBm7bwzZnyGtjDz2x9CC%2BNPaFj4prA1VaxAsYBCPFkwAgW96hmXILJD6DtETDpNJYvSsjhCFs8L73K54qRt4%3D"}]}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
645209d4ab0a5470-LHR
expires
Fri, 30 Apr 2021 23:57:44 GMT
side-video-title-bg.png
perezhilton.com/wp-content/themes/understrap-master/images/ 		110 B
495 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/themes/understrap-master/images/side-video-title-bg.png
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e6643c0f263147cc6cfeeb25b7dbcec9c8146e811eed36173fd152e4fe4ba46

Request headers

:path
/wp-content/themes/understrap-master/images/side-video-title-bg.png
pragma
no-cache
cookie
ntv_ce_visitor=75bc4742-dbdc-4df1-80fb-8b283c176ebe; __cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
138227
cf-polished
origFmt=png, origSize=214
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
content-disposition
inline; filename="side-video-title-bg.webp"
cf-bgj
imgq:100,h2pri
content-length
110
cf-request-id
09a72478ef00005470a41fa000000001
x-ntv-te
8 c:0 a:0
last-modified
Fri, 19 Jun 2020 14:51:05 GMT
server
cloudflare
etag
"5eecd0d9-d6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cBT1duocbnwcbqbL1PJQ%2B3fJ2Ef6%2BTUizFPqxMdUsSiAI4%2FzyDiRLWSh9EhcazYldjh8TyY8su0%2BDzBx13Xs9aGZ2tOqDNIoZ0bENqcjRmY%3D"}]}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
645209d4ab0c5470-LHR
expires
Sat, 01 May 2021 05:57:44 GMT
Hollywood.woff2
perezhilton.com/wp-content/themes/understrap-master/fonts/Hollywood/ 		3 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-content/themes/understrap-master/fonts/Hollywood/Hollywood.woff2
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e43ad82cd9be246ca0f3594e733d326c83177eb92422e185f9c38bdc4fa49b12

Request headers

sec-fetch-mode
cors
origin
https://perezhilton.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
font
cookie
ntv_ce_visitor=078923a2-9206-452d-a313-69beb185f80c; __cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0
:path
/wp-content/themes/understrap-master/fonts/Hollywood/Hollywood.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
perezhilton.com
referer
https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://perezhilton.com
Referer
https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3363
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
content-length
3540
cf-request-id
09a72478f000005470b7239000000001
x-ntv-te
6 c:0 a:0
last-modified
Fri, 19 Jun 2020 14:51:05 GMT
server
cloudflare
etag
"5eecd0d9-dd4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nxAqWQrJrN23GwKnxozBxoo64e9m%2F5VnpbZJRTTQwHh%2FRulb%2FNHPCph%2BbJTmQTYWfFcUMh26Uaw9GnVMYNts5fJCU1l2tqcCHB7zZ24f9Oo%3D"}]}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
645209d4bb115470-LHR
pwt.js
ads.pubmatic.com/AdServer/js/pwt/159143/2782/ 		266 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/159143/2782/pwt.js
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/wp-content/themes/understrap-master/js/ph-ads-old.js?ver=0.9.4.1614871813
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
dfd228cc8094a12ad7cbe3244fe657a3a1a42280c037b9ffc8dc7073ce342612

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:31 GMT
Content-Encoding
gzip
Last-Modified
Mon, 05 Apr 2021 17:19:25 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"10c12e3-42858-5bf3ce640a4fe"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
public, max-age=77459
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
83477
Expires
Sun, 25 Apr 2021 17:52:30 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ 		334 KB
334 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lel6LwZAAAAAOWBQsyuijMbyGWGbJCfx8DOYNnc&ver=3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://perezhilton.com
Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 18:31:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 19 Apr 2021 04:04:08 GMT
server
sffe
age
6631
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341908
x-xss-protection
0
expires
Sun, 24 Apr 2022 18:31:00 GMT
admin-ajax.php
perezhilton.com/wp-admin/ 		599 B
882 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-admin/admin-ajax.php?id=822756&initial_id=822756&order=previous&taxonomy=&excluded_terms=&post_type=post&init=true&action=alm_get_single
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/wp-content/plugins/ajax-load-more/core/dist/js/ajax-load-more.min.js?ver=5.4.4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4db9d8118d98c5cd4521fea3766b2907aad19ad1bc14b93e84e0e35bebcf99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
en-US
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0
:path
/wp-admin/admin-ajax.php?id=822756&initial_id=822756&order=previous&taxonomy=&excluded_terms=&post_type=post&init=true&action=alm_get_single
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
application/json, text/plain, */*
cache-control
no-cache
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
645209d5ddd25470-LHR
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:32 PM
cf-request-id
09a72479a900005470bcadb000000001
x-ntv-te
844 c:0 a:0
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SY1VOnZEglBMaBjv4NF6%2BCWlsTDzOaa2xZcQjTAr9S2musNQf4LQoIb6jPkajUfQLwCxWyxo54EG0oKoEO3SbhvJ8Pi503v%2FcJXO4pIaElQ%3D"}]}
content-type
application/json; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
set-cookie
ntv_ce_visitor=5ef9a827-61c4-41d0-92b9-320007384ee4; Expires=Thu, 23 Apr 2026 20:21:32 GMT; Domain=.perezhilton.com; Secure; HttpOnly
x-robots-tag
noindex
expires
Wed, 11 Jan 1984 05:00:00 GMT
1f48e.svg
s.w.org/images/core/emoji/13.0.0/svg/ 		0
0
1f389.svg
s.w.org/images/core/emoji/13.0.0/svg/ 		0
0
1f4f8.svg
s.w.org/images/core/emoji/13.0.0/svg/ 		0
0
ajax-loader.gif
perezhilton.com/wp-content/themes/understrap-master/css/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/themes/understrap-master/css/ajax-loader.gif
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
568d7b83659993469a2d729ad98daba3a7de2568f74d670d18ae618f118fe353

Request headers

:path
/wp-content/themes/understrap-master/css/ajax-loader.gif
pragma
no-cache
cookie
ntv_ce_visitor=ddbdd6e6-3ae1-4822-a3f5-a4d70887cf6a; __cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/wp-content/themes/understrap-master/css/theme.min.css?ver=0.9.4.1606776809
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
159138
cf-polished
origSize=4178, status=webp_bigger
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
cf-bgj
imgq:100,h2pri
content-length
2592
cf-request-id
09a72479bd00005470dbba8000000001
x-ntv-te
6 c:0 a:0
last-modified
Fri, 19 Jun 2020 14:51:05 GMT
server
cloudflare
etag
"5eecd0d9-1052"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iqUu%2BUZDUS8alMoo3WQG684O7N7HDN0A0BDP3IdONz39ja7Nu3n%2F6rRtHMxWp9BLjVGZSGmtXLuRr%2BNXvzrzjjfkHq7zDsMB%2FSdem%2FsUJtI%3D"}]}
content-type
image/gif
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
645209d5fe055470-LHR
expires
Sat, 01 May 2021 00:09:13 GMT
176913332_464379221508354_5168067585566777290_nthumb.jpg
perezhilton.com/wp-content/uploads/sb-instagram-feed-images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/sb-instagram-feed-images/176913332_464379221508354_5168067585566777290_nthumb.jpg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9ad52075ac93876898c0b58553e3358ba5e275f7138b3855c0410290f2735c1

Request headers

:path
/wp-content/uploads/sb-instagram-feed-images/176913332_464379221508354_5168067585566777290_nthumb.jpg
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
10358
cf-polished
origSize=7503, status=webp_bigger
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
cf-bgj
imgq:100,h2pri
content-length
7255
cf-request-id
09a72479d6000054709100d000000001
x-ntv-te
13 c:0 a:0
last-modified
Sat, 24 Apr 2021 17:28:46 GMT
server
cloudflare
etag
"6084554e-1d4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4RWCJHxl67CKgjgI5UaT9C4jsvLJ%2BNde9rzYhi1WiQ5N2g%2Bipsc8Ltxh7JO3%2B9%2FrzWeev71tNiKT9eF5htufYDYYrv%2BDX3p4khF6pnUwMuA%3D"}]}
content-type
image/jpeg
cache-control
max-age=691200
set-cookie
ntv_ce_visitor=0e1bab86-65cd-46af-bc15-1c2e9f704adf; Expires=Thu, 23 Apr 2026 20:21:31 GMT; Domain=.perezhilton.com; Secure; HttpOnly
accept-ranges
bytes
cf-ray
645209d62e5c5470-LHR
expires
Sun, 02 May 2021 17:28:53 GMT
174543144_456460365455834_4316390707998825526_nthumb.jpg
perezhilton.com/wp-content/uploads/sb-instagram-feed-images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/sb-instagram-feed-images/174543144_456460365455834_4316390707998825526_nthumb.jpg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
181354b74660b46765c2d185f35284c278b5780dfacbd3f80d2e3a28eae15575

Request headers

:path
/wp-content/uploads/sb-instagram-feed-images/174543144_456460365455834_4316390707998825526_nthumb.jpg
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
67711
cf-polished
origSize=7008, status=webp_bigger
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
cf-bgj
imgq:100,h2pri
content-length
6922
cf-request-id
09a72479d7000054709e1a1000000001
x-ntv-te
15 c:0 a:0
last-modified
Sat, 24 Apr 2021 01:28:28 GMT
server
cloudflare
etag
"6083743c-1b60"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oOr%2F5Z1uBsU5jQmtn5D%2BAVul5oxP4%2By67omN1q4a0tSLFrFyuLNY%2F9cIw%2BfzYGd7AEnTcJFL8DyWPm3%2F6AOiDHC9gA%2Fq56P7pBdPDuCBAMQ%3D"}]}
content-type
image/jpeg
cache-control
max-age=691200
set-cookie
ntv_ce_visitor=6b008b8c-2635-44aa-a511-fce2f2aec629; Expires=Thu, 23 Apr 2026 20:21:31 GMT; Domain=.perezhilton.com; Secure; HttpOnly
accept-ranges
bytes
cf-ray
645209d62e5f5470-LHR
expires
Sun, 02 May 2021 01:33:00 GMT
176625186_312654063832778_4362782547273906089_nthumb.jpg
perezhilton.com/wp-content/uploads/sb-instagram-feed-images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/sb-instagram-feed-images/176625186_312654063832778_4362782547273906089_nthumb.jpg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b4fe3ee149d29fe2436c1115242a7895e42514871aa8e75c872f1e4af7d2a48

Request headers

:path
/wp-content/uploads/sb-instagram-feed-images/176625186_312654063832778_4362782547273906089_nthumb.jpg
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
89471
cf-polished
origSize=7891, status=webp_bigger
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
cf-bgj
imgq:100,h2pri
content-length
7663
cf-request-id
09a72479d800005470f103c000000001
x-ntv-te
13 c:0 a:0
last-modified
Fri, 23 Apr 2021 19:28:18 GMT
server
cloudflare
etag
"60831fd2-1ed3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9SYdcBJMZ6EMYj9vYFm%2B9WO6ALfLyY89nERmp0W6SWvr8pnl7fGh33vKNARlhg1OSk%2BGYBcQ2RYoZVnE4sKKlAtFRwHY1ECnKFcVsJkZZeE%3D"}]}
content-type
image/jpeg
cache-control
max-age=691200
set-cookie
ntv_ce_visitor=4bf120d3-f672-465d-8cd6-3bb20a5fe9a2; Expires=Thu, 23 Apr 2026 20:21:31 GMT; Domain=.perezhilton.com; Secure; HttpOnly
accept-ranges
bytes
cf-ray
645209d62e615470-LHR
expires
Sat, 01 May 2021 19:30:20 GMT
177275458_124009976428641_8134784955922539750_nthumb.jpg
perezhilton.com/wp-content/uploads/sb-instagram-feed-images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/sb-instagram-feed-images/177275458_124009976428641_8134784955922539750_nthumb.jpg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80aa9195c9a343a1e267504cdaada85509a1f1fac45ceb59f5bdd0e8c7d8b64a

Request headers

:path
/wp-content/uploads/sb-instagram-feed-images/177275458_124009976428641_8134784955922539750_nthumb.jpg
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
100367
cf-polished
origSize=6765, status=webp_bigger
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
cf-bgj
imgq:100,h2pri
content-length
6639
cf-request-id
09a72479d800005470c603b000000001
x-ntv-te
8 c:0 a:0
last-modified
Fri, 23 Apr 2021 16:28:18 GMT
server
cloudflare
etag
"6082f5a2-1a6d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OG%2F6siRGgyfKPjlZvBZl0R1UpyaI%2FZZItnR2H54K3%2FwK05lCvJs%2B0MlFWdAmCX7k3Z%2F7YI0%2BqbonqPW5Zw%2Blm0CoYZSqobeZyJE0pn4z5K0%3D"}]}
content-type
image/jpeg
cache-control
max-age=691200
set-cookie
ntv_ce_visitor=92558407-64e0-4636-b144-9f72e7607da0; Expires=Thu, 23 Apr 2026 20:21:31 GMT; Domain=.perezhilton.com; Secure; HttpOnly
accept-ranges
bytes
cf-ray
645209d62e635470-LHR
expires
Sat, 01 May 2021 16:28:44 GMT
178227761_334368601366210_4208315158412267648_nthumb.jpg
perezhilton.com/wp-content/uploads/sb-instagram-feed-images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/sb-instagram-feed-images/178227761_334368601366210_4208315158412267648_nthumb.jpg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d39d78be44afa08675e7cc5d0bcf6b728d562c0560abf1cbca2b44b95dce883d

Request headers

:path
/wp-content/uploads/sb-instagram-feed-images/178227761_334368601366210_4208315158412267648_nthumb.jpg
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
100367
cf-polished
origSize=6587, status=webp_bigger
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
cf-bgj
imgq:100,h2pri
content-length
6538
cf-request-id
09a72479d900005470e0176000000001
x-ntv-te
12 c:0 a:0
last-modified
Fri, 23 Apr 2021 16:28:18 GMT
server
cloudflare
etag
"6082f5a2-19bb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jwJlxgd9G0%2Bz%2BdX6LBe4XMbAUrWK3NLIgRO0jqI99u%2F1MKypCtLooYqHCz%2Bpbu5VUviJj%2Ft%2BgldFhTvGeX8uagnsdl5hkSPMdWbnwsx%2BAtI%3D"}]}
content-type
image/jpeg
cache-control
max-age=691200
set-cookie
ntv_ce_visitor=32c40a66-be31-471e-8433-8ea089788bb1; Expires=Thu, 23 Apr 2026 20:21:31 GMT; Domain=.perezhilton.com; Secure; HttpOnly
accept-ranges
bytes
cf-ray
645209d62e665470-LHR
expires
Sat, 01 May 2021 16:28:44 GMT
177435191_450625649574635_6859927719409764995_nthumb.jpg
perezhilton.com/wp-content/uploads/sb-instagram-feed-images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/sb-instagram-feed-images/177435191_450625649574635_6859927719409764995_nthumb.jpg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fb52a08b6e1c28c24c5f22a7d88d5b865f4709e7c74d7813e8cb7cf9381f54b

Request headers

:path
/wp-content/uploads/sb-instagram-feed-images/177435191_450625649574635_6859927719409764995_nthumb.jpg
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
107517
cf-polished
origSize=6711, status=webp_bigger
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
cf-bgj
imgq:100,h2pri
content-length
6610
cf-request-id
09a72479d900005470b0ae5000000001
x-ntv-te
12 c:0 a:0
last-modified
Fri, 23 Apr 2021 14:28:10 GMT
server
cloudflare
etag
"6082d97a-1a37"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Z5KxSmkQqHwcjWxKfD9k1D6bBofiJcMqi1kuIB4Wc5UEPg7%2BoLpVFw%2FUzsoEIJruNPneI5lNhNtLbJ6i8vOGMrkoPHL2u1WOuAUdIN%2Ba8PE%3D"}]}
content-type
image/jpeg
cache-control
max-age=691200
set-cookie
ntv_ce_visitor=08c0f41c-e846-4ba3-939e-1c50f2870508; Expires=Thu, 23 Apr 2026 20:21:31 GMT; Domain=.perezhilton.com; Secure; HttpOnly
accept-ranges
bytes
cf-ray
645209d62e675470-LHR
expires
Sat, 01 May 2021 14:29:34 GMT
176234081_490517948972815_560940137509765687_nthumb.jpg
perezhilton.com/wp-content/uploads/sb-instagram-feed-images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/sb-instagram-feed-images/176234081_490517948972815_560940137509765687_nthumb.jpg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a2b7118a3b3b8aa99ba4aab0d85dffe414f2cc5158f18c6e5b4e6e99aad76fc

Request headers

:path
/wp-content/uploads/sb-instagram-feed-images/176234081_490517948972815_560940137509765687_nthumb.jpg
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
147186
cf-polished
origSize=6818, status=webp_bigger
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
cf-bgj
imgq:100,h2pri
content-length
6694
cf-request-id
09a72479dd00005470cb80d000000001
x-ntv-te
6 c:0 a:0
last-modified
Fri, 23 Apr 2021 02:27:38 GMT
server
cloudflare
etag
"6082309a-1aa2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vfEwYTZeQCqCxSVGWBLLEP8q0Bc%2FNXv%2BPVJ0qC%2FFkNjoqJ%2F%2BTRScjDL0zwAORjd9xeEHbRd07Lv5f0T4%2FMQDxzodhriHd16wT8I9yae8Y50%3D"}]}
content-type
image/jpeg
cache-control
max-age=691200
set-cookie
ntv_ce_visitor=710f7931-d788-4216-b47e-c7b44c0844f9; Expires=Thu, 23 Apr 2026 20:21:31 GMT; Domain=.perezhilton.com; Secure; HttpOnly
accept-ranges
bytes
cf-ray
645209d62e6a5470-LHR
expires
Sat, 01 May 2021 03:28:25 GMT
176433469_160941902605406_2026582781058842475_nthumb.jpg
perezhilton.com/wp-content/uploads/sb-instagram-feed-images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/sb-instagram-feed-images/176433469_160941902605406_2026582781058842475_nthumb.jpg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd7273b05b95573a54d13c983b0e653e7135f57a3973ae050db6dfafb8405290

Request headers

:path
/wp-content/uploads/sb-instagram-feed-images/176433469_160941902605406_2026582781058842475_nthumb.jpg
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
156854
cf-polished
origSize=6398, status=webp_bigger
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
cf-bgj
imgq:100,h2pri
content-length
6288
cf-request-id
09a72479da00005470bf069000000001
x-ntv-te
13 c:0 a:0
last-modified
Fri, 23 Apr 2021 00:27:36 GMT
server
cloudflare
etag
"60821478-18fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dskgUdOdo3aIZHXekYzZ%2Feiv5Ej3ssrn25hqp02XNpYzCcjDRxjVIaAexIRPLrr%2BPs7X331OveB8vML2qzRB%2F10%2FNWzVq%2F1Eapxg0aIqwpE%3D"}]}
content-type
image/jpeg
cache-control
max-age=691200
set-cookie
ntv_ce_visitor=7452177e-ba7a-4286-b03f-9515565c2699; Expires=Thu, 23 Apr 2026 20:21:31 GMT; Domain=.perezhilton.com; Secure; HttpOnly
accept-ranges
bytes
cf-ray
645209d62e6e5470-LHR
expires
Sat, 01 May 2021 00:47:17 GMT
176059986_1426519687701354_5205107855298413647_n.jpg
scontent-sjc3-1.cdninstagram.com/v/t51.29350-15/ 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-sjc3-1.cdninstagram.com/v/t51.29350-15/176059986_1426519687701354_5205107855298413647_n.jpg?_nc_cat=1&ccb=1-3&_nc_sid=8ae9d6&_nc_ohc=keY4PCd8F7EAX9Umsyf&_nc_ht=scontent-sjc3-1.cdninstagram.com&oh=c8221677148373207bcfdddb6327fda2&oe=60AB8493
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f231:c5:face:b00c:0:43fe Santa Clara, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8eb3f8862f5adb64efccf61e5ee46b07daace9b12aae73b90b9e986a462046ef

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-haystack-needlechecksum
2953477125
date
Sat, 24 Apr 2021 20:21:31 GMT
x-fb-trip-id
436667874
last-modified
Thu, 22 Apr 2021 23:25:04 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1039655058
x-fb-config-version-olb-prod
1083
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
347351
admin-ajax.php
perezhilton.com/wp-admin/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-admin/admin-ajax.php
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02a424cb2c550f1ed13acbd4c8c3d9bf1114ae6ed898cfd88d156d50469161f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
origin
https://perezhilton.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0
content-length
315
:path
/wp-admin/admin-ajax.php
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
*/*
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
645209d64ea55470-LHR
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
cf-request-id
09a72479ed00005470fc281000000001
x-ntv-te
741 c:0 a:0
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vD5v1L4Q1c5MNzan3Qt7p6DoTcPR7ggfvlTLSudqlx0PiJvD%2FNjl%2Br8z5uze0P8UxydS838AoLRgxUJyVZmtu8kyOdqtqBKZl0D49sdLyv4%3D"}]}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
set-cookie
ntv_ce_visitor=6eb00fc6-4165-4ef6-bd06-0d3a609ef53a; Expires=Thu, 23 Apr 2026 20:21:31 GMT; Domain=.perezhilton.com; Secure; HttpOnly
x-robots-tag
noindex
expires
Wed, 11 Jan 1984 05:00:00 GMT
pbjs_wrapper.v1.0.js
hb.brainlyads.com/ Frame 65E1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js?ver=0.9.4.1610619161
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1fb754cec74956af6531826d6f73a28e8bb2049d3bb3913c524e4d7583b0435c

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Apr 2021 16:05:21 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
W/"60804d41-444d"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sun, 25 Apr 2021 20:21:31 GMT
prebid.js
hb.brainlyads.com/ Frame 65E1 		388 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/prebid.js
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js?ver=0.9.4.1610619161
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
c02c2290fc433842a4611ff9d6413845069bfffbefcef2b5a0041cf8d5fa65ad

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Apr 2021 16:04:14 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
W/"60804cfe-610e6"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sun, 25 Apr 2021 20:21:31 GMT
yappa-comments.css
embed.yappaapp.com/ 		137 B
381 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed.yappaapp.com/yappa-comments.css
Requested by
Host: comments.yappaapp.com
URL: https://comments.yappaapp.com/embed/yappa-comments.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b460840487c7419340c409f5d2e230e5f36d965a061754bd2402b7e4068962c

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
710366
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09a7247b0200004a8b31133000000001
last-modified
Mon, 21 Dec 2020 11:52:23 GMT
server
cloudflare
etag
W/"5fe08c77-89"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wkowt9beNW36m2nMvx5ZjN6rirGFGSBUqo9JwleM76vgmp8gO7NDNm8E31J2zR0TwM7wz6ThfGbBI%2BiH7F4FXTWvT4r90Zuc5s2pXBaYZU0U9EqrdmYjADlFpgKytNE%3D"}]}
content-type
text/css
cache-control
max-age=1800
cf-ray
645209d80fad4a8b-FRA
/
widget.yappaapp.com/ Frame 4ECD 		854 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.yappaapp.com/?url=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&content-id=&disable-ads=false
Requested by
Host: comments.yappaapp.com
URL: https://comments.yappaapp.com/embed/yappa-comments.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a22e9aa5f3fa5d68162414b9d87a215b1f66d4aaeffca6cb164cade10ddc8088

Request headers

:method
GET
:authority
widget.yappaapp.com
:scheme
https
:path
/?url=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&content-id=&disable-ads=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://perezhilton.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cf_bm=eb53aac648f283166da2bac56ffe2b0351497b48-1619295690-1800-AVO+wqLh8UXkdurRAKXqWr7iMmGIJChSWSYSZ6lmzFbm/3r1KcQ3QsjLsB5s88vJ1/zxngNBW8ZBpMBEb4dPvUo=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://perezhilton.com/

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
content-type
text/html
set-cookie
__cfduid=d3155355f2a37a2344d9f4cb339dcd8b81619295691; expires=Mon, 24-May-21 20:21:31 GMT; path=/; domain=.yappaapp.com; HttpOnly; SameSite=Lax; Secure
last-modified
Wed, 24 Feb 2021 11:05:52 GMT
cf-cache-status
DYNAMIC
cf-request-id
09a72479e100004a8bda160000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7miy32vyUWOmmN4y1A5itu6ZWEUfSG%2FkJz%2FQbTfYCsSHb4woYqB5dDDsGviIbeZJvv30LLsVlXUaiXnHpJJEzpwctxNgvmInAqwy81x6DrV8YjJDwE7aErPFKEaeNpbm"}]}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
645209d63c284a8b-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
js
www.googletagmanager.com/gtag/ 		117 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9JS9Z0NFL0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-338092-8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2e9b0f8da2df420bc5412002babc97c4873c7c36fbdc77336aca374168da6a33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46214
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:21:31 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_mat=337*2139&ntv_it
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.67.80.248 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-67-80-248.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:31 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=7be444ea-5aff-489c-8279-ba8a02713231&ntv_fl=k4_euJ5Ww-btn4yGYn2KgGLMmajNHTrgv7t5ZM1UcNJ48nup4E9cpBXP_f75nSGi9BCnxIkubp1ciRX1JE2gNcLhRWxTl2kphOtk-vEM0-YqGAG2ZH7mPt-m2ciwnSRzsViMuwT7XArfDryYLmlQhUC3Fsv0_aY6bKHI0nXPwrMqWZOemM9KhFcTZPBFwEwC&ntv_ht=yX2EYAA&ntv_tpvcs=&ntv_at=303&ntv_a=AAAAAAAAAAFBgRA&ord=1619295691248&ntv_it
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.67.80.248 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-67-80-248.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:31 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_6oLVLzgr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_6oLVLzgr/v2?platform=Desktop
Protocol
H2
Server
23.55.110.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-49.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
x-guid,x-post-id,x-spot-id,x-spotim-page-view-id
Origin
https://perezhilton.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
server
fasthttp
access-control-allow-origin
https://perezhilton.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id
access-control-expose-headers
access-control-max-age
86400
date
Sat, 24 Apr 2021 20:21:31 GMT
events
direct-events-collector.spot.im/api/v2/ 		0
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_6oLVLzgr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.174.102.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-174-102-7.compute-1.amazonaws.com
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://perezhilton.com
date
Sat, 24 Apr 2021 20:21:31 GMT
access-control-allow-credentials
true
server
fasthttp
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_6oLVLzgr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.77 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-77.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA6-C1
content-length
20
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
x-amz-cf-id
XLaSxZ47oluVflAzblO89qyqBSHH3U8AeexDBvX6vqvLvZ4ag-5BKQ==
expires
Mon, 25 Apr 2022 20:21:31 GMT
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_6oLVLzgr/ 		30 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_6oLVLzgr/v2?platform=Desktop
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_6oLVLzgr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-49.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
57a431c43675574d9936e370b8edcea09b70acb706f9bdcb39438ffc5cbee32d

Request headers

x-spot-id
sp_6oLVLzgr
x-spotim-page-view-id
7e9d72b5-de3f-4044-b3d6-15dc38522119
x-guid
null
Referer
https://perezhilton.com/
x-post-id
822756
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
content-encoding
gzip
server
fasthttp
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://perezhilton.com
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id
content-length
2909
x-request-id
a86e2b7d-a53a-11eb-8bbb-ee03a032f13c
access-control-expose-headers
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_6oLVLzgr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.77 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-77.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
FRA6-C1
content-length
20
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
x-amz-cf-id
XLaSxZ47oluVflAzblO89qyqBSHH3U8AeexDBvX6vqvLvZ4ag-5BKQ==
expires
Mon, 25 Apr 2022 20:21:31 GMT
truncated
/ 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
device_load
events-collector.spot.im/api/v1/ 		36 B
476 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://events-collector.spot.im/api/v1/device_load
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_6oLVLzgr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-65.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
bd0843f621fe24f045c80a3a911b827e2708ea3a1b7a2b686c4e7e5bb21bd89c

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:31 GMT
server
fasthttp
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://perezhilton.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length
36
expires
Sat, 24 Apr 2021 20:21:31 GMT
js
www.googletagmanager.com/gtag/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-167135943-9
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js?ver=0.9.4.1610619161
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a58c64448de39e2e419b445deef9c0dd77f8666f4d3a21ab684018c479ff6bf6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35803
x-xss-protection
0
last-modified
Sat, 24 Apr 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 24 Apr 2021 20:21:31 GMT
js
www.googletagmanager.com/gtag/ 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-167135943-9&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-338092-8
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
188d8ca04205f71d0a2a9c46ca272f208f196aaca656330f20057913bbf8b351
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35766
x-xss-protection
0
last-modified
Sat, 24 Apr 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 24 Apr 2021 20:21:31 GMT
/
reporting.powerad.ai/ 		2 B
412 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://reporting.powerad.ai/
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js?ver=0.9.4.1610619161
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-151-247.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 24 Apr 2021 20:21:31 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
2
css
fonts.googleapis.com/ 		2 KB
546 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Apr 2021 18:22:22 GMT
server
ESF
date
Sat, 24 Apr 2021 20:21:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Apr 2021 20:21:31 GMT
css2
fonts.googleapis.com/ 		11 KB
810 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300&display=swap
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
108f1e05d8142239699ac64b0cff538b45269d6cc0c0d27c24311ba57c67f39f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Apr 2021 20:21:31 GMT
server
ESF
date
Sat, 24 Apr 2021 20:21:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Apr 2021 20:21:31 GMT
css2
fonts.googleapis.com/ 		5 KB
520 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Quicksand:wght@300;400;500;600;700&display=swap
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ff5717ac6506d02b2893832837a4a7b6220ad138e1a41283b20d211517250869
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Apr 2021 20:04:47 GMT
server
ESF
date
Sat, 24 Apr 2021 20:21:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Apr 2021 20:21:31 GMT
MGID_plus.svg
cdn.mgid.com/images/logos/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/MGID_plus.svg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
content-encoding
br
cf-cache-status
HIT
age
3292
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
26D5PESFJ3W3C6DA
x-amz-id-2
eutjixPqny2kLtVDkSPgrFz3u2lxc4FXrDErS9xMhTrXgSAmhHeBctWPt+h98HIq6AOxJRjeSOM=
last-modified
Tue, 23 Feb 2021 16:22:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614097325/ctime:1614097325/gid:0/gname:root/md5:f7525f3a5f32c6f4a8e9867e9f57ab45/mode:33206/mtime:1614097325/uid:0/uname:root
etag
W/"f7525f3a5f32c6f4a8e9867e9f57ab45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-request-id
09a7247a7d00004c79cb28e000000001
cf-ray
645209d72e974c79-AMS
expires
Sun, 25 Apr 2021 20:21:31 GMT
Adchoices.svg
cdn.mgid.com/images/logos/ 		836 B
1009 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
content-encoding
br
cf-cache-status
HIT
age
3292
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
50VWJQBT5W4QYKJG
x-amz-id-2
xhXkWrQ90G/ebA55GK4VP5V6mncDrGDeipe5cahYa8kJ+JMUWbxTCzXMUo5ci9AAJm/Ct0tTCXE=
last-modified
Wed, 17 Feb 2021 18:15:53 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag
W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=86400
cf-request-id
09a7247a7d00004c79b4a4e000000001
cf-ray
645209d72e964c79-AMS
expires
Sun, 25 Apr 2021 20:21:31 GMT
truncated
/ 		138 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		82 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		90 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/ 		38 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/webp
glass.png
perezhilton.com/wp-content/themes/understrap-master/images/ 		460 B
1019 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/themes/understrap-master/images/glass.png
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb32633a40695a487dd80912b7d58b061aac6eee2bfcaa76ec7f36cf7749c635

Request headers

:path
/wp-content/themes/understrap-master/images/glass.png
pragma
no-cache
cookie
ntv_ce_visitor=75bc4742-dbdc-4df1-80fb-8b283c176ebe; __cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22gcbJ.aqrs%22%7D%2C%22C1017368%22%3A%7B%22page%22%3A1%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
159742
cf-polished
origFmt=png, origSize=996
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
content-disposition
inline; filename="glass.webp"
cf-bgj
imgq:100,h2pri
content-length
460
cf-request-id
09a7247a9100005470f1b03000000001
x-ntv-te
21 c:0 a:0
last-modified
Fri, 19 Jun 2020 14:51:05 GMT
server
cloudflare
etag
"5eecd0d9-3e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2Un4oSAbjAWBrnAhuY3hzlDhI5jBGsEbDTUyZO3zCLcmoXvvsD1HGqYe9zDxZUDUMT%2F2OgSaxllwU5US1uxVUoZoCcIfOHYxZumCNPGq0Vo%3D"}]}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
645209d748f55470-LHR
expires
Fri, 30 Apr 2021 23:59:09 GMT
perez-hilton-logo-300x49-1.png
perezhilton.com/wp-content/uploads/2020/07/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2020/07/perez-hilton-logo-300x49-1.png
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a49bde1f3cceeba945b158d948d06aa73d78610f7df9be86826189b70ab88b41

Request headers

:path
/wp-content/uploads/2020/07/perez-hilton-logo-300x49-1.png
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22gcbJ.aqrs%22%7D%2C%22C1017368%22%3A%7B%22page%22%3A1%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
162219
cf-polished
origFmt=png, origSize=6439
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
content-disposition
inline; filename="perez-hilton-logo-300x49-1.webp"
cf-bgj
imgq:100,h2pri
content-length
3834
cf-request-id
09a7247a9100005470bcaee000000001
x-ntv-te
9 c:0 a:0
last-modified
Tue, 21 Jul 2020 23:07:50 GMT
server
cloudflare
etag
"5f177546-1927"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FXhy1lZJf1cUrAoqR9WaAj0AO04V9HYoABa2WBnuL5gGMSzqlhD8KZ%2F0hHOaFixGHbeszW9wGYFv7YUto%2BN6K5%2BAr4pHw%2FeucqPkUTuUQ0g%3D"}]}
content-type
image/webp
cache-control
max-age=691200
set-cookie
ntv_ce_visitor=286d83a4-6ed3-49ed-8548-8899539eb17d; Expires=Thu, 23 Apr 2026 20:21:31 GMT; Domain=.perezhilton.com; Secure; HttpOnly
accept-ranges
bytes
cf-ray
645209d748f65470-LHR
expires
Fri, 30 Apr 2021 23:17:52 GMT
feature-bg.jpg
perezhilton.com/wp-content/themes/understrap-master/images/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/themes/understrap-master/images/feature-bg.jpg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6200e714505710fd1d7ce9e238ca86ec8dee8dccb9034fe3f7781c93d8e62699

Request headers

:path
/wp-content/themes/understrap-master/images/feature-bg.jpg
pragma
no-cache
cookie
ntv_ce_visitor=75bc4742-dbdc-4df1-80fb-8b283c176ebe; __cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22gcbJ.aqrs%22%7D%2C%22C1017368%22%3A%7B%22page%22%3A1%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
138331
cf-polished
origFmt=jpeg, origSize=27016
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
content-disposition
inline; filename="feature-bg.webp"
cf-bgj
imgq:100,h2pri
content-length
19720
cf-request-id
09a7247a9200005470b0afa000000001
x-ntv-te
16 c:0 a:0
last-modified
Fri, 19 Jun 2020 14:51:05 GMT
server
cloudflare
etag
"5eecd0d9-6988"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2BC2gx4PfNlDDk9tI%2F1V%2BqHg1rjfLPtA2YLl3V2j3Y6jigKVWehu6ikAIm%2FYFfaSEg76LyQyjt2gpgb5oUkbe8JWNw6hD96g%2Bp4S1HGsPgb8%3D"}]}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
645209d748f75470-LHR
expires
Sat, 01 May 2021 05:56:00 GMT
Vampire-Facials-Salon-Owner-Charged-After-Two-Clients-Contract-HIV-1024x686.jpg
perezhilton.com/wp-content/uploads/2021/04/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2021/04/Vampire-Facials-Salon-Owner-Charged-After-Two-Clients-Contract-HIV-1024x686.jpg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61800a93f719d316fb8f0e470a24581637cb974570a34711283491f959160aac

Request headers

:path
/wp-content/uploads/2021/04/Vampire-Facials-Salon-Owner-Charged-After-Two-Clients-Contract-HIV-1024x686.jpg
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22gcbJ.aqrs%22%7D%2C%22C1017368%22%3A%7B%22page%22%3A1%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2443
cf-polished
origSize=115687, status=webp_bigger
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
cf-bgj
imgq:100,h2pri
content-length
112705
cf-request-id
09a7247a9200005470ec17f000000001
x-ntv-te
28 c:0 a:0
last-modified
Sat, 24 Apr 2021 18:47:41 GMT
server
cloudflare
etag
"608467cd-1c3e7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zftXRflFTe8E3bVxOhBVBMCJVX7dD1RKBIO851iH%2BR2ywsZrfmVrwTL8B%2BtqZNHfKtyHnoo%2BFc9JR4NKARrvva2RA7vMHPt%2FWFyngDGlHbE%3D"}]}
content-type
image/jpeg
cache-control
max-age=691200
set-cookie
ntv_ce_visitor=223c5d51-d510-4993-a69d-3ddfa12b89d1; Expires=Thu, 23 Apr 2026 20:21:31 GMT; Domain=.perezhilton.com; Secure; HttpOnly
accept-ranges
bytes
cf-ray
645209d748f85470-LHR
expires
Sun, 02 May 2021 19:40:48 GMT
Oprah-Winfrey-Surprise-Meghan-Markle-Prince-Harry-Talked-About-Racism-With-In-Royal-Family-During-Bombshell-Interview-1024x600.jpg
perezhilton.com/wp-content/uploads/2021/04/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2021/04/Oprah-Winfrey-Surprise-Meghan-Markle-Prince-Harry-Talked-About-Racism-With-In-Royal-Family-During-Bombshell-Interview-1024x600.jpg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7941b7836f0b2917a0a6b3f37bb37e536a69720ebbc69c58e97cdaa28b50453

Request headers

:path
/wp-content/uploads/2021/04/Oprah-Winfrey-Surprise-Meghan-Markle-Prince-Harry-Talked-About-Racism-With-In-Royal-Family-During-Bombshell-Interview-1024x600.jpg
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22gcbJ.aqrs%22%7D%2C%22C1017368%22%3A%7B%22page%22%3A1%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
7140
cf-polished
origSize=96506, status=webp_bigger
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
cf-bgj
imgq:100,h2pri
content-length
93406
cf-request-id
09a7247a9200005470f986a000000001
x-ntv-te
11 c:0 a:0
last-modified
Sat, 24 Apr 2021 17:26:59 GMT
server
cloudflare
etag
"608454e3-178fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6R1lrYP6ZtJVfL77Q0jTeLrNn5lAhH7py1OmMvGN90XuS2yFM4INu9RR2IAEmsCfUx%2FFoEnLAhRDZBS2CLMpoJvD757Tjoe%2FMNShaRout90%3D"}]}
content-type
image/jpeg
cache-control
max-age=691200
set-cookie
ntv_ce_visitor=ad9ac971-648f-4b81-a9d2-3d8310da423e; Expires=Thu, 23 Apr 2026 20:21:31 GMT; Domain=.perezhilton.com; Secure; HttpOnly
accept-ranges
bytes
cf-ray
645209d748f95470-LHR
expires
Sun, 02 May 2021 18:22:31 GMT
Here-Is-How-The-Kardashian-Family-Feels-About-Caitlyn-Jenner-Run-For-California-Governor-1024x720.jpg
perezhilton.com/wp-content/uploads/2021/04/ 		161 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2021/04/Here-Is-How-The-Kardashian-Family-Feels-About-Caitlyn-Jenner-Run-For-California-Governor-1024x720.jpg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bac5de7555bedf576123b753ea7bb6b68bd73821a6ab19da6a04aa9f6b1d6b82

Request headers

:path
/wp-content/uploads/2021/04/Here-Is-How-The-Kardashian-Family-Feels-About-Caitlyn-Jenner-Run-For-California-Governor-1024x720.jpg
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22gcbJ.aqrs%22%7D%2C%22C1017368%22%3A%7B%22page%22%3A1%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
15324
cf-polished
origSize=170213, status=webp_bigger
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
cf-bgj
imgq:100,h2pri
content-length
164509
cf-request-id
09a7247a9200005470c6b3f000000001
x-ntv-te
12 c:0 a:0
last-modified
Sat, 24 Apr 2021 15:57:47 GMT
server
cloudflare
etag
"60843ffb-298e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kIBnwBN0iVcSv4irMzxDqSTMoXkGZmtFKpzUFKii9P9mgl6OvtOTs3MzmqDjvZiyw5nHYrr%2Fc7dAMkG6Y5HF%2FEs9aOw%2BRIT3HKZeQ8J4AWs%3D"}]}
content-type
image/jpeg
cache-control
max-age=691200
set-cookie
ntv_ce_visitor=95301808-4c3f-4cfe-adb2-f08f280368ec; Expires=Thu, 23 Apr 2026 20:21:31 GMT; Domain=.perezhilton.com; Secure; HttpOnly
accept-ranges
bytes
cf-ray
645209d748fb5470-LHR
expires
Sun, 02 May 2021 16:06:07 GMT
I45YVWHO7e8
i3.ytimg.com/vi/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.ytimg.com/vi/I45YVWHO7e8
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:21 GMT
x-content-type-options
nosniff
server
sffe
age
10
content-type
image/jpeg
cache-control
public, max-age=30
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1097
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:21:51 GMT
KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v27/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c7856c0d39606a745670d4c03525f3644fe65304191be208516def923cc3762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://perezhilton.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Apr 2021 21:25:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:42 GMT
server
sffe
age
428191
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17484
x-xss-protection
0
expires
Tue, 19 Apr 2022 21:25:00 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,300&display=swap
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://perezhilton.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 19:15:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
age
349566
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
expires
Wed, 20 Apr 2022 19:15:25 GMT
rules-p-GANCBjEfRH5Fe.js
rules.quantcount.com/ 		3 B
357 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-GANCBjEfRH5Fe.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215d:600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:19:07 GMT
via
1.1 0562d7d213bde9a129ec458c631f9cef.cloudfront.net (CloudFront)
last-modified
Fri, 03 Mar 2017 23:52:35 GMT
server
AmazonS3
age
147
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Error from cloudfront
content-type
application/x-javascript
cache-control
max-age=300
x-amz-cf-pop
CPH50-C1
accept-ranges
bytes
content-length
3
x-amz-cf-id
jTKfakUhk13Jn084EDCsHNz0xLlxgum6UY-MjHzWJdkOzs7_mb3-0Q==
google-atp-list.json
quantcast.mgr.consensu.org/tcfv2/ 		153 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=perezhilton.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2021:4a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
00fd0ec42b432ab5d108b9d657f40db1dfe67269183afb550cbbbceb87e91165

Request headers

Accept
application/json, text/plain, */*
Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 03:01:28 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
62403
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Sat, 24 Apr 2021 03:01:26 GMT
server
AmazonS3
etag
W/"49938c1f7382ca07244c2fa380174891"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 7e5377bfdf5e6ef7597f63d6648e4e9b.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
CPH50-C2
x-amz-cf-id
uvWPrRRiH6LNxoGW2o0_TWMNr228zkjtWFXc7o_jzTFNu68HMvWroQ==
events
prd-collector-anon.ex.co/main/ 		0
137 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: mcd-sdk.playbuzz.com
URL: https://mcd-sdk.playbuzz.com/embed/sdk.js?embedId=7bf0df57-3cb6-41b5-be24-76e9e5f90af4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.209.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-209-254.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://perezhilton.com
date
Sat, 24 Apr 2021 20:21:31 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
css2
fonts.googleapis.com/ 		2 KB
548 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 24 Apr 2021 19:25:54 GMT
server
ESF
date
Sat, 24 Apr 2021 20:21:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 24 Apr 2021 20:21:31 GMT
anchor
www.google.com/recaptcha/api2/ Frame 5515 		19 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lel6LwZAAAAAOWBQsyuijMbyGWGbJCfx8DOYNnc&co=aHR0cHM6Ly9wZXJlemhpbHRvbi5jb206NDQz&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=invisible&cb=s3qye3pveeya
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cafc8cae6539b81401032b3b552b3a6199007bfd7b572b5c97dceeea4a614a51
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9YWDVHFsu0ETfRlOf8HYeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Lel6LwZAAAAAOWBQsyuijMbyGWGbJCfx8DOYNnc&co=aHR0cHM6Ly9wZXJlemhpbHRvbi5jb206NDQz&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=invisible&cb=s3qye3pveeya
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://perezhilton.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://perezhilton.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sat, 24 Apr 2021 20:21:31 GMT
content-security-policy
script-src 'report-sample' 'nonce-9YWDVHFsu0ETfRlOf8HYeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
10063
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1
servicer.mgid.com/1017368/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.mgid.com/1017368/1?w=750&h=569&p3_w=242&p3_h=246&maxw_3=242&maxh_3=246&cols=3&pv=5&cbuster=1619295691621928244082&uniqId=10362&childs=1017383&consentData=&gdprApplies=false&uspString=&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&lu=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&pageView=1&pvid=179058b6365a5fab91f&implVersion=11&dpr=1
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/a/d/aditude.io.perezhilton.com.1017368.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12f75943ae70e85f454fddd6bfeecca5e1c12cd54f3f5fa7cef56bfc5576ae23

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
645209d8da3d4c79-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09a7247b8600004c79e69a7000000001
/
perezhilton.com/ntv-ce-sync/-1401875664/
Redirect Chain
  • https://jadserve.postrelease.com/ce.gif?do=gci&fpd=perezhilton.com&ntv_it
  • https://perezhilton.com/ntv-ce-sync/-1401875664/?id=000000&o=1&s=2&do=syn
43 B
778 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/ntv-ce-sync/-1401875664/?id=000000&o=1&s=2&do=syn
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

:path
/ntv-ce-sync/-1401875664/?id=000000&o=1&s=2&do=syn
pragma
no-cache
cookie
__cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0; _ga_9JS9Z0NFL0=GS1.1.1619295691.1.0.1619295691.0; _pbjs_userid_consent_data=3524755945110770; _ga=GA1.2.1860076318.1619295692; _gid=GA1.2.1096157015.1619295692; _gat_gtag_UA_338092_8=1; _gat_gtag_UA_167135943_9=1; ntv_as_us_privacy=1---; MarketGidStorage=%7B%220%22%3A%7B%7D%2C%22C1017368%22%3A%7B%22page%22%3A1%2C%22time%22%3A1619295691834%7D%7D
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/
:scheme
https
sec-fetch-site
cross-site
:method
GET
Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
content-length
43
cf-request-id
09a7247c6f00005470e62d3000000001
x-ntv-te
32 c:0 a:0
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vqzOrPUUELsIMJUp9OQIHDkQeIIU9ZgfL%2BaZTgf6vmPWf0SNiW7fwk6bnEVpDKY4mhsxbTChKO4VcLyiRa9YAacVfQggUgNqbxXWsLKU0r4%3D"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
set-cookie
ntv_as_syn=1619295691; Domain=.perezhilton.com; Expires=Sun Apr 24 2022 20:21:31 GMT+0000 (Coordinated Universal Time); Path=/; Secure; ntv_as_opt_out=1; Domain=.perezhilton.com; Expires=Sun Apr 24 2022 20:21:31 GMT+0000 (Coordinated Universal Time); Path=/; Secure;
cf-ray
645209da4f695470-LHR
expires
Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:31 GMT
server
nginx/1.12.1
location
https://perezhilton.com/ntv-ce-sync/-1401875664/?id=000000&o=1&s=2&do=syn
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
collect
www.google-analytics.com/g/ 		0
171 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-9JS9Z0NFL0&gtm=2oe4e1&_p=1893834179&sr=1600x1200&ul=en-us&cid=1860076318.1619295692&_s=1&dl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&dt=Salon%20Owner%20Charged%20After%20Two%20Clients%20Contract%20HIV%20From%20A%20%E2%80%98Vampire%20Facial%E2%80%99!%20-%20Perez%20Hilton&sid=1619295691&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9JS9Z0NFL0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-338092-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
3528
date
Sat, 24 Apr 2021 19:22:43 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Sat, 24 Apr 2021 21:22:43 GMT
/
www.instagram.com/accounts/login/ Frame AA11
Redirect Chain
  • https://www.instagram.com/p/WsspMAuS2A/embed/captioned/?cr=1&v=13&wp=640&rd=https%3A%2F%2Fperezhilton.com&rp=%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F
  • https://www.instagram.com/accounts/login/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/accounts/login/
Requested by
Host: platform.instagram.com
URL: https://platform.instagram.com/en_US/embeds.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f21c:81e5:face:b00c:0:4420 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.instagram.com
:scheme
https
:path
/accounts/login/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://perezhilton.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://perezhilton.com/

Response headers

content-type
text/html; charset=utf-8
vary
Accept-Language, Cookie
content-language
en
date
Sat, 24 Apr 2021 20:21:31 GMT
strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-frame-options
SAMEORIGIN
content-security-policy
report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
cross-origin-embedder-policy-report-only
require-corp;report-to="coep"
report-to
{"group": "coep", "max_age": 86400, "endpoints": [{"url": "/security/coep_report/"}]}
x-content-type-options
nosniff
x-xss-protection
0
x-ig-push-state
c2
x-aed
44
access-control-expose-headers
X-IG-Set-WWW-Claim
content-length
20793
x-ig-origin-region
vll
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i

Redirect headers

content-type
text/html; charset=utf-8
location
https://www.instagram.com/accounts/login/
vary
Accept-Language, Cookie
content-language
en
date
Sat, 24 Apr 2021 20:21:31 GMT
strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate
pragma
no-cache
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy
report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
x-content-type-options
nosniff
x-xss-protection
0
x-ig-push-state
c2
x-aed
44
access-control-expose-headers
X-IG-Set-WWW-Claim
content-length
0
x-ig-origin-region
vll
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=6134710&ntv_pl=1114139&ntv_it
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.67.80.248 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-67-80-248.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:31 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=ad405dcc-fbed-4311-bad9-af5f110320cc&ntv_fl=zOcEDJFzfNKR6SyJk0keXgsNqbfi-kYz-3aJWqcAxnLQJeYGOXmNNglg3fXdrWwrUu3MouwvW8Yn7IfytgvxCDD-n3yv-bJsBrhWyz_5lxftwpQYg7G8R2KlRGVDgiGWWTTSemf2LhBoMHNVHMDuA6_HJgVLggmk6he_5nHj4tk=&ntv_ht=y32EYAA&ntv_at=303&ntv_a=AAAAAAAAAAGwARA&ord=1619295691693&ntv_it
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.67.80.248 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-67-80-248.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:31 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fperezhilton.com%2F&domain=perezhilton.com&cw=1&lsw=1
Protocol
H2
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://perezhilton.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://perezhilton.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1420
date
Sat, 24 Apr 2021 20:21:31 GMT
content-encoding
gzip
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fperezhilton.com%2F&domain=perezhilton.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=fX4olXx6V0d6c09OcGg5Yk5BeFdhb21RWkVtbWltTVBmU1ZJQWZIVXA5dkxwdDdXZ2UveFVBUHRyN2psY2R5ei9ZWVZJWEJUTG5uYnVBVCtBUU1HRmRZVlB3MnpTVm01clByOGVYMzBWVEpabHZWK2hjeFozVFluanNLdz...
342 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=fX4olXx6V0d6c09OcGg5Yk5BeFdhb21RWkVtbWltTVBmU1ZJQWZIVXA5dkxwdDdXZ2UveFVBUHRyN2psY2R5ei9ZWVZJWEJUTG5uYnVBVCtBUU1HRmRZVlB3MnpTVm01clByOGVYMzBWVEpabHZWK2hjeFozVFluanNLdzY2bUp3S0ZrRUdpYzh4Qm8va1NOWGNXKzNxTk5DUkg4ZkNwbjc0a2FjWDlwUFhuK0VZZlFPNkt5ZWNqL3pzTjhBZGhvalAvZm9neDBTdkNwbTlVM2o2YXUzbzI1QlVUYWZMWGVraEMybHJIR2VFL1ZDdFdvPXw&cppv=2
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
788b1fcc66fdae97ec1507251d438d4d6617a77fbf032c48c9c5e303ffca11a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sat, 24 Apr 2021 20:21:32 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2422
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 24 Apr 2021 20:21:31 GMT
location
https://mug.criteo.com/sid?cpp=fX4olXx6V0d6c09OcGg5Yk5BeFdhb21RWkVtbWltTVBmU1ZJQWZIVXA5dkxwdDdXZ2UveFVBUHRyN2psY2R5ei9ZWVZJWEJUTG5uYnVBVCtBUU1HRmRZVlB3MnpTVm01clByOGVYMzBWVEpabHZWK2hjeFozVFluanNLdzY2bUp3S0ZrRUdpYzh4Qm8va1NOWGNXKzNxTk5DUkg4ZkNwbjc0a2FjWDlwUFhuK0VZZlFPNkt5ZWNqL3pzTjhBZGhvalAvZm9neDBTdkNwbTlVM2o2YXUzbzI1QlVUYWZMWGVraEMybHJIR2VFL1ZDdFdvPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1709
content-length
482
expires
0
gpt.js
www.googletagservices.com/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/wp-content/themes/understrap-master/js/ph-ads-old.js?ver=0.9.4.1614871813
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad309904b3882d0bc665ba54e6fc9a708e89a6155fdce036c73ab386c80086c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"852 / 855 of 1000 / last-modified: 1619215752"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21081
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:21:31 GMT
prebid.js
perezhilton.com/wp-content/themes/understrap-master/js/ 		259 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://perezhilton.com/wp-content/themes/understrap-master/js/prebid.js?326
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/wp-content/themes/understrap-master/js/ph-ads-old.js?ver=0.9.4.1614871813
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f42a056a4add83f94e3e9d0de6eeead41e267f3081de79d7cfd420a4d6db08f1

Request headers

:path
/wp-content/themes/understrap-master/js/prebid.js?326
pragma
no-cache
cookie
ntv_ce_visitor=d183e52a-019f-4b4a-93e9-563b567a89ca; __cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22gcbJ.aqrs%22%7D%2C%22C1017368%22%3A%7B%22page%22%3A1%7D%7D; _ga_9JS9Z0NFL0=GS1.1.1619295691.1.0.1619295691.0; _ga=GA1.1.1860076318.1619295692; _pbjs_userid_consent_data=3524755945110770
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4389
cf-polished
origSize=264836
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
cf-request-id
09a7247be500005470d105b000000001
x-ntv-te
8 c:0 a:0
last-modified
Tue, 20 Oct 2020 19:24:17 GMT
server
cloudflare
etag
W/"5f8f3961-40a84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HH3a34COD0Xw0MYWxzjYi4SCW2Ml3%2BMfAfhbYLEN8U8l3Xlcbv9XCTuzsQ%2BgtnoL%2B81Gqg2ubFGX7cfzoswceMi8NLEyKDKRwyKVfsiUIIg%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
645209d96d7e5470-LHR
cf-bgj
minify
tag.min.js
get.s-onetag.com/44c4576f-3ff8-44c4-94c2-d2c025cdc319/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/44c4576f-3ff8-44c4-94c2-d2c025cdc319/tag.min.js
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/wp-content/themes/understrap-master/js/ph-ads-old.js?ver=0.9.4.1614871813
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
95607382e380f946456b9d56cc03bc61946bedf84d4f139d7612f3d03f7791a6

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
qm53Xb1gqjKq0nVKNIbGabgxrHexFyUf
content-encoding
gzip
last-modified
Thu, 28 Jan 2021 22:39:35 GMT
server
AmazonS3
age
59252
etag
W/"91cfea2cf1495159f3884da5152e144b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Sat, 24 Apr 2021 03:57:22 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
Y78iWTrl9CWMyPpiXFSZPb-KADjhGeAF0vDb3JGM2iu0JMCb4YS1KQ==
insync
thrtle.com/
Redirect Chain
  • https://px.britepool.com/new?partner_id=t
  • https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=d67dedd7-414e-46e3-82d3-b1a0df5ecf50
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=d67dedd7-414e-46e3-82d3-b1a0df5ecf50
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.201.23 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-201-23.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Date
Sat, 24 Apr 2021 20:21:32 GMT
Server
nginx
Vary
negotiate,Accept-Encoding
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://thrtle.com/insync?vxii_pid=10054&vxii_pdid=d67dedd7-414e-46e3-82d3-b1a0df5ecf50
Cache-Control
no-cache, no-store, private
Tcn
Choice
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
X-Request-Id
73453cc680871514a76802d010870a8e
Expires
Sat, 26 Jul 1997 05:00:00 GMT
cmp-list.json
test.quantcast.mgr.consensu.org/GVL-v2/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=perezhilton.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:215d:6e00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ed3bf99ae6134fef15ec4bf563cb1306f9b081a6004e90ebbeff12fba640914

Request headers

Accept
application/json, text/plain, */*
Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 19:52:32 GMT
content-encoding
br
age
1740
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Sat, 24 Apr 2021 19:52:29 GMT
server
AmazonS3
etag
W/"e5b6c22f0ffdb6ee9d42c0362175c85b"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
auqz6p12AuFtrbkD4ZaQDqSfMHgwbppN
via
1.1 1ebf52f5e79648444025879af65610d2.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
CPH50-C1
content-type
application/json
x-amz-cf-id
7tiWbwPtkKefCLh5YzS0LvA5npQwYA2isl1rHRBWg0Zy1mUJM8x_cA==
app.0aa7674d.css
widget.yappaapp.com/css/ Frame 4ECD 		73 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widget.yappaapp.com/css/app.0aa7674d.css
Requested by
Host: widget.yappaapp.com
URL: https://widget.yappaapp.com/?url=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&content-id=&disable-ads=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b67df89b4dacf0ff9a72382d4c985f11369433300f0ff01e8067b6860c7653de

Request headers

Referer
https://widget.yappaapp.com/?url=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&content-id=&disable-ads=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
710365
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09a7247d1000004a8bda19b000000001
last-modified
Wed, 24 Feb 2021 11:05:52 GMT
server
cloudflare
etag
W/"60363310-123c1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g1wsPKbRpfkweZv2mgDLzBYYB%2FQCjNyc1uoluKNUEJ6IkMGjX%2BY9mpVJ8shftjzQxa947x%2FVjFA3tvcqjFL%2FvMfLYxAOWaumATaYv3iT8KoXNQqpap151NGrSVob62as"}]}
content-type
text/css
cache-control
max-age=14400
cf-ray
645209db4e394a8b-FRA
chunk-vendors.f3292285.css
widget.yappaapp.com/css/ Frame 4ECD 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widget.yappaapp.com/css/chunk-vendors.f3292285.css
Requested by
Host: widget.yappaapp.com
URL: https://widget.yappaapp.com/?url=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&content-id=&disable-ads=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7cb7125d4f8b01c27526687abb6d8a8e3b1d7e785b2d149947bde2397a89dc06

Request headers

Referer
https://widget.yappaapp.com/?url=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&content-id=&disable-ads=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
710365
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09a7247d1000004a8b2e28a000000001
last-modified
Wed, 24 Feb 2021 11:05:52 GMT
server
cloudflare
etag
W/"60363310-ceb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NywFPUI9ay0aKqjcE2N7DRhKmqjVA6XW9QwQoBkRu%2BdfM7QFfs4vn%2FIfp%2FqNzqkUK3DpM84vXRkqFtmil35336QLhztZujH34z6rWzcxKk0SoQYTMWiSm9ECV83EAavE"}]}
content-type
text/css
cache-control
max-age=14400
cf-ray
645209db4e3b4a8b-FRA
app.c6d113eb.js
widget.yappaapp.com/js/ Frame 4ECD 		264 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.yappaapp.com/js/app.c6d113eb.js
Requested by
Host: widget.yappaapp.com
URL: https://widget.yappaapp.com/?url=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&content-id=&disable-ads=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4b86e254c20b49531c19b3385d027cf5ad8bbd3a41d6d9096d1456839e0cbb9

Request headers

Referer
https://widget.yappaapp.com/?url=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&content-id=&disable-ads=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
675089
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09a7247d1100004a8bd489b000000001
last-modified
Wed, 24 Feb 2021 11:05:52 GMT
server
cloudflare
etag
W/"60363310-42012"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uIa505Wd4SosVBYbhzCBS%2F9XwwUiHKdXJ26U6zDrDN97nhvALPZb8aa3PDdgshz9JHr0xJn%2F2q7HxbWhP5v9wVEr2UP3%2FGAIra7QvQz2GS562J%2FzQ8tAQfXNdK5Hahnf"}]}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
645209db4e3c4a8b-FRA
chunk-vendors.8d851cc7.js
widget.yappaapp.com/js/ Frame 4ECD 		323 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.yappaapp.com/js/chunk-vendors.8d851cc7.js
Requested by
Host: widget.yappaapp.com
URL: https://widget.yappaapp.com/?url=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&content-id=&disable-ads=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71582292b0a4bed150fb2e8c08f70177cf76cb21eefa7b25580cd5b28191aca2

Request headers

Referer
https://widget.yappaapp.com/?url=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&content-id=&disable-ads=false
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
687203
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09a7247d1100004a8b43041000000001
last-modified
Wed, 24 Feb 2021 11:05:52 GMT
server
cloudflare
etag
W/"60363310-50d76"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7Y1yojt9KGo25p2iIESHVkZzCO10X4quYsbBchTJZlycVyNbZV0XxeWTsuQAPr0s5vpkuy5ryTQNBAbgsUzM3o288WWFsDugTdYuGMtu0J0QfrauKb0Z9l7gJek%2FOERM"}]}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
645209db4e3e4a8b-FRA
822756
api-2-0.spot.im/v1.0.0/config/ab_test/sp_6oLVLzgr/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_6oLVLzgr/822756
Protocol
H2
Server
23.55.110.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-49.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Origin
https://perezhilton.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-length
0
server
fasthttp
access-control-allow-origin
https://perezhilton.com
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid
access-control-max-age
86400
date
Sat, 24 Apr 2021 20:21:31 GMT
822756
api-2-0.spot.im/v1.0.0/config/ab_test/sp_6oLVLzgr/ 		88 B
750 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_6oLVLzgr/822756
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_6oLVLzgr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-49.deploy.static.akamaitechnologies.com
Software
fasthttp /
Resource Hash
e534c76d4161a751554b9b349e39cbdba64737c613c12e6d529db9ee76730774

Request headers

Accept
application/json
Referer
https://perezhilton.com/
x-spotim-page-view-id
7e9d72b5-de3f-4044-b3d6-15dc38522119
Content-Type
application/json
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-spotim-device-uuid
f3b63069-5cb4-42b8-bdcd-a7863d41cf6a

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://perezhilton.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid
content-length
88
x-request-id
a896759a-a53a-11eb-81c2-62e40c8e2733
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1893834179&t=pageview&_s=1&dl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&ul=en-us&de=UTF-8&dt=Salon%20Owner%20Charged%20After%20Two%20Clients%20Contract%20HIV%20From%20A%20%E2%80%98Vampire%20Facial%E2%80%99!%20-%20Perez%20Hilton&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAUABAAAAAC~&jid=966200512&gjid=1185064044&cid=1860076318.1619295692&tid=UA-338092-8&_gid=1096157015.1619295692&_r=1&gtm=2ou4e1&z=1158401796
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1893834179&t=pageview&_s=1&dl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&ul=en-us&de=UTF-8&dt=Salon%20Owner%20Charged%20After%20Two%20Clients%20Contract%20HIV%20From%20A%20%E2%80%98Vampire%20Facial%E2%80%99!%20-%20Perez%20Hilton&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAUABAAAAAC~&jid=609362130&gjid=296085019&cid=1860076318.1619295692&tid=UA-167135943-9&_gid=1096157015.1619295692&_r=1&gtm=2ou4e1&z=530585288
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame 5515 		51 KB
52 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lel6LwZAAAAAOWBQsyuijMbyGWGbJCfx8DOYNnc&co=aHR0cHM6Ly9wZXJlemhpbHRvbi5jb206NDQz&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=invisible&cb=s3qye3pveeya
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ef414f947bc802bea88d18ae69ca7d56939d81d7df79a7266688a8e1c14b190
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 17:43:01 GMT
x-content-type-options
nosniff
last-modified
Mon, 19 Apr 2021 04:04:08 GMT
server
sffe
age
9510
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52732
x-xss-protection
0
expires
Sun, 24 Apr 2022 17:43:01 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/ Frame 5515 		334 KB
334 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lel6LwZAAAAAOWBQsyuijMbyGWGbJCfx8DOYNnc&co=aHR0cHM6Ly9wZXJlemhpbHRvbi5jb206NDQz&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=invisible&cb=s3qye3pveeya
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 18:31:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 19 Apr 2021 04:04:08 GMT
server
sffe
age
6631
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341908
x-xss-protection
0
expires
Sun, 24 Apr 2022 18:31:00 GMT
Jana-Kramer-Feels-Distraught-Over-Mike-Caussin-Split-1024x952.jpg
perezhilton.com/wp-content/uploads/2021/04/ 		179 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2021/04/Jana-Kramer-Feels-Distraught-Over-Mike-Caussin-Split-1024x952.jpg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41db52d3e69af01a49963884b2acf2f12d6c0b418b254340bdd92951b7f3f8f9

Request headers

:path
/wp-content/uploads/2021/04/Jana-Kramer-Feels-Distraught-Over-Mike-Caussin-Split-1024x952.jpg
pragma
no-cache
cookie
ntv_ce_visitor=223c5d51-d510-4993-a69d-3ddfa12b89d1; __cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22gcbJ.aqrs%22%7D%2C%22C1017368%22%3A%7B%22page%22%3A1%7D%7D; _ga_9JS9Z0NFL0=GS1.1.1619295691.1.0.1619295691.0; _pbjs_userid_consent_data=3524755945110770; _ga=GA1.2.1860076318.1619295692; _gid=GA1.2.1096157015.1619295692; _gat_gtag_UA_338092_8=1; _gat_gtag_UA_167135943_9=1; ntv_as_us_privacy=1---
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
17640
cf-polished
origSize=189167, status=webp_bigger
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
cf-bgj
imgq:100,h2pri
content-length
183177
cf-request-id
09a7247c4a00005470c607c000000001
x-ntv-te
12 c:0 a:0
last-modified
Sat, 24 Apr 2021 14:40:29 GMT
server
cloudflare
etag
"60842ddd-2e2ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Na3Ok9fQemlh3AWGUDALgMg4YaelcNk2DqcGfDezhVNmCufwcBtVK68AsQrk1m9FW6lfn7AXRXzDvW9aNrppEBs5%2BrAK29BMEN4p88z%2BTSI%3D"}]}
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
645209da0ef35470-LHR
expires
Sun, 02 May 2021 15:27:31 GMT
hqdefault.jpg
i3.ytimg.com/vi/VZD_0h2Pivc/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.ytimg.com/vi/VZD_0h2Pivc/hqdefault.jpg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dfb523b8624fa3b74bdc0c51baf73322723476b487f1a5d4ec70abf36b3e1ece
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 18:32:47 GMT
x-content-type-options
nosniff
server
sffe
age
6524
etag
"0"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15584
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:32:47 GMT
hqdefault.jpg
i3.ytimg.com/vi/q3eSaQaDDPE/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.ytimg.com/vi/q3eSaQaDDPE/hqdefault.jpg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f329805823e188a4dbe85292a20300632b1e72461f0c479f4df3932002fbb05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:05:02 GMT
x-content-type-options
nosniff
server
sffe
age
989
etag
"1614308644"
vary
Origin
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15731
x-xss-protection
0
expires
Sat, 24 Apr 2021 22:05:02 GMT
Lindsay-Lohan-Father-Michael-Arrested-Patient-Brokering-Florida-1024x613.jpg
perezhilton.com/wp-content/uploads/2021/04/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2021/04/Lindsay-Lohan-Father-Michael-Arrested-Patient-Brokering-Florida-1024x613.jpg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3b7882bfdedbd30012248e42038cd16f6e1facbba40f049e373c27aea828cf2

Request headers

:path
/wp-content/uploads/2021/04/Lindsay-Lohan-Father-Michael-Arrested-Patient-Brokering-Florida-1024x613.jpg
pragma
no-cache
cookie
ntv_ce_visitor=223c5d51-d510-4993-a69d-3ddfa12b89d1; __cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22gcbJ.aqrs%22%7D%2C%22C1017368%22%3A%7B%22page%22%3A1%7D%7D; _ga_9JS9Z0NFL0=GS1.1.1619295691.1.0.1619295691.0; _pbjs_userid_consent_data=3524755945110770; _ga=GA1.2.1860076318.1619295692; _gid=GA1.2.1096157015.1619295692; _gat_gtag_UA_338092_8=1; _gat_gtag_UA_167135943_9=1; ntv_as_us_privacy=1---
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
70096
cf-polished
origSize=90344, status=webp_bigger
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
cf-bgj
imgq:100,h2pri
content-length
73880
cf-request-id
09a7247c5300005470a4255000000001
x-ntv-te
16 c:0 a:0
last-modified
Sat, 24 Apr 2021 00:40:04 GMT
server
cloudflare
etag
"608368e4-160e8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5gmvKszi7WsbW3bcoLh4pzuWVGpYFMAnEsnDXbtbC6bXC3vu%2FewEslyxif5lBhHQygRxUV%2BCxEnDAz%2BT9fJAtesXTKMScNR8RGXPoO65OCA%3D"}]}
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
645209da1f065470-LHR
expires
Sun, 02 May 2021 00:53:15 GMT
Twitter-Reacts-Caitlyn-Jenner-Running-For-California-Governor-1024x813.jpg
perezhilton.com/wp-content/uploads/2021/04/ 		116 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2021/04/Twitter-Reacts-Caitlyn-Jenner-Running-For-California-Governor-1024x813.jpg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fedb323bbd9864b07e93f2dd3c9556733a9d1b883d7cd77cfb17eb131f7c47e9

Request headers

:path
/wp-content/uploads/2021/04/Twitter-Reacts-Caitlyn-Jenner-Running-For-California-Governor-1024x813.jpg
pragma
no-cache
cookie
ntv_ce_visitor=223c5d51-d510-4993-a69d-3ddfa12b89d1; __cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22gcbJ.aqrs%22%7D%2C%22C1017368%22%3A%7B%22page%22%3A1%7D%7D; _ga_9JS9Z0NFL0=GS1.1.1619295691.1.0.1619295691.0; _pbjs_userid_consent_data=3524755945110770; _ga=GA1.2.1860076318.1619295692; _gid=GA1.2.1096157015.1619295692; _gat_gtag_UA_338092_8=1; _gat_gtag_UA_167135943_9=1; ntv_as_us_privacy=1---
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
69632
cf-polished
origSize=124223, status=webp_bigger
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
cf-bgj
imgq:100,h2pri
content-length
118686
cf-request-id
09a7247c5300005470ec1ac000000001
x-ntv-te
16 c:0 a:0
last-modified
Fri, 23 Apr 2021 23:46:29 GMT
server
cloudflare
etag
"60835c55-1e53f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Lm80EBqW%2FlBEDUwOR5ifEln7ggTTTbvZ9l3MQ1%2FMWWYbekMslfQPlfDaOr6cDGXcD2fZtR61nGrl2AmCIzFglCbx%2BnH0%2BvVtkVjnMIOfhEc%3D"}]}
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
645209da1f0b5470-LHR
expires
Sun, 02 May 2021 01:00:59 GMT
Greys-Anatomy-McDreamy-Derek-Meredith-Beach-Wedding-Dream-1024x608.jpg
perezhilton.com/wp-content/uploads/2021/04/ 		90 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2021/04/Greys-Anatomy-McDreamy-Derek-Meredith-Beach-Wedding-Dream-1024x608.jpg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd98fffd9c687ab74e9731fdb3c1dfbcc1e64af0526e3610e70e6b1817c98de3

Request headers

:path
/wp-content/uploads/2021/04/Greys-Anatomy-McDreamy-Derek-Meredith-Beach-Wedding-Dream-1024x608.jpg
pragma
no-cache
cookie
ntv_ce_visitor=223c5d51-d510-4993-a69d-3ddfa12b89d1; __cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22gcbJ.aqrs%22%7D%2C%22C1017368%22%3A%7B%22page%22%3A1%7D%7D; _ga_9JS9Z0NFL0=GS1.1.1619295691.1.0.1619295691.0; _pbjs_userid_consent_data=3524755945110770; _ga=GA1.2.1860076318.1619295692; _gid=GA1.2.1096157015.1619295692; _gat_gtag_UA_338092_8=1; _gat_gtag_UA_167135943_9=1; ntv_as_us_privacy=1---
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
71079
cf-polished
origSize=102620, status=webp_bigger
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
cf-bgj
imgq:100,h2pri
content-length
92029
cf-request-id
09a7247c530000547099a5a000000001
x-ntv-te
17 c:0 a:0
last-modified
Fri, 23 Apr 2021 23:23:35 GMT
server
cloudflare
etag
"608356f7-190dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SoRARXBx2fqXC4C4Dex9Irmh9szpZeBYpaIMiznC3AWZIe%2Bep8hHvxGogY3M3dK0Xcs0r9Jlt0ABmrh6y3lmFWATRxLGi7oVGqvm%2BlQR24U%3D"}]}
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
645209da1f0d5470-LHR
expires
Sun, 02 May 2021 00:36:51 GMT
Father-Shares-Last-Video-Before-Strapping-His-Daughter-To-Him-And-Jumping-Off-Dam-1024x629.jpg
perezhilton.com/wp-content/uploads/2021/04/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2021/04/Father-Shares-Last-Video-Before-Strapping-His-Daughter-To-Him-And-Jumping-Off-Dam-1024x629.jpg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
417f95806735296a54d76f9991d9ce1c3900d8390c261f1694e7818393920465

Request headers

:path
/wp-content/uploads/2021/04/Father-Shares-Last-Video-Before-Strapping-His-Daughter-To-Him-And-Jumping-Off-Dam-1024x629.jpg
pragma
no-cache
cookie
ntv_ce_visitor=223c5d51-d510-4993-a69d-3ddfa12b89d1; __cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22gcbJ.aqrs%22%7D%2C%22C1017368%22%3A%7B%22page%22%3A1%7D%7D; _ga_9JS9Z0NFL0=GS1.1.1619295691.1.0.1619295691.0; _pbjs_userid_consent_data=3524755945110770; _ga=GA1.2.1860076318.1619295692; _gid=GA1.2.1096157015.1619295692; _gat_gtag_UA_338092_8=1; _gat_gtag_UA_167135943_9=1; ntv_as_us_privacy=1---
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
75360
cf-polished
origSize=88336, status=webp_bigger
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
cf-bgj
imgq:100,h2pri
content-length
85525
cf-request-id
09a7247c5300005470e01b3000000001
x-ntv-te
16 c:0 a:0
last-modified
Fri, 23 Apr 2021 23:18:40 GMT
server
cloudflare
etag
"608355d0-15910"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qCZp3ZCsB1nwQ87Qoewqi6%2BCL4cRqIPLYFzP7%2Fsrbpji6bgdNWygmr%2BxdnEM1S%2FnqEDSY0ASlhVM%2BavaeSY02L7rWDpek9RZ3lMw5i0XEvA%3D"}]}
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
645209da1f0e5470-LHR
expires
Sat, 01 May 2021 23:25:31 GMT
Jack-Kelly-Osbourne-Sober-Relapse-1024x678.jpg
perezhilton.com/wp-content/uploads/2021/04/ 		140 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2021/04/Jack-Kelly-Osbourne-Sober-Relapse-1024x678.jpg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
419830988aedbd0fcc510f3970ac19cf73076367a35e949f746a7d77e564fa4e

Request headers

:path
/wp-content/uploads/2021/04/Jack-Kelly-Osbourne-Sober-Relapse-1024x678.jpg
pragma
no-cache
cookie
ntv_ce_visitor=223c5d51-d510-4993-a69d-3ddfa12b89d1; __cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0; MarketGidStorage=%7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%2C%22TejndEEDj%22%3A%22gcbJ.aqrs%22%7D%2C%22C1017368%22%3A%7B%22page%22%3A1%7D%7D; _ga_9JS9Z0NFL0=GS1.1.1619295691.1.0.1619295691.0; _pbjs_userid_consent_data=3524755945110770; _ga=GA1.2.1860076318.1619295692; _gid=GA1.2.1096157015.1619295692; _gat_gtag_UA_338092_8=1; _gat_gtag_UA_167135943_9=1; ntv_as_us_privacy=1---
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
77681
cf-polished
origSize=158653, status=webp_bigger
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:31 PM
cf-bgj
imgq:100,h2pri
content-length
143817
cf-request-id
09a7247c5400005470d1068000000001
x-ntv-te
11 c:0 a:0
last-modified
Fri, 23 Apr 2021 19:50:38 GMT
server
cloudflare
etag
"6083250e-26bbd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rnHcUqRuCtV6uwybbpl2WRmjiQLtCS7%2BY5HnDWbZpUXpeooLj1yzecZV0OtcHwUoucW3tMatCpXK4ia2k9l5LPHWW8QLO9g%2F1IlZPDqJgIo%3D"}]}
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
645209da1f105470-LHR
expires
Sat, 01 May 2021 22:46:50 GMT
i.js
cm.mgid.com/ 		1 KB
695 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i.js?consentData=&gdprApplies=0&cbuster=1619295691846664272924
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/a/d/aditude.io.perezhilton.com.1017368.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32b22a0afc0f838a0a79367705150f9ec0eb6e72b162601c5a3f4446ad44015b

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
8a355633-0fc0-431c-898f-bebfd5c1483e
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
645209da4d8f4c79-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09a7247c6e00004c790190b000000001
server
cloudflare
i-noref.js
cm.mgid.com/ Frame 196A 		19 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.mgid.com/i-noref.js?cbuster=161929569185015096385
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/a/d/aditude.io.perezhilton.com.1017368.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
1ad698f8-425a-44bb-a9c1-237f8cde3b1a
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
645209da4d914c79-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09a7247c6e00004c79e69b6000000001
server
cloudflare
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: jsc.mgid.com
URL: https://jsc.mgid.com/a/d/aditude.io.perezhilton.com.1017368.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-46.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 19:53:25 GMT
via
1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
1688
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
5DE2G1jkzc0LwpFPvt7XjYQLFoX-PFNfnFPtCpi-SluPnRzjpA5j4g==
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC81MTkxYzA2OTg5NGRjNmYzN...
s-img.mgid.com/g/8164852/492x328/-/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164852/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC81MTkxYzA2OTg5NGRjNmYzNTQ3ZDA4ODNmMWMyYmJkOC5qcGc.webp?v=1619295691-GjLKnQ5mrBXX_eU_qaa7oTc6jAsw3rk60NpK9z8DuIY
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ac05781d1a4eec5d40e9b668ee97489a3c6adc8104e4f7610ce2f07b02cb2e7

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
x-mg-request-uuid
4742e271-2e7c-4213-9841-54780cfc151f
age
140093
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22712
cf-request-id
09a7247c7300004c798f2e4000000001
last-modified
Mon, 08 Feb 2021 10:20:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
645209da5d9c4c79-AMS
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC83ZGUzZjkyZjQ2ZTc5OTRjZ...
s-img.mgid.com/g/8164840/492x328/-/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164840/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTAyLzEwMTkyNC83ZGUzZjkyZjQ2ZTc5OTRjZWVmNDY1MDA5MzhhMzFjMy5qcGc.webp?v=1619295691-3YdrgT1RhicB2yXV4EsvHrdU4Bazx3C5c6bsmEq6nEc
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
adb7d542ec2bea4907ac7cc212204ff1a656de69f78206384d64228f40beb815

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
x-mg-request-uuid
cc987080-dd71-4d2f-b38e-c55914fd819e
age
140090
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18044
cf-request-id
09a7247c7300004c79f936d000000001
last-modified
Mon, 08 Feb 2021 10:20:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
645209da5d9b4c79-AMS
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp
s-img.mgid.com/g/8164857/492x328/0x89x1080x720/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164857/492x328/0x89x1080x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTEvMTAxOTI0L2E0YThhNzhlNzBiMGMxMDNlZjMzYTU1OTNmMzIwZTUwLmpwZw.webp?v=1619295691-SNL-olj8cuklbH1V03PuiJJ6djx-FiU618cLnWKe0zc
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8931595f72b598e415adbf57cbc51a58e231304a143a9a582b6c998e2d2c0b9

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
x-mg-request-uuid
5eabe111-09ff-4ec9-8f5d-cf837a5c1eb4
age
140058
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8078
cf-request-id
09a7247c7400004c79da8b1000000001
last-modified
Mon, 08 Feb 2021 10:20:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
645209da5d9d4c79-AMS
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzJmYzI5NzEyY2Y1ZmY5NDlkZjUwYzg4NzFkMzc5OTA2LmpwZWc.webp
s-img.mgid.com/g/8164863/492x328/0x0x561x374/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164863/492x328/0x0x561x374/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDgvMTAxOTI0LzJmYzI5NzEyY2Y1ZmY5NDlkZjUwYzg4NzFkMzc5OTA2LmpwZWc.webp?v=1619295691-Qo2JGExZWsg7SZTnFXXVzBKqqHcDCz-lk4djnTl_388
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9521d40a2fd9860f1e622f9d698054ef4a76dbf037751a705bafe3955c288c61

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
cf-cache-status
HIT
x-mg-request-uuid
96cea624-186e-427d-a3d0-ad1d88aa1bba
age
140096
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
24366
cf-request-id
09a7247c9700004c79b9857000000001
last-modified
Mon, 08 Feb 2021 10:20:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
645209da8e084c79-AMS
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp
s-img.mgid.com/g/8164865/492x328/0x0x900x600/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164865/492x328/0x0x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMTEvMTAxOTI0LzcyYTQ1NjNjYzFmY2Y5MjAwOWYzMGZkYThiZjFiMGFhLmpwZWc.webp?v=1619295691--BYu-vXuF92cAtKfW75Wvoep2A287AjZu-g5oQO2CTA
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbe28a1b807c1e7e6c98e4c5900817dc26fe9ee04cd549d97c9cdb057003ab78

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
cf-cache-status
HIT
x-mg-request-uuid
fa293ef7-66f4-4bf3-a8e2-9bf00a71e42a
age
140101
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21892
cf-request-id
09a7247cff00000bf54f113000000001
last-modified
Mon, 08 Feb 2021 10:20:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
645209db3f4a0bf5-AMS
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp
s-img.mgid.com/g/8164912/492x328/0x0x1081x720/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.mgid.com/g/8164912/492x328/0x0x1081x720/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDkvMTAxOTI0L2I5Y2U2M2E3ZDIyNjFlZGEwMzQzZDRjZGViZDNmN2Q3LmpwZWc.webp?v=1619295691-t3391aUlEFit59Aj9sEhK4wh8Xr-4_gcHqdo5OaqyfE
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9890b523125c63685ab6e157e022072740363afb75a023b694cec0b986a25481

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
cf-cache-status
HIT
x-mg-request-uuid
1d89bc77-f9a7-419d-8483-4a70a999406b
age
140098
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12790
cf-request-id
09a7247cff00000bf5f4882000000001
last-modified
Mon, 08 Feb 2021 10:20:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
immutable, max-age=31536000
accept-ranges
bytes
cf-ray
645209db3f4b0bf5-AMS
collect
stats.g.doubleclick.net/j/ 		4 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-338092-8&cid=1860076318.1619295692&jid=966200512&gjid=1185064044&_gid=1096157015.1619295692&_u=IADAAUAAAAAAAC~&z=1964777747
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 24 Apr 2021 20:21:31 GMT
content-type
text/plain
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-167135943-9&cid=1860076318.1619295692&jid=609362130&gjid=296085019&_gid=1096157015.1619295692&_u=IADAAUABAAAAAC~&z=1175560935
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 24 Apr 2021 20:21:31 GMT
content-type
text/plain
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
vendor-list.json
quantcast.mgr.consensu.org/GVL-v2/ 		250 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=perezhilton.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2021:4a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7471350afcb8b389430656e2c47c9a36e28cad4840c3146425db18ed7b8cd0d6

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 03:00:34 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
62458
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Sat, 24 Apr 2021 03:00:32 GMT
server
AmazonS3
etag
W/"9c23a9de3011c15c029cb9db344cb896"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 7e5377bfdf5e6ef7597f63d6648e4e9b.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
CPH50-C2
x-amz-cf-id
8DK61Vw2xujTnbuZvi0u1HUczoyOO0dTefsCJG6Xzusoy8GxvqFQlQ==
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=fX4olXx6V0d6c09OcGg5Yk5BeFdhb21RWkVtbWltTVBmU1ZJQWZIVXA5dkxwdDdXZ2UveFVBUHRyN2psY2R5ei9ZWVZJWEJUTG5uYnVBVCtBUU1HRmRZVlB3MnpTVm01clByOGVYMzBWVEpabHZWK2hjeFozVFluanNLdzY2bUp3S0ZrRUdpYzh4Qm8va1NOWGNXKzNxTk5DUkg4ZkNwbjc0a2FjWDlwUFhuK0VZZlFPNkt5ZWNqL3pzTjhBZGhvalAvZm9neDBTdkNwbTlVM2o2YXUzbzI1QlVUYWZMWGVraEMybHJIR2VFL1ZDdFdvPXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1118
date
Sat, 24 Apr 2021 20:21:31 GMT
content-encoding
gzip
vary
Accept-Encoding
pubads_impl_2021042001.js
securepubads.g.doubleclick.net/gpt/ 		301 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
a2aca9aa200ad3e4dd9afcd27fd2bd5b272a5d297e9f85d708394857ca6a1ffe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Apr 2021 08:40:14 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107961
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:21:32 GMT
8wW9xOovFvb1Y4sOkj-W2AMqRzmlVgy1e6zY8RG7G1I.js
www.google.com/js/bg/ Frame 5515 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/8wW9xOovFvb1Y4sOkj-W2AMqRzmlVgy1e6zY8RG7G1I.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f305bdc4ea2f16f6f5638b0e923f96d8032a4739a5560cb57bacd8f111bb1b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lel6LwZAAAAAOWBQsyuijMbyGWGbJCfx8DOYNnc&co=aHR0cHM6Ly9wZXJlemhpbHRvbi5jb206NDQz&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=invisible&cb=s3qye3pveeya
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 09:48:05 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:30:00 GMT
server
sffe
age
210806
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5734
x-xss-protection
0
expires
Fri, 22 Apr 2022 09:48:05 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-338092-8&cid=1860076318.1619295692&jid=966200512&_u=IADAAUAAAAAAAC~&z=946537239
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-338092-8&cid=1860076318.1619295692&jid=966200512&_u=IADAAUAAAAAAAC~&z=946537239
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 5515 		102 B
131 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lel6LwZAAAAAOWBQsyuijMbyGWGbJCfx8DOYNnc&co=aHR0cHM6Ly9wZXJlemhpbHRvbi5jb206NDQz&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=invisible&cb=s3qye3pveeya
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5d77edb71e1031ff06541a7a2bd05cd3dbc3bfd5434711bae081fc06f8791558
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lel6LwZAAAAAOWBQsyuijMbyGWGbJCfx8DOYNnc&co=aHR0cHM6Ly9wZXJlemhpbHRvbi5jb206NDQz&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=invisible&cb=s3qye3pveeya
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
111
x-xss-protection
1; mode=block
expires
Sat, 24 Apr 2021 20:21:31 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A67E 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_6oLVLzgr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://perezhilton.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://perezhilton.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=32164
Expires
Sun, 25 Apr 2021 05:17:36 GMT
Date
Sat, 24 Apr 2021 20:21:32 GMT
Connection
keep-alive
Vary
Accept-Encoding
csync
sync.spotim.market/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D271858%2526extuid%253D%2524UID
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=8181359259227230873
86 B
526 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=271858&extuid=8181359259227230873
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:32 GMT
X-Proxy-Origin
5.253.206.148; 5.253.206.148; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.232:80
AN-X-Request-Uuid
5e204431-cde1-4ea6-85a6-fa204f5d7bc9
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.spotim.market/csync?t=a&ep=271858&extuid=8181359259227230873
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?source=211945
  • https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=a8c309fa-a53a-11eb-b42c-1a404fd50306
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=a8c309fa-a53a-11eb-b42c-1a404fd50306
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-spotx-halt-type
Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date
Sat, 24 Apr 2021 20:21:32 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
133
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Sat, 24 Apr 2021 20:21:32 GMT
Server
nginx
Location
/partner?source=211945&__user_check__=1&sync_id=a8c309fa-a53a-11eb-b42c-1a404fd50306
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
35
Connection
keep-alive
Content-Length
0
sync
ups.analytics.yahoo.com/ups/58196/
Redirect Chain
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPa8b28511-a53a-11eb-83f2-02785469d8c6
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPa8b28511-a53a-11eb-83f2-02785469d8c6&verify=true
0
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPa8b28511-a53a-11eb-83f2-02785469d8c6&verify=true
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:33 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date
Sat, 24 Apr 2021 20:21:32 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPa8b28511-a53a-11eb-83f2-02785469d8c6&verify=true
Connection
keep-alive
Content-Length
0
/
sync.spotim.market/csync/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=a8f8355c-a53a...
  • https://sync.spotim.market/csync/?t=a&ep=301276&extuid=a8f8351e-a53a-11eb-bfb6-132476d60406
86 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync/?t=a&ep=301276&extuid=a8f8351e-a53a-11eb-bfb6-132476d60406
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

Date
Sat, 24 Apr 2021 20:21:32 GMT
Server
nginx
Location
https://sync.spotim.market/csync/?t=a&ep=301276&extuid=a8f8351e-a53a-11eb-bfb6-132476d60406
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
138
Connection
keep-alive
Content-Length
0
710530.gif
di.rlcdn.com/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://di.rlcdn.com/710530.gif
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
via
1.1 google
alt-svc
clear
content-length
0
ad-choises.png
publisher-assets.spot.im/yad/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publisher-assets.spot.im/yad/ad-choises.png
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.77 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-77.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
content-encoding
gzip
last-modified
Mon, 02 Jul 2018 15:08:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA54
etag
"643378ef8a85df26380de21f9beb58ba"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31622400
accept-ranges
bytes
content-length
4191
x-amz-cf-id
5MmQcuA9y64rXMzN2Fb91fh1rp40XZfHbxXkTY6ZB9B70ECMLjtORg==
expires
Mon, 25 Apr 2022 20:21:32 GMT
/
onetag-geo.s-onetag.com/ 		24 B
436 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/44c4576f-3ff8-44c4-94c2-d2c025cdc319/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-112.zrh50.r.cloudfront.net
Software
/
Resource Hash
a038ae2dc667c2b3d7964626a2289136579dec16c427521ed36247fb623f8c2d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 18:26:35 GMT
via
1.1 b601b11612dbb318dc18b8b7062715df.cloudfront.net (CloudFront), 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
age
6897
x-amzn-requestid
94f954b9-78d6-41c5-a519-5c078ccaf234
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1, ZRH50-C1
x-amz-apigw-id
eTRiVHTtCYcF15g=
content-length
24
x-amz-cf-id
JsTSoiFTeJbnXO9JLZujIHpA3Wju1RUSjgqMC-mbG7grLs9uKnfFnw==
beacon.min.js
signal-beacon.s-onetag.com/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/44c4576f-3ff8-44c4-94c2-d2c025cdc319/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37f424eea05384463f70a2ecb799c322c916e2b9323653727f4cc5568c1b0742

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
IrrACI0BmelTxIZLhvSEXy.JNq1bnCUG
content-encoding
gzip
etag
W/"3e418fc39dad0c90aff6d17eadfe9519"
last-modified
Mon, 19 Apr 2021 09:44:52 GMT
server
AmazonS3
age
38198
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 2a3a093b493a82493f3431437cb166ad.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Sat, 24 Apr 2021 09:44:55 GMT
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
J3P7DWRu--gqXy5r3XTnVtn_jB6EJAVKJYR8Tv_VrqYchdXikKZ3Yw==
px.gif
market-dev.s-onetag.com/ 		26 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://market-dev.s-onetag.com/px.gif?ch=1&rn=0.4823531830031993
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:7200:1d:76ee:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 01:10:16 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
last-modified
Thu, 09 Apr 2020 13:53:27 GMT
server
AmazonS3
age
69079
etag
"6a43099d5c8fe991a7aa7ebaca53069d"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
26
x-amz-cf-id
5Cs2P8PkvISJdCDiYo4hJJpCaM56dMltuwnXFtgR2Jt-SaZYB_PZSQ==
px.gif
market-dev.s-onetag.com/ 		26 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://market-dev.s-onetag.com/px.gif?ch=2&rn=0.4823531830031993
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:7200:1d:76ee:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 01:10:16 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
last-modified
Thu, 09 Apr 2020 13:53:27 GMT
server
AmazonS3
age
69079
etag
"6a43099d5c8fe991a7aa7ebaca53069d"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
26
x-amz-cf-id
aGy9Ari4Y7tGAW5IwxJmTuWJw1oR-mRdcvPL1JgyKtP916u8aYFmHg==
px.gif
market-dev.s-onetag.com/ 		26 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://market-dev.s-onetag.com/px.gif?ch=1&rn=1.921228715183772
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:7200:1d:76ee:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 01:10:16 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
last-modified
Thu, 09 Apr 2020 13:53:27 GMT
server
AmazonS3
age
69079
etag
"6a43099d5c8fe991a7aa7ebaca53069d"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
26
x-amz-cf-id
znmqRl6zAyP5DKH-_xpa62cn3frmvctSvPXVCmnMsyODxs3dRIFzOw==
px.gif
market-dev.s-onetag.com/ 		26 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://market-dev.s-onetag.com/px.gif?ch=2&rn=1.921228715183772
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:7200:1d:76ee:780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 01:10:16 GMT
via
1.1 99399b4523bd3370d7a592870d630ec9.cloudfront.net (CloudFront)
last-modified
Thu, 09 Apr 2020 13:53:27 GMT
server
AmazonS3
age
69079
etag
"6a43099d5c8fe991a7aa7ebaca53069d"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
26
x-amz-cf-id
c5XDGFyolvRreA0BTKOV1W9wEGu6awCAF30KDOCB2n13w_y49BKHRg==
grumi-ip.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 3B72 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_6oLVLzgr
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1299ce67397a707e7293ce99272f03b906402a6e5471f7ebc00c190f66a054af

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:06:18 GMT
content-encoding
br
last-modified
Wed, 17 Mar 2021 12:14:37 GMT
server
AmazonS3
age
915
etag
W/"5a4a9f26eb1aa954674403d3fafcaabf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
PFvvym_TgRG4gDSLMfGhclQLw7P2_vUF
via
1.1 df7c0ba7857d5300ae11e7566c926f17.cloudfront.net (CloudFront)
cache-control
public, max-age: 14400, stale-while-revalidate=14400, immutable
x-amz-cf-pop
FRA56-C1
content-type
application/javascript
x-amz-cf-id
kor6RlEfjs4VVeyDsv4HJaV5hMgT1L-t3XwhAWFnm_WWEwasRNMSmQ==
hb_270443_6798.js
player.spotim.market/prebidlink/449804/ Frame 3B72 		361 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/449804/hb_270443_6798.js
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
6e117e62294ab51b39d94b11d6bb24557f80399deb1068a862e6faf29386b406

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
content-encoding
gzip
last-modified
Thu, 22 Apr 2021 11:30:41 GMT
server
nginx
etag
W/"60815e61-5a220"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 24 Apr 2021 21:21:32 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3B72 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
7e053f8e39822131ea09a3b778c84da3c0babf9631cad49f7f09686d16c50c44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"852 / 455 of 1000 / last-modified: 1619215752"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21082
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:21:32 GMT
wrapper_hb_270443_6798.js
player.spotim.market/prebidlink/449804/ Frame 3B72 		87 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/449804/wrapper_hb_270443_6798.js
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
2f2308ca7578361acb19aa9ce4ffb39048721be560d3c48f1d6a87e95ce419fc

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
content-encoding
gzip
last-modified
Fri, 23 Apr 2021 14:19:26 GMT
server
nginx
etag
W/"6082d76e-15add"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 24 Apr 2021 21:21:32 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
vendors-main-chunk.js
static-cdn.spot.im/production/ads/tags/v16.4.3-1/ads/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v16.4.3-1/ads/vendors-main-chunk.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_6oLVLzgr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
42213451aa623fd3aece028309ec6a7297ba1c8ed5b321118a451d8c6cf836e0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
content-encoding
br
server
fasthttp
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
6614
expires
Mon, 25 Apr 2022 20:21:32 GMT
main-chunk.js
static-cdn.spot.im/production/ads/tags/v16.4.3-1/ads/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v16.4.3-1/ads/main-chunk.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_6oLVLzgr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
fasthttp /
Resource Hash
57375afac9a15dd9fa7fbab9070c5c2016da12da0b3c9265a5a66e162a0aaa18

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
content-encoding
br
server
fasthttp
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31622400
content-length
5397
expires
Mon, 25 Apr 2022 20:21:32 GMT
Zac-Efron-Face-Different-Video-Twitter-2-1024x682.jpg
perezhilton.com/wp-content/uploads/2021/04/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2021/04/Zac-Efron-Face-Different-Video-Twitter-2-1024x682.jpg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7956f221d4d7b6d72f0c44751149c81f7c23ab60db3c8ce0e8e223a427cbb88

Request headers

:path
/wp-content/uploads/2021/04/Zac-Efron-Face-Different-Video-Twitter-2-1024x682.jpg
pragma
no-cache
cookie
ntv_ce_visitor=223c5d51-d510-4993-a69d-3ddfa12b89d1; __cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0; _ga_9JS9Z0NFL0=GS1.1.1619295691.1.0.1619295691.0; _pbjs_userid_consent_data=3524755945110770; _ga=GA1.2.1860076318.1619295692; _gid=GA1.2.1096157015.1619295692; _gat_gtag_UA_338092_8=1; _gat_gtag_UA_167135943_9=1; ntv_as_us_privacy=1---; MarketGidStorage=%7B%220%22%3A%7B%7D%2C%22C1017368%22%3A%7B%22page%22%3A1%2C%22time%22%3A1619295691834%7D%7D; ntv_as_syn=1619295691; spotim_visitId={%22visitId%22:%22f3b63069-5cb4-42b8-bdcd-a7863d41cf6a%22%2C%22creationDate%22:%222021-04-24T20:21:32.148Z%22%2C%22duration%22:0}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
78731
cf-polished
origSize=109445, status=webp_bigger
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:32 PM
cf-bgj
imgq:100,h2pri
content-length
94063
cf-request-id
09a7247d9d00005470a9b08000000001
x-ntv-te
10 c:0 a:0
last-modified
Fri, 23 Apr 2021 21:07:57 GMT
server
cloudflare
etag
"6083372d-1ab85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PNGuEMrczOeWM18J1zzVw3s7ra9EORqG5dYz1%2B%2FfnuEqZWrjyvss4ZkYmrEBzEd%2F0%2FVSC4w1PLk%2B%2FK6PuJQmC1HC1xSkQ%2FLjuKpoPmf%2BzCU%3D"}]}
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
645209dc2bfa5470-LHR
expires
Sat, 01 May 2021 22:29:21 GMT
cassie-randolph-colton-underwood-coming-out-reaction-response-the-bachelor-1024x597.jpg
perezhilton.com/wp-content/uploads/2021/04/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2021/04/cassie-randolph-colton-underwood-coming-out-reaction-response-the-bachelor-1024x597.jpg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73963ddaa02770bbc444f4227a5fa1f340111be366d6cdb2b627027f54720254

Request headers

:path
/wp-content/uploads/2021/04/cassie-randolph-colton-underwood-coming-out-reaction-response-the-bachelor-1024x597.jpg
pragma
no-cache
cookie
ntv_ce_visitor=223c5d51-d510-4993-a69d-3ddfa12b89d1; __cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0; _ga_9JS9Z0NFL0=GS1.1.1619295691.1.0.1619295691.0; _pbjs_userid_consent_data=3524755945110770; _ga=GA1.2.1860076318.1619295692; _gid=GA1.2.1096157015.1619295692; _gat_gtag_UA_338092_8=1; _gat_gtag_UA_167135943_9=1; ntv_as_us_privacy=1---; MarketGidStorage=%7B%220%22%3A%7B%7D%2C%22C1017368%22%3A%7B%22page%22%3A1%2C%22time%22%3A1619295691834%7D%7D; ntv_as_syn=1619295691; spotim_visitId={%22visitId%22:%22f3b63069-5cb4-42b8-bdcd-a7863d41cf6a%22%2C%22creationDate%22:%222021-04-24T20:21:32.148Z%22%2C%22duration%22:0}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
110705
cf-polished
origSize=80607, status=webp_bigger
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:32 PM
cf-bgj
imgq:100,h2pri
content-length
78931
cf-request-id
09a7247d9d00005470ca191000000001
x-ntv-te
19 c:0 a:0
last-modified
Fri, 23 Apr 2021 13:34:54 GMT
server
cloudflare
etag
"6082ccfe-13adf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iwkcv8ZM086MxKPc7OiprEUwaZH2S4VZOLOEnzVRc%2BdFLEkpoXDtpMbs%2FASuVR9k1RiCDBmoSR%2BO5Nb2B6QD7XhHLyTKWsBJrrrti88u7%2B0%3D"}]}
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
645209dc2bfc5470-LHR
expires
Sat, 01 May 2021 13:36:27 GMT
Ronnie-Ortiz-Magro-Arrest-Domestic-Violence-Abuse-Girflriend-Saffire-Matos-1024x669.jpg
perezhilton.com/wp-content/uploads/2021/04/ 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2021/04/Ronnie-Ortiz-Magro-Arrest-Domestic-Violence-Abuse-Girflriend-Saffire-Matos-1024x669.jpg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96f2914828a8a83dea9e0715638208634ef3e1a04a94a1fc6b31af9968923bb3

Request headers

:path
/wp-content/uploads/2021/04/Ronnie-Ortiz-Magro-Arrest-Domestic-Violence-Abuse-Girflriend-Saffire-Matos-1024x669.jpg
pragma
no-cache
cookie
ntv_ce_visitor=223c5d51-d510-4993-a69d-3ddfa12b89d1; __cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0; _ga_9JS9Z0NFL0=GS1.1.1619295691.1.0.1619295691.0; _pbjs_userid_consent_data=3524755945110770; _ga=GA1.2.1860076318.1619295692; _gid=GA1.2.1096157015.1619295692; _gat_gtag_UA_338092_8=1; _gat_gtag_UA_167135943_9=1; ntv_as_us_privacy=1---; MarketGidStorage=%7B%220%22%3A%7B%7D%2C%22C1017368%22%3A%7B%22page%22%3A1%2C%22time%22%3A1619295691834%7D%7D; ntv_as_syn=1619295691; spotim_visitId={%22visitId%22:%22f3b63069-5cb4-42b8-bdcd-a7863d41cf6a%22%2C%22creationDate%22:%222021-04-24T20:21:32.148Z%22%2C%22duration%22:0}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
154501
cf-polished
origSize=116790, status=webp_bigger
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:32 PM
cf-bgj
imgq:100,h2pri
content-length
97737
cf-request-id
09a7247d9d00005470cb879000000001
x-ntv-te
9 c:0 a:0
last-modified
Fri, 23 Apr 2021 01:00:10 GMT
server
cloudflare
etag
"60821c1a-1c836"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7wl4JFQPS7Hvmubd7WsoylfS0%2FvW0Et3MeceFGe54hOARLwLsZTvjO43vLaz2Q2eRkP53cqemNiBo5rlqfGtd7cta6QJeByHiQSnAtkjWGI%3D"}]}
content-type
image/jpeg
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
645209dc2bfe5470-LHR
expires
Sat, 01 May 2021 01:26:31 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://perezhilton.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 23:50:57 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:22 GMT
server
sffe
age
246635
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
expires
Thu, 21 Apr 2022 23:50:57 GMT
cmp2ui-en.js
quantcast.mgr.consensu.org/tcfv2/23/ 		469 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2.js?referer=perezhilton.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2021:4a00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Apr 2021 17:21:34 GMT
content-encoding
br
age
97199
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Fri, 18 Dec 2020 15:09:43 GMT
server
AmazonS3
etag
W/"b999c652510fc4edd897a1d667aaee33"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 0797e49e9b926d7fa39bfcaf87f5e51d.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
CPH50-C2
x-amz-cf-id
4x9sLIzldzHig29ZegBG7TnRfsI29HMcjL4BTl_vX9DQ5t2bnioIeg==
gdprConsent
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1120277&ntv_gdpr_consent=&ntv_it
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.67.80.248 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-67-80-248.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:32 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 6FF3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by
Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?consentData=&gdprApplies=0&cbuster=1619295691846664272924
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.121.175.131 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-175-131.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://perezhilton.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://perezhilton.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"40005-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 24 Apr 2021 20:21:32 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date
Sat, 24 Apr 2021 20:21:32 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
/
cm.lentainform.com/setmuidn/ 		0
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lentainform.com/setmuidn/?muidf=l3ov1LLMv6ld
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.216.61 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
645209de4c41c79d-AMS
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09a7247ef10000c79d52885000000001
/
cm.idealmedia.io/setmuidn/ 		0
555 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.idealmedia.io/setmuidn/?muidf=l3ov1LLMv6ld
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
645209de4aa81fea-AMS
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
cf-request-id
09a7247eef00001feacc375000000001
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=303&user_id=l3ov1LLMv6ld
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=303&user_id=l3ov1LLMv6ld
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=33dbfaa4-66e3-4d72-afc0-0af2fa72c13d&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
68 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=33dbfaa4-66e3-4d72-afc0-0af2fa72c13d&seat_user_id=&seat_key=%20%20&gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.111.42 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:33 GMT
content-length
68
content-type
image/png

Redirect headers

location
//match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=33dbfaa4-66e3-4d72-afc0-0af2fa72c13d&seat_user_id=&seat_key= &gdpr=&gdpr_consent=&gdpr_pd=&usprivacy=
date
Sat, 24 Apr 2021 20:21:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
google
cm.mgid.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDNvdjFMTE12Nmxk&muidn=l3ov1LLMv6ld
  • https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=bDNvdjFMTE12Nmxk&muidn=l3ov1LLMv6ld&google_tc=
  • https://cm.mgid.com/google?muidn=l3ov1LLMv6ld&google_ula={guid},5&google_gid=CAESEN9lqrldQmoSsZ7tL9zYMBs&google_cver=1
0
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/google?muidn=l3ov1LLMv6ld&google_ula={guid},5&google_gid=CAESEN9lqrldQmoSsZ7tL9zYMBs&google_cver=1
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:35 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
text/plain
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
645209edc98b0bf5-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09a72488a000000bf5ff082000000001

Redirect headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.mgid.com/google?muidn=l3ov1LLMv6ld&google_ula={guid},5&google_gid=CAESEN9lqrldQmoSsZ7tL9zYMBs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
cm.mgid.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
  • https://cm.mgid.com/m?cdsp=371158&c=de95517e-4e1b-49ba-8eef-27359a05f9a3&ttl=1621887692
43 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=371158&c=de95517e-4e1b-49ba-8eef-27359a05f9a3&ttl=1621887692
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.133.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:33 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
330c1608-ff19-4a3e-81a8-1ce9da317d97
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
645209e369044c79-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09a724821d00004c79e6a36000000001
server
cloudflare

Redirect headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.mgid.com/m?cdsp=371158&c=de95517e-4e1b-49ba-8eef-27359a05f9a3&ttl=1621887692
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
205
m
cm.mgid.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?ssp=mgid
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=mgid&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=Y9EkSGPhVbZw0GjeEow0Wsml&ssp=mgid
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=270&expires=10&user_id=Y9EkSGPhVbZw0GjeEow0Wsml&ssp=mgid
  • https://cm.mgid.com/m?cdsp=433145&c=b8512af5-b7bd-4f8e-b480-6fafde8685e2&gdpr=&gdpr_consent=&us_privacy=
43 B
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?cdsp=433145&c=b8512af5-b7bd-4f8e-b480-6fafde8685e2&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:33 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
d8120e87-2f1e-461f-9eb9-e4a5b8dbced6
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
image/gif
cache-control
max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials
true
cf-ray
645209e47fd00bf5-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09a72482d200000bf53d004000000001
server
cloudflare

Redirect headers

location
//cm.mgid.com/m?cdsp=433145&c=b8512af5-b7bd-4f8e-b480-6fafde8685e2&gdpr=&gdpr_consent=&us_privacy=
date
Sat, 24 Apr 2021 20:21:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cm-notify
creativecdn.com/
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=mgid
  • https://creativecdn.com/cm-notify?pi=mgid&tc=1
42 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creativecdn.com/cm-notify?pi=mgid&tc=1
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:33 GMT, Sat, 24 Apr 2021 20:21:33 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-type
image/gif
content-length
42
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://creativecdn.com/cm-notify?pi=mgid&tc=1
date
Sat, 24 Apr 2021 20:21:32 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=304&ntv_ui=b8420682-29cd-42b6-a9a3-950e83dfd651&ntv_a=AAAAAAAAAAGxgRA&ntv_ht=yX2EYAA&ntv_fl=k4_euJ5Ww-btn4yGYn2KgGLMmajNHTrgv7t5ZM1UcNJ48nup4E9cpBXP_f75nSGi9BCnxIkubp1ciRX1JE2gNcLhRWxTl2kphOtk-vEM0-YqGAG2ZH7mPt-m2ciwnSRzsViMuwT7XArfDryYLmlQhUC3Fsv0_aY6bKHI0nXPwrMqWZOemM9KhFcTZPBFwEwC&ord=724233276&ntv_it
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.67.80.248 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-67-80-248.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:32 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame 4ECD 		88 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-65028971-4
Requested by
Host: widget.yappaapp.com
URL: https://widget.yappaapp.com/js/chunk-vendors.8d851cc7.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f41c890f1c175ce835d0b35eb643876e4029f7217ed1ac88806b96e546b84123
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://widget.yappaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35720
x-xss-protection
0
last-modified
Sat, 24 Apr 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 24 Apr 2021 20:21:32 GMT
yappa-font.0238f8dd.ttf
widget.yappaapp.com/fonts/ Frame 4ECD 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://widget.yappaapp.com/fonts/yappa-font.0238f8dd.ttf
Requested by
Host: widget.yappaapp.com
URL: https://widget.yappaapp.com/css/app.0aa7674d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5c6f858535943fab3f1389524b81a2fe25151d8e686a218c77f4b0d9b5e6905

Request headers

Origin
https://widget.yappaapp.com
Referer
https://widget.yappaapp.com/css/app.0aa7674d.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
710364
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8752
cf-request-id
09a7247fe100004a8b28bcc000000001
last-modified
Wed, 24 Feb 2021 11:05:52 GMT
server
cloudflare
etag
"60363310-2230"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vMTwud5vpiBhob5BL1bidbT2m0uQ0g%2FQ42sN85Y1p1pQxgb5QcaODnnzzIzRwIEadRnMApxf5BbwqMn29UFq%2BrJ5m41k%2BeOHTt5zuiwA4fAjdp2IZThxLP6kvWLxHxl%2B"}]}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
645209dfcff64a8b-FRA
metadata
comments.yappaapp.com/urls/ Frame 4ECD 		167 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://comments.yappaapp.com/urls/metadata?url=https:%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&contentId=
Requested by
Host: widget.yappaapp.com
URL: https://widget.yappaapp.com/js/chunk-vendors.8d851cc7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4367181b34bca83228bcb6a00d4e9f3f0b48e5ee4399a10ed466cc49b36114d

Request headers

Referer
https://widget.yappaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
via
1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09a7247ffd0000dfc712aa6000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8tlQbvTRODNgZzqzxnO9fFHdgl3oTMgI6jvhl3FQ5FqV09W2QjPSqoj9S0nDg6SR421BnhMra7LGLfsMiQM6NUCwzlNtkxNWnNc1wt9NWBvq4trYRK0Zv8brs0VAmLB0hRk%3D"}],"group":"cf-nel"}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-yappa-jwt, content-disposition
cf-ray
645209dff82bdfc7-FRA
x-amz-cf-id
wSJ84ibIe_4KpyC7ktAxmTBNqt0B4AycB2aAERW34-InmkIU59Ol7w==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=15208452&c3=110&ns__t=1619295692658&ns_c=UTF-8&cv=3.5&c8=Salon%20Owner%20Charged%20After%20Two%20Clients%20Contract%20HIV%20From%20A%20%E2%80%98Vampire%20...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1619295692658&ns_c=UTF-8&cv=3.5&c8=Salon%20Owner%20Charged%20After%20Two%20Clients%20Contract%20HIV%20From%20A%20%E2%80%98Vampire%2...
64 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1619295692658&ns_c=UTF-8&cv=3.5&c8=Salon%20Owner%20Charged%20After%20Two%20Clients%20Contract%20HIV%20From%20A%20%E2%80%98Vampire%20Facial%E2%80%99!%20-%20Perez%20Hilton&c7=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&c9=
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-46.zrh50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:33 GMT
via
1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
p2ZBbmjKPTdLdeLefaArj_BtzHUQOmsK3dRmAx0eU4upfJ58p3r8WA==

Redirect headers

date
Sat, 24 Apr 2021 20:21:32 GMT
via
1.1 7e81b1a3e22ce96cdfb0b6c2db121d58.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=15208452&c3=110&ns__t=1619295692658&ns_c=UTF-8&cv=3.5&c8=Salon%20Owner%20Charged%20After%20Two%20Clients%20Contract%20HIV%20From%20A%20%E2%80%98Vampire%20Facial%E2%80%99!%20-%20Perez%20Hilton&c7=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&c9=
content-length
356
x-amz-cf-id
GMtLQf7kIeiYxMqaYMi_D3rNEWFBJcWswKvhUHGPNduLR7l9urD6SA==
reload
www.google.com/recaptcha/api2/ Frame 5515 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Lel6LwZAAAAAOWBQsyuijMbyGWGbJCfx8DOYNnc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/dpzVjBAupwRfx3UzvXRnnAKb/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e644d8fb25b86534364c40e046b5f63762a5ae666241c01dd92010ebbd98517d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lel6LwZAAAAAOWBQsyuijMbyGWGbJCfx8DOYNnc&co=aHR0cHM6Ly9wZXJlemhpbHRvbi5jb206NDQz&hl=en&v=dpzVjBAupwRfx3UzvXRnnAKb&size=invisible&cb=s3qye3pveeya
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6717
x-xss-protection
1; mode=block
expires
Sat, 24 Apr 2021 20:21:32 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=304&ntv_ui=7be444ea-5aff-489c-8279-ba8a02713231&ntv_a=AAAAAAAAAAFBgRA&ntv_ht=yX2EYAA&ntv_fl=k4_euJ5Ww-btn4yGYn2KgGLMmajNHTrgv7t5ZM1UcNJ48nup4E9cpBXP_f75nSGi9BCnxIkubp1ciRX1JE2gNcLhRWxTl2kphOtk-vEM0-YqGAG2ZH7mPt-m2ciwnSRzsViMuwT7XArfDryYLmlQhUC3Fsv0_aY6bKHI0nXPwrMqWZOemM9KhFcTZPBFwEwC&ord=-1586050295&ntv_it
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.67.80.248 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-67-80-248.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:32 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame CAEE 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=46502
Expires
Sun, 25 Apr 2021 09:16:34 GMT
Date
Sat, 24 Apr 2021 20:21:32 GMT
Connection
keep-alive
Vary
Accept-Encoding
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 3B72 		324 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9212424a62705ecdfd064df5e7f5cf802d5e4f6ef7b04c638095edfb80280c4d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:06:17 GMT
content-encoding
br
last-modified
Sat, 24 Apr 2021 19:50:51 GMT
server
AmazonS3
age
916
etag
W/"f67a08b35c0923f44c3015dce21b6577"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
PC3gjz23Sv3L.pBRUeDsu4Bt0wZkEKsM
via
1.1 df7c0ba7857d5300ae11e7566c926f17.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
FRA56-C1
content-type
text/javascript
x-amz-cf-id
jpsKFn6qu65vmZj5UtwOphATVQo98BjOR6OB7gciWD1Yz8mdLq5bgQ==
/
onetag-geo.s-onetag.com/ 		24 B
428 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-112.zrh50.r.cloudfront.net
Software
/
Resource Hash
a038ae2dc667c2b3d7964626a2289136579dec16c427521ed36247fb623f8c2d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 18:26:35 GMT
via
1.1 b601b11612dbb318dc18b8b7062715df.cloudfront.net (CloudFront), 1.1 3a17ea4b3f6bdbc694c3ec0645d21b5e.cloudfront.net (CloudFront)
age
6897
x-amzn-requestid
94f954b9-78d6-41c5-a519-5c078ccaf234
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
HAM50-C1, ZRH50-C1
x-amz-apigw-id
eTRiVHTtCYcF15g=
content-length
24
x-amz-cf-id
_ajKUd_Srz5vEQ0apW8_2GBLdxzTqpJPmD85PChfW6QRmPwcZzTv1A==
pubads_impl_2021042001.js
securepubads.g.doubleclick.net/gpt/ Frame 3B72 		301 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
a2aca9aa200ad3e4dd9afcd27fd2bd5b272a5d297e9f85d708394857ca6a1ffe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Apr 2021 08:40:14 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107961
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:21:32 GMT
/
audit-tcfv2.quantcast.mgr.consensu.org/ 		80 B
514 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22GANCBjEfRH5Fe%22%2C%22domain%22%3A%22perezhilton.com%22%2C%22publisher%22%3A%22Perez%20Hilton%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22b9qqFmNrFDRMS0OGIe9wZw%22%2C%22clientTimestamp%22%3A1619295692842%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-ghyam1ovibhy6j58epzh%22%7D
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.95.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-95-101.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Accept
application/json, text/plain, */*
Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 03:36:31 GMT
via
1.1 5e318b3ea3fa81a8c20898c2f8c40e7c.cloudfront.net (CloudFront)
age
60303
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
80
last-modified
Tue, 26 Nov 2019 14:21:44 GMT
server
AmazonS3
etag
"0614149d8033903db5de46d6c184bbfd"
vary
Origin
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
x-amz-cf-id
j8clV886CwUDOYqYinWxIoRy3ZoU58ND2klCupIK9F2YIVobjetxWQ==
grande.png
perezhilton.com/wp-content/uploads/2020/07/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2020/07/grande.png
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81d97aaa54b8f2d06a92554ff37810c59846f1666b919909737bee86b265e621

Request headers

:path
/wp-content/uploads/2020/07/grande.png
pragma
no-cache
cookie
ntv_ce_visitor=286d83a4-6ed3-49ed-8548-8899539eb17d; __cfduid=d3843b266bc41e0591a1551143ca5fbe91619295689; ntv_as_opt_out=1; ntv_ce_s2p=1; ntv_as_adb=0; _ga_9JS9Z0NFL0=GS1.1.1619295691.1.0.1619295691.0; _pbjs_userid_consent_data=3524755945110770; _ga=GA1.2.1860076318.1619295692; _gid=GA1.2.1096157015.1619295692; _gat_gtag_UA_338092_8=1; _gat_gtag_UA_167135943_9=1; ntv_as_us_privacy=1---; MarketGidStorage=%7B%220%22%3A%7B%7D%2C%22C1017368%22%3A%7B%22page%22%3A1%2C%22time%22%3A1619295691834%7D%7D; ntv_as_syn=1619295691; spotim_visitId={%22visitId%22:%22f3b63069-5cb4-42b8-bdcd-a7863d41cf6a%22%2C%22creationDate%22:%222021-04-24T20:21:32.148Z%22%2C%22duration%22:0}; cto_bidid=32ogQV9qMUVuWGFVSmFJVFl0VFZXMWNudFNlJTJGZDZzR0J4RTVpTVklMkZoWUViQ2NxbzY1YmhuQmxqTDI4R2Y5VjJpT1l6VEFyVDFMQmtmSDMlMkYzb0F5YkY3UFlOdyUzRCUzRA; cto_bundle=F3ui5l9KSk41VE1sTTY2b2gwUzhBRVY5THpPbVpGNkxuY1pqc091a1JHSE9QYzJBSkQ1TjlwUEZBeUZFc2RZMHpVVk15S1ZaaWRDbVhoOWtJOXhNODJpYlRvYTB2YmtNOVFFZXpWSkNRVHd3cUNZU0ltYVNEWW5oQTU3JTJCRGVnaTlGekJj
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:32 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
138095
cf-polished
origFmt=png, origSize=5743
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:32 PM
content-disposition
inline; filename="grande.webp"
cf-bgj
imgq:100,h2pri
content-length
4304
cf-request-id
09a724806f00005470e0233000000001
x-ntv-te
9 c:0 a:0
last-modified
Tue, 21 Jul 2020 23:02:37 GMT
server
cloudflare
etag
"5f17740d-166f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=aDBzExt3BKTGBzzHxdfNdSMDuvWwK4QLlVwvYVdy8TeGfVCk%2F0gqpmuWPLviCQ05lqqax7boRdmyZiGcUYczMYcy84Vkw9e2sD5yyWxJ%2Byc%3D"}]}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
645209e0be6a5470-LHR
expires
Sat, 01 May 2021 05:59:57 GMT
analytics.js
www.google-analytics.com/ Frame 4ECD 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-65028971-4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://widget.yappaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
2459
date
Sat, 24 Apr 2021 19:40:33 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Sat, 24 Apr 2021 21:40:33 GMT
j.html
p.delivercdn.com/prebidlink/18741/ Frame 6B2E 		1 KB
895 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p.delivercdn.com/prebidlink/18741/j.html?i=6864
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
cf35c9e8af47d8cd7233bebf1b785af16546782547f31501432cb7ad97d84714

Request headers

:method
GET
:authority
p.delivercdn.com
:scheme
https
:path
/prebidlink/18741/j.html?i=6864
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://perezhilton.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://perezhilton.com/

Response headers

date
Sat, 24 Apr 2021 20:21:33 GMT
content-type
text/html; charset=utf-8
server
nginx
last-modified
Wed, 16 Sep 2020 14:50:15 GMT
etag
W/"5f622627-434"
cache-control
max-age=3600
content-encoding
gzip
expires
Sat, 24 Apr 2021 21:21:33 GMT
access-control-allow-origin
*
x-proxy-cache
HIT
grumi.js
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame 3B72 		324 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/wrapper_hb_270443_6798.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:8200:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5757b3abce5defba2b718a420cb3d9605eeb9447efdd516cc0b97f0d0f1f9e10

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:06:17 GMT
content-encoding
br
last-modified
Sat, 24 Apr 2021 20:01:11 GMT
server
AmazonS3
age
917
etag
W/"e79e6f9afa0fedb13114383121289195"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
GPPLAAv.Ido_t3a5_fLLqdC_9a.nHvCm
via
1.1 df7c0ba7857d5300ae11e7566c926f17.cloudfront.net (CloudFront)
cache-control
public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop
FRA56-C1
content-type
text/javascript
x-amz-cf-id
Fivur7BI2nAte_tDZfsJr6kVy7gWEUVT0cslSxoMhC4felF00JaPKg==
comments
comments.yappaapp.com/ Frame 4ECD 		240 B
893 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://comments.yappaapp.com/comments?url=https:%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&page=1&view=default&contentId=&domainList[]=135
Requested by
Host: widget.yappaapp.com
URL: https://widget.yappaapp.com/js/chunk-vendors.8d851cc7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaeb50dcee135e1482123e90081fc348ed7390ddb7718cbc9fcd441ddb6e8c01

Request headers

Referer
https://widget.yappaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:33 GMT
via
1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09a724832a0000dfc7e9926000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T7eSW9%2BUy3jeqKM1c89KfMr5Btr1afBbJppqvXWyvF0pfRZGf6NWIgKgU0e%2FNQ3vUWE%2BKeMxntvsvI4ihfxP72uRXt8K5dd1Dq%2F%2FjdmWzXYAGjlWB1jwsXlDR1ArpOUJwJ4%3D"}],"group":"cf-nel"}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-yappa-jwt, content-disposition
cf-ray
645209e508aedfc7-FRA
x-amz-cf-id
w4EmVDuvqGKjUbvUQOMSXOuvBXhPmphxieGLVDzUHLfGO4IwxM2MBA==
EU
onetag-geo-grouping.s-onetag.com/regionalbloc/ 		1 KB
838 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
restify /
Resource Hash
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 02:48:34 GMT
content-encoding
gzip
server
restify
age
63179
vary
Accept-Encoding,origin
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
https://perezhilton.com
access-control-expose-headers
api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control
max-age=86400
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
Mpnbqm6bKooGdLEDIstmmzHG61_FtIQiCmF-WGYB5IV-YRar3NqGTw==
via
1.1 cf2939e85531f45f3306f792ea104eab.cloudfront.net (CloudFront)
sync.html
s.adtelligent.com/ Frame AEAE 		1 KB
917 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=572165
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
f7f50ceea4dcad83eea61dff325d95f0b850b87d8624192f5a4e503dfef3ff3c

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://perezhilton.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://perezhilton.com/

Response headers

Server
VertaMedia 1.0
Date
Sat, 24 Apr 2021 20:21:32 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
634
Access-Control-Allow-Origin
https://perezhilton.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
/
hb.spotim.market/geo/ Frame 3B72 		131 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.spotim.market/geo/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/wrapper_hb_270443_6798.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
84ec4ee78c402655cf707e667f79ab728e2b5afb147c404a8444d25ba3fd4c2e

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://perezhilton.com
Date
Sat, 24 Apr 2021 20:21:33 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
131
Content-Type
application/json
tracking
hb.spotim.market/adunit/ Frame 3B72 		43 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=6798&full_page_url=https%3A%2F%2Fperezhilton.com&adid=w6uhgf.on&vpbv=0774&lifecycle_tte=1280
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/wrapper_hb_270443_6798.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://perezhilton.com
Date
Sat, 24 Apr 2021 20:21:33 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame 6FF3 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.121.175.131 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-175-131.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
85e38c4d71d56942a70f3594fecfdf95d4383e0b6eb934dcddf9910f93294bfa

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:33 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Apr 2021 20:34:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=15742
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9242
Expires
Sun, 25 Apr 2021 00:43:55 GMT
config.json
player.adtelligent.com/exchange_rates/279896/ Frame 3B72 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fperezhilton.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/hb_270443_6798.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
9344e788387cbb6d6223cb215f5d2264f244e9716e68fc8a3311fc3d9783a511

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Apr 2021 20:21:33 GMT
content-encoding
gzip
last-modified
Sat, 24 Apr 2021 12:01:04 GMT
server
nginx
etag
W/"60840880-851"
content-type
application/json
access-control-allow-origin
https://perezhilton.com
expires
Sat, 24 Apr 2021 21:21:33 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
player.js
player.aniview.com/script/6.1/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v16.4.3-1/ads/main-chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
fd902dfd010088990a20dd6b6b0dffa68c30c5c0bc8749a35c268d0c1e62d426

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:33 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-Ux-eIVid6kYf-8ZE4QtKPdr5hEtz9BtG3aGcjgbhCSnJreEeW8XcUhegDegMrVaxXEsMWgV0b1ggUx8uMIsJrrN2wefzQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
9068
last-modified
Wed, 21 Apr 2021 06:02:50 GMT
server
UploadServer
etag
"ac27657df65743c09ac9dbb8d4bddfa3"
vary
Accept-Encoding
x-goog-hash
crc32c=bTkvQw==, md5=rCdlffZXQ8Caydu41L3fow==
content-language
en
access-control-allow-origin
*
x-goog-generation
1618984970750671
access-control-expose-headers
Content-Type
cache-control
no-transform, max-age=300
x-goog-stored-content-length
9068
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 24 Apr 2021 20:26:33 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=5f327ef5712b6a63ae7736e5&e=playerLoaded&cb=1619295693361&r=https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:33 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
cardi.png
perezhilton.com/wp-content/uploads/2020/07/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2020/07/cardi.png
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c1fb517a7c5806a46cdb0f90203fe27a007da23d6c5f488a09079b2c1007e56

Request headers

:path
/wp-content/uploads/2020/07/cardi.png
pragma
no-cache
cookie
spotim_visitId={%22visitId%22:%22f3b63069-5cb4-42b8-bdcd-a7863d41cf6a%22%2C%22creationDate%22:%222021-04-24T20:21:33.360Z%22%2C%22duration%22:0}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:33 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
138127
cf-polished
origFmt=png, origSize=4863
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:33 PM
content-disposition
inline; filename="cardi.webp"
cf-bgj
imgq:100,h2pri
content-length
3370
cf-request-id
09a724825100005470898be000000001
x-ntv-te
8 c:0 a:0
last-modified
Tue, 21 Jul 2020 23:03:21 GMT
server
cloudflare
etag
"5f177439-12ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hGbnqddQnx%2FUGCuPNoOxzx2K6hefTAnAjeWidWUt3ntGekYaTa7vvx257WcVYz2aC7FISEPoNNAabvrmhZKbkilneGRNPUc2EQGAdRIK7Zo%3D"}]}
content-type
image/webp
cache-control
max-age=691200
set-cookie
__cfduid=dc89e2eaadd470747276b756776b75c5d1619295693; expires=Mon, 24-May-21 20:21:33 GMT; path=/; domain=.perezhilton.com; HttpOnly; SameSite=Lax; Secure ntv_ce_visitor=41f42b30-0579-42ff-a477-25d49e229f78; Expires=Thu, 23 Apr 2026 20:21:33 GMT; Domain=.perezhilton.com; Secure; HttpOnly
accept-ranges
bytes
cf-ray
645209e3bd815470-LHR
expires
Sat, 01 May 2021 05:59:26 GMT
kids.png
perezhilton.com/wp-content/uploads/2020/07/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2020/07/kids.png
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ed0bd9c375c3dd1f9c1140ac2a1370a8ee7a1be4fbd558e45a7a5ab6b2ca9d4

Request headers

:path
/wp-content/uploads/2020/07/kids.png
pragma
no-cache
cookie
spotim_visitId={%22visitId%22:%22f3b63069-5cb4-42b8-bdcd-a7863d41cf6a%22%2C%22creationDate%22:%222021-04-24T20:21:33.360Z%22%2C%22duration%22:0}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:33 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
162139
cf-polished
origFmt=png, origSize=5383
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:33 PM
content-disposition
inline; filename="kids.webp"
cf-bgj
imgq:100,h2pri
content-length
3638
cf-request-id
09a724825200005470db87e000000001
x-ntv-te
13 c:0 a:0
last-modified
Tue, 21 Jul 2020 23:05:40 GMT
server
cloudflare
etag
"5f1774c4-1507"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T0eDeHXxejo5zgDNk00FmSe9dDL%2F%2BcEQbW8IZiW6cssV%2BQ4WBokxxGouUJUWXdthD%2Fv2Fz06mhz91tGu8d46lV4rt%2BPtYra0cfs18fCqy7A%3D"}]}
content-type
image/webp
cache-control
max-age=691200
set-cookie
__cfduid=dc89e2eaadd470747276b756776b75c5d1619295693; expires=Mon, 24-May-21 20:21:33 GMT; path=/; domain=.perezhilton.com; HttpOnly; SameSite=Lax; Secure ntv_ce_visitor=e365b1d3-288b-4872-9dbe-47f9020bab9b; Expires=Thu, 23 Apr 2026 20:21:33 GMT; Domain=.perezhilton.com; Secure; HttpOnly
accept-ranges
bytes
cf-ray
645209e3bd875470-LHR
expires
Fri, 30 Apr 2021 23:19:14 GMT
category-perez.png
perezhilton.com/wp-content/uploads/2020/07/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2020/07/category-perez.png
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c46efdacd46e85f4180e2614b9db57754566d6a1bc8405e1fae96cc3e4576089

Request headers

:path
/wp-content/uploads/2020/07/category-perez.png
pragma
no-cache
cookie
spotim_visitId={%22visitId%22:%22f3b63069-5cb4-42b8-bdcd-a7863d41cf6a%22%2C%22creationDate%22:%222021-04-24T20:21:33.360Z%22%2C%22duration%22:0}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:33 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
138123
cf-polished
origFmt=png, origSize=6077
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:33 PM
content-disposition
inline; filename="category-perez.webp"
cf-bgj
imgq:100,h2pri
content-length
4286
cf-request-id
09a7248251000054700138f000000001
x-ntv-te
10 c:0 a:0
last-modified
Tue, 21 Jul 2020 23:05:05 GMT
server
cloudflare
etag
"5f1774a1-17bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gKUNj%2FWqDgyKmU2aSX2EJ2kXuI0nUwW9e3J4n1zQEzqFohRmtZIvWpB4GQ9NfQuLihcQPckAl7UGeLx53MNFjd4%2B0aHJ2wZQsmZNALGfLUA%3D"}]}
content-type
image/webp
cache-control
max-age=691200
set-cookie
__cfduid=dc89e2eaadd470747276b756776b75c5d1619295693; expires=Mon, 24-May-21 20:21:33 GMT; path=/; domain=.perezhilton.com; HttpOnly; SameSite=Lax; Secure ntv_ce_visitor=ed24097c-ce8c-4595-bf22-0df4036a8b44; Expires=Thu, 23 Apr 2026 20:21:33 GMT; Domain=.perezhilton.com; Secure; HttpOnly
accept-ranges
bytes
cf-ray
645209e3bd895470-LHR
expires
Sat, 01 May 2021 05:59:30 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame CAEE 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=62137559&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
f94340d1c015947f41ef27d4eef0257f1a6c6237ad06844eaa6f36aba1946bf7

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:32 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
pbm_307825_6864.js
p.delivercdn.com/prebidlink/18741/ Frame 6B2E 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.delivercdn.com/prebidlink/18741/pbm_307825_6864.js
Requested by
Host: p.delivercdn.com
URL: https://p.delivercdn.com/prebidlink/18741/j.html?i=6864
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
0907d46a39b94a6e1e80fa5b0232d26df3e4bd36ad2ffe9d51bdc21e043b84f5

Request headers

Referer
https://p.delivercdn.com/prebidlink/18741/j.html?i=6864
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:33 GMT
content-encoding
gzip
last-modified
Fri, 23 Apr 2021 14:19:41 GMT
server
nginx
etag
W/"6082d77d-88f4"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 24 Apr 2021 21:21:33 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
AVmanagerab5.js
player.aniview.com/script/6.1/ Frame 52F4 		335 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
ce364e88e708e5fb598f5bcecbe60e34d86dc8a3ab9f29a6ac56f5c264007b4c

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:33 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UxZkzRDHqvJkGlp3PWyyiUxAFXfW4Ydw7fXR1QcNg0frTn12l9ufion1XdCEojcKLJSNaY0GAhHuHz4H-Yv_S84UUjatg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
96803
last-modified
Wed, 21 Apr 2021 06:02:26 GMT
server
UploadServer
etag
"a5fdb6c6043b1bc01b92440f61c0817a"
vary
Accept-Encoding
x-goog-hash
crc32c=BHnqCQ==, md5=pf22xgQ7G8AbkkQPYcCBeg==
content-language
en
access-control-allow-origin
*
x-goog-generation
1618984946494395
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
96803
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 24 Apr 2021 20:26:33 GMT
csync
sync.adtelligent.com/ Frame AEAE
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
86 B
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=572165
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:33 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=perezhilton.com&sn=&cd1=sp_6oLVLzgr&cd2=Desktop&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd6=true&ic=0&tgt=0&app=&wi=400&he=300&test=5&apppkg=&fv=3&proto=https&pid=5e0e296628a061270b21ccab&cid=5f327ef5712b6a63ae7736e5&e=inventory&vi=0&cb=1619295693516
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:33 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
tracking
ghb.adtelligent.com/adunit/ Frame 6B2E 		43 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?pubbid=0&event=11&full_page_url=https%3A%2F%2Fperezhilton.com&adid=1dae13ce0d127d&vpbv=M053&client_id=307825&site_id=6864&lifecycle_tte=570
Requested by
Host: p.delivercdn.com
URL: https://p.delivercdn.com/prebidlink/18741/pbm_307825_6864.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://p.delivercdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://p.delivercdn.com
Date
Sat, 24 Apr 2021 20:21:32 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
/
go1.aniview.com/api/adserver/tag/5/ 		27 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/5/?AV_CDIM1=sp_6oLVLzgr&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&AV_CDIM4=7e9d72b5-de3f-4044-b3d6-15dc38522119&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=5&pce=1&npx=1&AV_DETDOMAIN=perezhilton.com&AV_DADPOS=3&v=6.1.1.243&avtoken=693515&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=1619295693535
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.93.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
49ab37124dae250734256216e5f61e62eeab00c6ebbafa272f1b653bfb00c258

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:33 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 13 Apr 2021 06:34:53 GMT
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
pubmatic
d5p.de17a.com/getuid/ Frame 83A7 		35 B
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=62137559&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.181 , Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-181.teliacarrier-cust.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method
GET
:authority
d5p.de17a.com
:scheme
https
:path
/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
35
content-type
image/gif
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 31CF 		43 B
326 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=62137559&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Sat, 24 Apr 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1173
x-powered-by
ASP.NET
date
Sat, 24 Apr 2021 20:21:33 GMT
content-length
43
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 7F13
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6954822044008904848
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6954822044008904848
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=62137559&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=15A37826-A991-4168-A89E-1E36D7193DE7; chkChromeAb67Sec=1; DPSync3=1620432000%3A201_227_226_221; SyncRTB3=1619827200%3A223_2_15_67%7C1621814400%3A203%7C1620518400%3A35%7C1620432000%3A161_99_230_204_189_222_7_71_22_88_56_8_166_55_13_54_165_176_3_81_231_220_21%7C1620086400%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 24 Apr 2021 20:21:34 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6954822044008904848; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 20:21:34 GMT; path=/ PugT=1619295694; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 20:21:34 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 23-Jul-2021 20:21:34 GMT; path=/
X-lat
lhrpug009:0:422
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Sat, 24 Apr 2021 20:21:33 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6954822044008904848; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6954822044008904848
redir
rtb-csync.smartadserver.com/ Frame B5F6
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFVFJrN0JDUHdBQUNuSzZVdm53QQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFVFJrN0JDUHdBQUNuSzZVdm53QQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAETRk7BCPwAACnK6UvnwA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAETRk7BCPwAACnK6UvnwA&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAETRk7BCPwAACnK6UvnwA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAETRk7BCPwAACnK6UvnwA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=62137559&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Host
rtb-csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 24 Apr 2021 20:21:36 GMT
content-type
image/gif
transfer-encoding
chunked

Redirect headers

Date
Sat, 24 Apr 2021 20:21:36 GMT
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAETRk7BCPwAACnK6UvnwA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
bridge
cm.adgrx.com/ Frame 1988 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=62137559&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Sat, 24 Apr 2021 20:21:34 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-6
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame B8DA
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Y9EkSGPhVbZw0GjeEow0Wsml
42 B
775 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Y9EkSGPhVbZw0GjeEow0Wsml
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=62137559&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=15A37826-A991-4168-A89E-1E36D7193DE7; chkChromeAb67Sec=1; DPSync3=1620432000%3A201_227_226_221; SyncRTB3=1619827200%3A223_2_15_67%7C1621814400%3A203%7C1620518400%3A35%7C1620432000%3A161_99_230_204_189_222_7_71_22_88_56_8_166_55_13_54_165_176_3_81_231_220_21%7C1620086400%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 24 Apr 2021 20:21:35 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_409=22966-Y9EkSGPhVbZw0GjeEow0Wsml; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 20:21:35 GMT; path=/ PugT=1619295695; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 20:21:35 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 23-Jul-2021 20:21:35 GMT; path=/
X-lat
lhrpug009:0:433
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
openresty
date
Sat, 24 Apr 2021 20:21:33 GMT
content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=Y9EkSGPhVbZw0GjeEow0Wsml
strict-transport-security
max-age=0; includeSubDomains;
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 7729
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4708793126
  • https://sync.1rx.io/usersync/tradedesk/de95517e-4e1b-49ba-8eef-27359a05f9a3
  • https://sync.targeting.unrulymedia.com/csync/RX-5cec51e5-52d2-4cfe-9bc9-89ab01ba53e3-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5cec51e5-52d2-4cfe-9bc9-89ab01ba53e3-003
42 B
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5cec51e5-52d2-4cfe-9bc9-89ab01ba53e3-003
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=62137559&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=15A37826-A991-4168-A89E-1E36D7193DE7; chkChromeAb67Sec=1; DPSync3=1620432000%3A201_227_226_221; SyncRTB3=1619827200%3A223_2_15_67%7C1621814400%3A203%7C1620518400%3A35%7C1620432000%3A161_99_230_204_189_222_7_71_22_88_56_8_166_55_13_54_165_176_3_81_231_220_21%7C1620086400%3A63; KRTBCOOKIE_1101=23040-6954822044008904848; PUBMDCID=3; KRTBCOOKIE_22=14911-3930141244502956213; KRTBCOOKIE_377=6810-de95517e-4e1b-49ba-8eef-27359a05f9a3&KRTB&22918-de95517e-4e1b-49ba-8eef-27359a05f9a3&KRTB&23031-de95517e-4e1b-49ba-8eef-27359a05f9a3; KRTBCOOKIE_409=22966-Y9EkSGPhVbZw0GjeEow0Wsml; KRTBCOOKIE_218=22978-YIR9zgAAby6y9wAC&KRTB&23194-YIR9zgAAby6y9wAC&KRTB&23209-YIR9zgAAby6y9wAC&KRTB&23244-YIR9zgAAby6y9wAC; KRTBCOOKIE_153=1923-PuCRtT-0yuUlsZG1POiEsWnhkbgl6Zm4MOX23k_8&KRTB&19420-PuCRtT-0yuUlsZG1POiEsWnhkbgl6Zm4MOX23k_8&KRTB&22979-PuCRtT-0yuUlsZG1POiEsWnhkbgl6Zm4MOX23k_8; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_57=22776-7962826482425836735; KRTBCOOKIE_80=16514-CAESEBNf17irN2OSnP32JKsQPes&KRTB&22987-CAESEBNf17irN2OSnP32JKsQPes&KRTB&23025-CAESEBNf17irN2OSnP32JKsQPes; KRTBCOOKIE_27=16735-uid:21676084-7dd0-4600-846a-ede0a2f43f77&KRTB&16736-uid:21676084-7dd0-4600-846a-ede0a2f43f77&KRTB&23019-uid:21676084-7dd0-4600-846a-ede0a2f43f77&KRTB&23114-uid:21676084-7dd0-4600-846a-ede0a2f43f77; KRTBCOOKIE_391=22924-363877213540098050&KRTB&23263-363877213540098050; SPugT=1619295700; KRTBCOOKIE_1074=22956-e_2ea32158-1114-4ddf-92ea-a9a7601d826c; PugT=1619295701; KRTBCOOKIE_466=16530-b8512af5-b7bd-4f8e-b480-6fafde8685e2; pp=156758; PMDTSHR=cat:
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 24 Apr 2021 20:21:41 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_594=17105-RX-5cec51e5-52d2-4cfe-9bc9-89ab01ba53e3-003&KRTB&17107-RX-5cec51e5-52d2-4cfe-9bc9-89ab01ba53e3-003; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 23-Jul-2021 20:21:41 GMT; path=/ PugT=1619295701; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 24-May-2021 20:21:41 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 23-Jul-2021 20:21:41 GMT; path=/
X-lat
lhrpug019:0:459
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Sat, 24 Apr 2021 20:21:41 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-5cec51e5-52d2-4cfe-9bc9-89ab01ba53e3-003%22%7D; path=/; expires=Sun, 24 Apr 2022 20:21:41 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-5cec51e5-52d2-4cfe-9bc9-89ab01ba53e3-003
etag
RX5cec51e552d24cfe9bc989ab01ba53e3003
dpe
ad4m.at/ad/ Frame B264 		42 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=62137559&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 24 Apr 2021 20:21:33 GMT
content-type
image/gif
content-length
42
set-cookie
__cfduid=d02162d2d6b11f2f52c284b9d642c8f571619295693; expires=Mon, 24-May-21 20:21:33 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-request-id
09a724837300002b22a69b9000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
645209e58a0a2b22-FRA
i.match
s.tribalfusion.com/z/ Frame 9DF3
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
470 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=62137559&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aenoeUu4YUsmqcnc4vGOnnNcMT2ceREtQoK6A9he
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Sat, 24 Apr 2021 20:21:34 GMT
content-type
image/gif; charset=utf-8
content-length
43
set-cookie
__cfduid=dbfc9b2549cb15b15c1e44c415c096d751619295693; expires=Mon, 24-May-21 20:21:33 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=a3nseFM0inh9PBmSUT9ZcliUDZbFx40Q9T4cVVfZdhH8GJr3X5q3IZbbkXwjNjdjZadoCVipDmZdy1BFVkqI1jpprQ; path=/; domain=.tribalfusion.com; expires=Fri, 23-Jul-2021 20:21:33 GMT; SameSite=None; Secure; ANON_ID_old=a3nseFM0inh9PBmSUT9ZcliUDZbFx40Q9T4cVVfZdhH8GJr3X5q3IZbbkXwjNjdjZadoCVipDmZdy1BFVkqI1jpprQ; path=/; domain=.tribalfusion.com; expires=Fri, 23-Jul-2021 20:21:33 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
09a724845700004ee6c8895000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
645209e6ec5d4ee6-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Sat, 24 Apr 2021 20:21:33 GMT
content-type
text/html
set-cookie
__cfduid=dbfc9b2549cb15b15c1e44c415c096d751619295693; expires=Mon, 24-May-21 20:21:33 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aenoeUu4YUsmqcnc4vGOnnNcMT2ceREtQoK6A9he; path=/; domain=.tribalfusion.com; expires=Fri, 23-Jul-2021 20:21:33 GMT; SameSite=None; Secure; ANON_ID_old=aenoeUu4YUsmqcnc4vGOnnNcMT2ceREtQoK6A9he; path=/; domain=.tribalfusion.com; expires=Fri, 23-Jul-2021 20:21:33 GMT;
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
938
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
cf-request-id
09a72483a300004ee67b245000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
645209e5c9b14ee6-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame E5A7
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=d1DIBUYopJ31&pid=557219
1 B
463 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=d1DIBUYopJ31&pid=557219
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=62137559&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=15A37826-A991-4168-A89E-1E36D7193DE7; chkChromeAb67Sec=1; DPSync3=1620432000%3A201_227_226_221; SyncRTB3=1619827200%3A223_2_15_67%7C1621814400%3A203%7C1620518400%3A35%7C1620432000%3A161_99_230_204_189_222_7_71_22_88_56_8_166_55_13_54_165_176_3_81_231_220_21%7C1620086400%3A63; KRTBCOOKIE_1101=23040-6954822044008904848; PUBMDCID=3; KRTBCOOKIE_22=14911-3930141244502956213; KRTBCOOKIE_377=6810-de95517e-4e1b-49ba-8eef-27359a05f9a3&KRTB&22918-de95517e-4e1b-49ba-8eef-27359a05f9a3&KRTB&23031-de95517e-4e1b-49ba-8eef-27359a05f9a3; KRTBCOOKIE_409=22966-Y9EkSGPhVbZw0GjeEow0Wsml; PugT=1619295695; KRTBCOOKIE_218=22978-YIR9zgAAby6y9wAC&KRTB&23194-YIR9zgAAby6y9wAC&KRTB&23209-YIR9zgAAby6y9wAC&KRTB&23244-YIR9zgAAby6y9wAC; KRTBCOOKIE_153=1923-PuCRtT-0yuUlsZG1POiEsWnhkbgl6Zm4MOX23k_8&KRTB&19420-PuCRtT-0yuUlsZG1POiEsWnhkbgl6Zm4MOX23k_8&KRTB&22979-PuCRtT-0yuUlsZG1POiEsWnhkbgl6Zm4MOX23k_8; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_57=22776-7962826482425836735; KRTBCOOKIE_80=16514-CAESEBNf17irN2OSnP32JKsQPes&KRTB&22987-CAESEBNf17irN2OSnP32JKsQPes&KRTB&23025-CAESEBNf17irN2OSnP32JKsQPes; SPugT=1619295694
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Sat, 24 Apr 2021 20:21:36 GMT
Content-Type
text/html; charset=utf-8
Content-Length
1
Connection
keep-alive
Set-Cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 23-Jul-2021 20:21:36 GMT; path=/
X-lat
lhrpug020:0:377
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-7c488d4f5b-bdsjx
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=d1DIBUYopJ31&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
set-cookie
INGRESSCOOKIE=6a1dcc63c277bc03; path=/; HttpOnly; Secure; SameSite=None
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame AF9A
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3764d166-5f4d-4127-811a-b85ca6f4d682-tuct77e034e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3764d166-5f4d-4127-811a-b85ca6f4d682-tuct77e034e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=62137559&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3764d166-5f4d-4127-811a-b85ca6f4d682-tuct77e034e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
t_gid=3764d166-5f4d-4127-811a-b85ca6f4d682-tuct77e034e
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Sat, 24 Apr 2021 20:21:34 GMT
via
1.1 varnish
x-served-by
cache-hhn11527-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1619295695.881688,VS0,VE8
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=3764d166-5f4d-4127-811a-b85ca6f4d682-tuct77e034e;Version=1;Path=/;Domain=.taboola.com;Expires=Sun, 24-Apr-2022 20:21:34 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=3764d166-5f4d-4127-811a-b85ca6f4d682-tuct77e034e&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Sat, 24 Apr 2021 20:21:34 GMT
via
1.1 varnish
x-served-by
cache-hhn11527-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1619295695.772657,VS0,VE58
x-vcl-time-ms
58
content-length
0
141
match.deepintent.com/usersync/ Frame 525F 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=62137559&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=${DI_USER_ID}&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Sat, 24 Apr 2021 20:21:34 GMT
server
b
Cookie set csync
sync.spotim.market/ Frame 777A 		86 B
543 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=281178&extuid=15A37826-A991-4168-A89E-1E36D7193DE7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Host
sync.spotim.market
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
vmuid=5a23202fd25b6c5a; a271858=8181359259227230873
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
VertaMedia 1.0
Date
Sat, 24 Apr 2021 20:21:33 GMT
Content-Type
image/gif
Content-Length
86
Cache-Control
no-cache, no-store, must-revalidate
Set-Cookie
vmuid=5a23202fd25b6c5a; expires=Fri, 25 Jun 2021 20:21:33 GMT; domain=.spotim.market; path=/; secure; SameSite=None a281178=15A37826-A991-4168-A89E-1E36D7193DE7; expires=Fri, 25 Jun 2021 20:21:33 GMT; domain=.spotim.market; path=/; secure; SameSite=None
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CAEE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FaN4JqmRQWionh421xk95w%3D%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FaN4JqmRQWionh421xk95w%3D%3D&google_tc=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:35 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=32161
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Sun, 25 Apr 2021 05:17:36 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame CAEE 		95 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=15A37826-A991-4168-A89E-1E36D7193DE7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:34 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
645209e5ba0016ee-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09a7248395000016eeb5136000000001
info
uipglob.semasio.net/pubmatic/1/ Frame CAEE 		42 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=15A37826-A991-4168-A89E-1E36D7193DE7&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
uip-response-status
FallbackResponse
date
Sat, 24 Apr 2021 20:21:34 GMT
frontend-id
3
content-length
42
routing-server-id
-1
content-type
image/gif
Artemis
aud.pubmatic.com/AdServer/ Frame CAEE
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=15A37826-A991-4168-A89E-1E36D7193DE7&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=15A37826-A991-4168-A89E-1E36D7193DE7&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=15A37826-A991-4168-A89E-1E36D7193DE7&addseg=21
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=15A37826-A991-4168-A89E-1E36D7193DE7&addseg=21
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:37 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Sat, 24 Apr 2021 20:21:36 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=15A37826-A991-4168-A89E-1E36D7193DE7&addseg=21
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
image2.pubmatic.com/AdServer/ Frame CAEE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTVBMzc4MjYtQTk5MS00MTY4LUE4OUUtMUUzNkQ3MTkzREU3&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTVBMzc4MjYtQTk5MS00MTY4LUE4OUUtMUUzNkQ3MTkzREU3&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:35 GMT
X-lat
lhrpug014:0:451
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame CAEE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBNf17irN2OSnP32JKsQPes&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBNf17irN2OSnP32JKsQPes&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:35 GMT
X-lat
lhrpug019:0:526
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:34 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBNf17irN2OSnP32JKsQPes&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame CAEE 		43 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:33 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 23 Apr 2021 20:21:33 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CAEE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=de95517e-4e1b-49ba-8eef-27359a05f9a3
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=de95517e-4e1b-49ba-8eef-27359a05f9a3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:33 GMT
X-lat
lhrpug013:0:434
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=de95517e-4e1b-49ba-8eef-27359a05f9a3
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame CAEE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=363877213540098050
42 B
799 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=363877213540098050
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:38 GMT
X-lat
lhrpug012:0:400
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:38 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=363877213540098050
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame CAEE
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:21676084-7dd0-4600-846a-ede0a2f43f77&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:21676084-7dd0-4600-846a-ede0a2f43f77&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:37 GMT
X-lat
lhrpug011:0:476
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Sat, 24 Apr 2021 20:21:34 GMT
Server
MT3 3660 495c301 master zrh-pixel-x27
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:21676084-7dd0-4600-846a-ede0a2f43f77&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 24 Apr 2021 20:21:33 GMT
Pug
image2.pubmatic.com/AdServer/ Frame CAEE
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7962826482425836735&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7962826482425836735&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:35 GMT
X-lat
lhrpug006:0:543
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:33 GMT
X-Proxy-Origin
5.253.206.148; 5.253.206.148; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.72:80
AN-X-Request-Uuid
f1b28b73-55c7-4f82-85fb-af40cf0f771f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7962826482425836735&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
15A37826-A991-4168-A89E-1E36D7193DE7
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame CAEE 		43 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/15A37826-A991-4168-A89E-1E36D7193DE7?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:33 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame CAEE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=15A37826-A991-4168-A89E-1E36D7193DE7&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-P8yGQ0FE2uXUYqSKNlfkly8RpM.DhZg-~A&gdpr=0&gdpr_consent=
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-P8yGQ0FE2uXUYqSKNlfkly8RpM.DhZg-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:40 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sat, 24 Apr 2021 20:21:33 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-P8yGQ0FE2uXUYqSKNlfkly8RpM.DhZg-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame CAEE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=b8512af5-b7bd-4f8e-b480-6fafde8685e2
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=b8512af5-b7bd-4f8e-b480-6fafde8685e2
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=3e473953-e7c2-4470-98a9-c8ced8bc82fc&user_group=1&ssp=pubmatic&bsw_param=b8512af5-b7bd-4f8e-b480-6fafde8685e2
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b8512af5-b7bd-4f8e-b480-6fafde8685e2&gdpr=&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b8512af5-b7bd-4f8e-b480-6fafde8685e2&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:41 GMT
X-lat
lhrpug007:0:476
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b8512af5-b7bd-4f8e-b480-6fafde8685e2&gdpr=&gdpr_consent=&gdpr_pd=
date
Sat, 24 Apr 2021 20:21:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame CAEE
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PuCRtT-0yuUlsZG1POiEsWnhkbgl6Zm4MOX23k_8
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PuCRtT-0yuUlsZG1POiEsWnhkbgl6Zm4MOX23k_8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:35 GMT
X-lat
lhrpug007:0:541
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=PuCRtT-0yuUlsZG1POiEsWnhkbgl6Zm4MOX23k_8
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CAEE
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3930141244502956213&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3930141244502956213&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:34 GMT
X-lat
lhrpug005:0:419
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3930141244502956213&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 24 Apr 2021 20:21:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame CAEE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIR9zgAAby6y9wAC&gdpr=0&gdpr_consent=&_test=YIR9zgAAby6y9wAC
1 B
810 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIR9zgAAby6y9wAC&gdpr=0&gdpr_consent=&_test=YIR9zgAAby6y9wAC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:35 GMT
X-lat
lhrpug015:0:2219
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:34 GMT
via
1.1 varnish
server
Varnish
x-timer
S1619295695.989639,VS0,VE0
x-served-by
cache-hhn4020-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YIR9zgAAby6y9wAC&gdpr=0&gdpr_consent=&_test=YIR9zgAAby6y9wAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame CAEE
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:e177c3ec-0bf9-4c60-8e77-84024b07186c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:e177c3ec-0bf9-4c60-8e77-84024b07186c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:41 GMT
X-lat
lhrpug009:0:453
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:e177c3ec-0bf9-4c60-8e77-84024b07186c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sat, 24 Apr 2021 20:21:41 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame CAEE
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:35 GMT
X-lat
lhrpug018:0:361
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:33 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame CAEE 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=15A37826-A991-4168-A89E-1E36D7193DE7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:33 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame CAEE
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7962826482425836735
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7962826482425836735
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:41 GMT
X-lat
lhrpug001:0:473
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:41 GMT
X-Proxy-Origin
5.253.206.148; 5.253.206.148; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.74:80
AN-X-Request-Uuid
7e06cdba-a0b7-47f6-a635-93bd0c9a8781
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7962826482425836735
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame CAEE
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2ea32158-1114-4ddf-92ea-a9a7601d826c
42 B
790 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2ea32158-1114-4ddf-92ea-a9a7601d826c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:41 GMT
X-lat
lhrpug016:0:414
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_2ea32158-1114-4ddf-92ea-a9a7601d826c
date
Sat, 24 Apr 2021 20:21:41 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
id
api.britepool.com/v1/britepool/ Frame 		0
0
id
api.britepool.com/v1/britepool/ 		0
0
envelope
api.rlcdn.com/api/identity/ 		0
0
rid
match.adsrvr.org/track/ 		108 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159143/2782/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.88.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-88-205.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cb12924bb9ade92ddedd2d1dcad96cd72cc3076d8e4d7f18e03ad85461f0169a

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Apr 2021 20:21:33 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://perezhilton.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Mon, 24 May 2021 20:21:33 GMT
csyncs
hb.spotim.market/ Frame 3B72 		390 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.spotim.market/csyncs?aid1=537181&aid2=572165&aid3=573838
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/wrapper_hb_270443_6798.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
a2026a55ec0a210fe2ead2f13042ffc4b31f9fa3f0484dfef89794781e2ae281

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:33 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://perezhilton.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
247
khaos.jpg
token.rubiconproject.com/ Frame 6FF3 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
cookiesyncendpoint
sync.aniview.com/ Frame 0E47
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D55%26key%3D%24UID
  • https://sync.aniview.com/cookiesyncendpoint?auid=1619295693899-998406242191-020775-010-000380&biddername=55&key=7962826482425836735
0
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1619295693899-998406242191-020775-010-000380&biddername=55&key=7962826482425836735
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.164.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?auid=1619295693899-998406242191-020775-010-000380&biddername=55&key=7962826482425836735
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://perezhilton.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
aniC=1619295693899-998406242191-020775-010-000380
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://perezhilton.com/

Response headers

date
Sat, 24 Apr 2021 20:21:34 GMT
content-length
0
set-cookie
2_C_55=7962826482425836735; Path=/; Domain=aniview.com; Expires=Sat, 01 May 2021 20:21:34 GMT; Secure; SameSite=None 2_C_55=7962826482425836735; Path=/; Expires=Sat, 01 May 2021 20:21:34 GMT; Secure; SameSite=None

Redirect headers

Server
nginx/1.17.9
Date
Sat, 24 Apr 2021 20:21:34 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1619295693899-998406242191-020775-010-000380&biddername=55&key=7962826482425836735
AN-X-Request-Uuid
91e85631-be5e-45ea-8f39-3faaed05ca66
Set-Cookie
uuid2=7962826482425836735; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 23-Jul-2021 20:21:34 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
5.253.206.148; 5.253.206.148; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.239:80
Cookie set usermatch
ssum.casalemedia.com/ Frame 2C9E
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D42%26key%3D
  • https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D42%26key%3D&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D42%26key%3D&C=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e52d1f207596e9bee7b2328c081fc57c63834f50c62ce93620c3223a08ec1735

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://perezhilton.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=1119; CMPRO=1160; CMST=YIR90GCEfdAA; CMRUM3=c360847dd005a00&da60847dd027600&bf60847dd005a0&2760847dd00b40&f160847dd005a0&e660847dd027600&ef60847dd005a00&2d60847dd02760CAESEIRxqTH6mkNA-eUDRFidb14; CMID=YIR90X.t.YufiQktn5vrKwAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://perezhilton.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|130|206|5|40|13|191
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1595
Expires
Sat, 24 Apr 2021 20:21:37 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:37 GMT
Connection
keep-alive
Set-Cookie
CMID=YIR90X.t.YufiQktn5vrKwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Apr 2022 20:21:37 GMT CMPS=1119;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 23 Jul 2021 20:21:37 GMT CMPRO=1160;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 23 Jul 2021 20:21:37 GMT CMST=YIR90GCEfdEA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Apr 2021 20:21:37 GMT CMRUM3=da60847dd027600&0560847dd105a0&2860847dd105a00&bf60847dd105a0&f160847dd005a0&2760847dd00b40&e660847dd027600&8260847dd1a8c0&c360847dd005a00&ce60847dd105a00&2e60847dd105a0&4960847dd105a00&ef60847dd005a00&0d60847dd105a0&2d60847dd02760CAESEIRxqTH6mkNA-eUDRFidb14;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Apr 2022 20:21:37 GMT

Redirect headers

Server
Apache
Content-Length
379
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D42%26key%3D&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sat, 24 Apr 2021 20:21:37 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:37 GMT
Connection
keep-alive
Set-Cookie
CMID=YIR90X.t.YufiQktn5vrKwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Apr 2022 20:21:37 GMT CMPS=1119;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 23 Jul 2021 20:21:37 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F05B 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://perezhilton.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=15A37826-A991-4168-A89E-1E36D7193DE7; chkChromeAb67Sec=1; DPSync3=1620432000%3A201_227_226_221; SyncRTB3=1619827200%3A223_2_15_67%7C1621814400%3A203%7C1620518400%3A35%7C1620432000%3A161_99_230_204_189_222_7_71_22_88_56_8_166_55_13_54_165_176_3_81_231_220_21%7C1620086400%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://perezhilton.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=32162
Expires
Sun, 25 Apr 2021 05:17:36 GMT
Date
Sat, 24 Apr 2021 20:21:34 GMT
Connection
keep-alive
Vary
Accept-Encoding
cookiesyncendpoint
sync.aniview.com/ Frame 767D
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D2%26key%3D%24S...
  • https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D2%26key%3D%24S...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1619295693899-998406242191-020775-010-000380&biddername=2&key=a9cf5301-a53a-11eb-8086-191344880506
0
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1619295693899-998406242191-020775-010-000380&biddername=2&key=a9cf5301-a53a-11eb-8086-191344880506
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.164.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?auid=1619295693899-998406242191-020775-010-000380&biddername=2&key=a9cf5301-a53a-11eb-8086-191344880506
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://perezhilton.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
aniC=1619295693899-998406242191-020775-010-000380
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://perezhilton.com/

Response headers

date
Sat, 24 Apr 2021 20:21:34 GMT
content-length
0
set-cookie
2_C_2=a9cf5301-a53a-11eb-8086-191344880506; Path=/; Domain=aniview.com; Expires=Sat, 01 May 2021 20:21:34 GMT; Secure; SameSite=None 2_C_2=a9cf5301-a53a-11eb-8086-191344880506; Path=/; Expires=Sat, 01 May 2021 20:21:34 GMT; Secure; SameSite=None

Redirect headers

Server
nginx
Date
Sat, 24 Apr 2021 20:21:34 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Set-Cookie
audience=a9cf5301-a53a-11eb-8086-191344880506; expires=Sun, 24-Apr-2022 21:28:14 GMT; path=/; domain=.spotxchange.com; SameSite=none; Secure
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1619295693899-998406242191-020775-010-000380&biddername=2&key=a9cf5301-a53a-11eb-8086-191344880506
X-fe
94
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
usync.html
eus.rubiconproject.com/ Frame 4E2D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.121.175.131 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-175-131.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://perezhilton.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://perezhilton.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"40005-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 24 Apr 2021 20:21:34 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Date
Sat, 24 Apr 2021 20:21:34 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
cookiesyncendpoint
sync.aniview.com/ Frame B4BB
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D72%26pid%3D5e0e...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1619295693899-998406242191-020775-010-000380&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
0
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1619295693899-998406242191-020775-010-000380&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.164.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
sync.aniview.com
:scheme
https
:path
/cookiesyncendpoint?auid=1619295693899-998406242191-020775-010-000380&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://perezhilton.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
aniC=1619295693899-998406242191-020775-010-000380
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://perezhilton.com/

Response headers

date
Sat, 24 Apr 2021 20:21:34 GMT
content-length
0

Redirect headers

cache-control
max-age=0,no-cache,no-store
pragma
no-cache
expires
Tue, 11 Oct 1977 12:34:56 GMT
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.aniview.com/cookiesyncendpoint?auid=1619295693899-998406242191-020775-010-000380&biddername=72&pid=5e0e296628a061270b21ccab&key=no-consent
content-length
0
date
Sat, 24 Apr 2021 20:21:34 GMT
server
AC1.1
sync
pixel.advertising.com/ups/58268/ Frame 58D1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.advertising.com/ups/58268/sync?&gdpr=1&gdpr_consent=&redir=true
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.63.176 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
pixel.advertising.com
:scheme
https
:path
/ups/58268/sync?&gdpr=1&gdpr_consent=&redir=true
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://perezhilton.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://perezhilton.com/

Response headers

date
Sat, 24 Apr 2021 20:21:34 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security
max-age=31536000
11955841
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/11955841?_fw_gdpr=1&_fw_gdpr_consent=&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&cbb=9295694019
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d614cb3adedc9cf5ef2ba1e62ae283ec73bcb8c3c31f8355832f0e5b0cc70fed

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:35 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1206
x-sticky-vk
1619295695253094-340
Expires
Sat, 24 Apr 2021 20:21:35 GMT
11955841
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/11955841?&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&cbb=9295694022
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d0925ef070b190d0770bf1e7c0c3a27551f5ea7bc11133c3814fade0b506cb71

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:35 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1148
x-sticky-vk
1619295695422053-376
Expires
Sat, 24 Apr 2021 20:21:35 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ 		0
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		0
0
306998
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/306998?VPI=MP4&content_page_url=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cb=9295694024&player_width=400&player_height=300&ip_addr=5.253.206.148&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:34 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000901
X-SpotX-Timing-SpotMarket
0.006236
X-SpotX-Timing-Page-Mux
0.000811
X-SpotX-Timing-Page-Require
0.000361
X-fe
120
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000028
Content-Length
77
X-SpotX-Timing-Page
0.011991
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000284
Last-Modified
Sat, 24 Apr 2021 20:21:34 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.006236
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://perezhilton.com
X-SpotX-Timing-Page-Misc
0.003359
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag
p4dt2-x71s7.ads.tremorhub.com/ad/ 		119 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p4dt2-x71s7.ads.tremorhub.com/ad/tag?adCode=p4dt2-z1bwz&playerWidth=400&playerHeight=300&gdpr=1&gdpr_consent=&srcPageUrl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&floor=USD:6.875&cbb=9295694024
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:d4f4:6ee9:b45e:a058 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
ae07da0b8bdaa74042237e5292bd98e9a7b4f6991843c1144757450b5573fd48

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:34 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
text/xml;charset=UTF-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		0
0
294849
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/294849?VPI=MP4&content_page_url=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cb=9295694025&player_width=400&player_height=300&ip_addr=5.253.206.148&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:34 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000288
X-SpotX-Timing-SpotMarket
0.005012
X-SpotX-Timing-Page-Mux
0.000942
X-SpotX-Timing-Page-Require
0.000458
X-fe
002
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000029
Content-Length
77
X-SpotX-Timing-Page
0.009718
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000477
Last-Modified
Sat, 24 Apr 2021 20:21:34 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.005012
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://perezhilton.com
X-SpotX-Timing-Page-Misc
0.002500
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000011
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ 		0
0
292705
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/292705?VPAID=JS&content_page_url=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&device[dnt]=[DO_NOT_TRACK]&device[os]=[DEVICEOS]&device[osv]=[DEVICEOSV]&ip_addr=5.253.206.148&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device[geo][lat]=52.15320&device[geo][lon]=20.99990&cb=9295694026&player_width=400&player_height=300&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:34 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000353
X-SpotX-Timing-SpotMarket
0.005644
X-SpotX-Timing-Page-Mux
0.001576
X-SpotX-Timing-Page-Require
0.000476
X-fe
136
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000002
Content-Length
77
X-SpotX-Timing-Page
0.010451
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000480
Last-Modified
Sat, 24 Apr 2021 20:21:34 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.005644
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://perezhilton.com
X-SpotX-Timing-Page-Misc
0.001906
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000013
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ 		0
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		0
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		0
0
tag
p4dt2-x71s7.ads.tremorhub.com/ad/ 		119 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p4dt2-x71s7.ads.tremorhub.com/ad/tag?adCode=p4dt2-z1bwz&playerWidth=400&playerHeight=300&gdpr=1&gdpr_consent=&srcPageUrl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&floor=USD:6.875&cbb=9295694027
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:d4f4:6ee9:b45e:a058 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
ae07da0b8bdaa74042237e5292bd98e9a7b4f6991843c1144757450b5573fd48

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:34 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
text/xml;charset=UTF-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		0
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		0
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		0
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		0
0
s2s
s2s.aniview.com/api/adserver/ 		1 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=b1724564a47313a4b62675d22ca93740_172315966&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1619295693899-998406242191-020775-010-000380&AV_CDIM1=sp_6oLVLzgr&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&AV_CDIM4=7e9d72b5-de3f-4044-b3d6-15dc38522119&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=5&pce=1&npx=1&AV_DETDOMAIN=perezhilton.com&AV_DADPOS=3&v=6.1.1.243&avtoken=693515&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=9295694029&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 13 Apr 2021 06:34:54 GMT
avpb3.js
player.aniview.com/script/6.1/ Frame 52F4 		265 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/avpb3.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:2ab::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
f552246407a4f8b34a08fc42783296a8579d8f934081a0086cf37d051f334d6d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:34 GMT
content-encoding
gzip
x-guploader-uploadid
ABg5-UyId3wRLZKV3YHMPWXEBJSRZDfsWyiZzWfD38WZRXe5q2rPEexeRnxUZObbKIXsCxAztN8PKrIaVyKL9gDTgY9oYLL5nw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
85397
last-modified
Wed, 21 Apr 2021 06:01:48 GMT
server
UploadServer
etag
"b80011497556c9d2e7a91056588d67c1"
vary
Accept-Encoding
x-goog-hash
crc32c=dVs1tg==, md5=uAARSXVWydLnqRBWWI1nwQ==
content-language
en
access-control-allow-origin
*
x-goog-generation
1618984908608984
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
85397
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 24 Apr 2021 20:26:34 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=84726&t=1619295693&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295693899-998406242191-020775-010-000380&cha=0.7&cb=20688906628&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1619295694027&asid=5f18176e0139a65a1e214114%2C5f18178167401046cd6afed4%2C5e85d2f0d23d91608a46c4ac%2C5e85d2f0d23d91608a46c4a8%2C5ff322342d4919083a16bde2%2C5f1827835fad3216f81efe59%2C5e85d2f0d23d91608a46c4a4%2C5f182bf818341f114d656736%2C5f0c270e47b76848fa6ef4d6%2C5ede146878b8e651e62d47ea%2C5f0c2689a6df1c579d429685%2C602a751b9fda7924a569e4cb%2C606ad3fbab545d54873de6d4%2C5f0c277120c3067939487264%2C5f1827c70944ea2cfc6608d3%2C5efd94c197164358fe79390e&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C5.5%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:34 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=84726&t=1619295693&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295693899-998406242191-020775-010-000380&cha=0.7&cb=20688906628&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1619295694031&asid=5f0c26c95bc4ee1ba610d907%2C5f0c274d6641564e205ac355%2C5fb5756e6a973179765f33c3%2C5f4e3f85ad782d0f014069dc&ofpr=%2C%2C4.98%2C&fpo=%2C%2C%2C
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:34 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
csync
sync.adtelligent.com/ Frame 3B72
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
86 B
521 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
VertaMedia 1.0
Content-Length
86
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:34 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.adtelligent.com/csync?t=a&ep=309017&extuid=no-consent
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
288395
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/288395
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Apr 2021 20:21:34 GMT
X-SpotX-Timing-Transform
0.000319
X-SpotX-Timing-SpotMarket
0.007801
X-SpotX-Timing-Page-Mux
0.001106
X-SpotX-Timing-Page-Require
0.000382
X-fe
034
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000023
X-SpotX-Timing-Page
0.012900
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000573
Last-Modified
Sat, 24 Apr 2021 20:21:34 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.007801
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://perezhilton.com
X-SpotX-Timing-Page-Misc
0.002678
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000018
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cygnus
htlb.casalemedia.com/ 		24 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%22347cc9c7436828%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22sid%22%3A%22sp_6oLVLzgr%22%2C%22asi%22%3A%22spotim.market%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224855aacc6116bc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22sid%22%3A%22400x300%22%7D%2C%22bidfloor%22%3A5.5%2C%22bidfloorcur%22%3A%22USD%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%7D%5D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.215.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-215-69.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2a2ded9b27d20ea56a79296399cbd5113cd16cd10963914109e08d7c4a41357b

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:35 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[PL], RC:[], CN:[EU], CIP:[5.253.206.148], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://perezhilton.com
x-cs-client-geo
09
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
09
expires
Sat, 24 Apr 2021 20:21:35 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame EF1E 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D1%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D1%26key%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES; KADUSERCOOKIE=15A37826-A991-4168-A89E-1E36D7193DE7; chkChromeAb67Sec=1; DPSync3=1620432000%3A201_227_226_221; SyncRTB3=1619827200%3A223_2_15_67%7C1621814400%3A203%7C1620518400%3A35%7C1620432000%3A161_99_230_204_189_222_7_71_22_88_56_8_166_55_13_54_165_176_3_81_231_220_21%7C1620086400%3A63; KRTBCOOKIE_1101=23040-6954822044008904848; PugT=1619295694; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D1%26key%3D

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=46500
Expires
Sun, 25 Apr 2021 09:16:34 GMT
Date
Sat, 24 Apr 2021 20:21:34 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 4E2D 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.121.175.131 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-175-131.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
85e38c4d71d56942a70f3594fecfdf95d4383e0b6eb934dcddf9910f93294bfa

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Apr 2021 20:34:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=15741
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9242
Expires
Sun, 25 Apr 2021 00:43:55 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=386,387,388,389&ntv_r1=3976&ntv_r2=4188&ntv_r3=4188&ntv_r4=4188&ntv_pl=1114139&ntv_it
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.67.80.248 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-67-80-248.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:34 GMT
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame 4E2D 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/jpg
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fperezhilton.com%2F&domain=perezhilton.com&cw=1&lsw=1
Protocol
H2
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://perezhilton.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://perezhilton.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1472
date
Sat, 24 Apr 2021 20:21:34 GMT
content-encoding
gzip
vary
Accept-Encoding
rtb
trends.revcontent.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/rtb?apiKey=b7b594eb3a542d84f1718555eb51303d1083ca46&userId=152441
Protocol
H2
Server
34.252.219.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Grizzly/2.4.4 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://perezhilton.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 24 Apr 2021 20:21:35 GMT
content-type
text/plain
content-length
13
server
Grizzly/2.4.4
allow
POST,OPTIONS
access-control-allow-origin
https://perezhilton.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
sid
mug.criteo.com/ Frame 3B72
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fperezhilton.com%2F&domain=perezhilton.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=mNNhtnxwdFY1dTJCVWE1Z2hzS01oM3JIdm92NlZFNjFzTUxIazV0bkdZempmcG9KbGt1bVhuSWV5c28xMHFoa3NQMW9RcE5wVFJjOW9FNllubUpVRmxseVNYUllUeUdZN1k5SjhCekwyeklQRmJlbFo3WDhhUHlrREJ6dW...
358 B
638 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=mNNhtnxwdFY1dTJCVWE1Z2hzS01oM3JIdm92NlZFNjFzTUxIazV0bkdZempmcG9KbGt1bVhuSWV5c28xMHFoa3NQMW9RcE5wVFJjOW9FNllubUpVRmxseVNYUllUeUdZN1k5SjhCekwyeklQRmJlbFo3WDhhUHlrREJ6dW1HUFF2bUIrTEw1MS81bWt1akNOa1VrNXFTZHkyNlVxRFlib0FqZEFDblJ5Mk01aCtlYkNzcEFQRzdWdTUySEgvWUw2MFE2eEFEbEgzVEM5SmxJYWovMVNua0ZLNThBRU8rVitmemhuQnFuSnJGdnJXS0E0PXw&cppv=2
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7e69af5a26a426149841dd795972043e9f664661eea37210093ab2ef2c91d74f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sat, 24 Apr 2021 20:21:34 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2227
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 24 Apr 2021 20:21:34 GMT
location
https://mug.criteo.com/sid?cpp=mNNhtnxwdFY1dTJCVWE1Z2hzS01oM3JIdm92NlZFNjFzTUxIazV0bkdZempmcG9KbGt1bVhuSWV5c28xMHFoa3NQMW9RcE5wVFJjOW9FNllubUpVRmxseVNYUllUeUdZN1k5SjhCekwyeklQRmJlbFo3WDhhUHlrREJ6dW1HUFF2bUIrTEw1MS81bWt1akNOa1VrNXFTZHkyNlVxRFlib0FqZEFDblJ5Mk01aCtlYkNzcEFQRzdWdTUySEgvWUw2MFE2eEFEbEgzVEM5SmxJYWovMVNua0ZLNThBRU8rVitmemhuQnFuSnJGdnJXS0E0PXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1700
content-length
482
expires
0
bids
prebid-us.creativecdn.com/bidder/prebid/ Frame 3B72 		0
0
prebid
ib.adnxs.com/ut/v3/ Frame 3B72 		143 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/hb_270443_6798.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
95d4e4c0c114d0c12976f06d0b19d828c6970deadaea2e5933bdcb1e7db73dec
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:34 GMT
X-Proxy-Origin
5.253.206.148; 5.253.206.148; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.235:80
AN-X-Request-Uuid
023afe79-723c-469f-b229-2f42f1b00748
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
143
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
spot-im-d.openx.net/w/1.0/ Frame 3B72 		0
0
rtb
trends.revcontent.com/ Frame 3B72 		80 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/rtb?apiKey=b7b594eb3a542d84f1718555eb51303d1083ca46&userId=152441
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/hb_270443_6798.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.219.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Grizzly/2.4.4 /
Resource Hash
d9f358ac96364691546b524828ca74d623ca8256c41f9231bb00c4aaf59bdaee

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://perezhilton.com
date
Sat, 24 Apr 2021 20:21:35 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
content-length
80
content-type
application/json
hb
ice.360yield.com/ Frame 3B72 		0
0
cdb
bidder.criteo.com/ Frame 3B72 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.36.0-1&cb=84212868945
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/hb_270443_6798.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://perezhilton.com
date
Sat, 24 Apr 2021 20:21:35 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
bid
ap.lijit.com/rtb/ Frame 3B72 		94 B
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.36.0-1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/hb_270443_6798.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
be7e41cfec2ddce96746d4b81e823e7184a964ef5b0295f3d155c48d17d83661

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Apr 2021 20:21:36 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://perezhilton.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
99
/
ghb.adtelligent.com/v2/auction/ Frame 3B72 		360 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/hb_270443_6798.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
48661db8c04f212923d503b9cb4ecdedf0ece453b9206d5facd6fbc5b914e9e2

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Apr 2021 20:21:34 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://perezhilton.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
177
cygnus
htlb.casalemedia.com/ Frame 3B72 		25 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=356568&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2225e02fc5cafec23%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.36.0-1%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_6oLVLzgr%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22267b1c9d4fbd7b6%22%2C%22ext%22%3A%7B%22siteID%22%3A356568%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2227da35da820d9f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22494467%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2228519c45e16aa51%22%2C%22ext%22%3A%7B%22siteID%22%3A%22539236%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22297e8927ea41fa9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22556527%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2230bb6b9928fdd96%22%2C%22ext%22%3A%7B%22siteID%22%3A%22581365%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22267b1c9d4fbd7b6%22%2C%22ext%22%3A%7B%22siteID%22%3A356568%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22267b1c9d4fbd7b6%22%2C%22ext%22%3A%7B%22siteID%22%3A356568%2C%22sid%22%3A%22320x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/hb_270443_6798.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.215.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-215-69.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fecdc9b541566caa7ae7b0397b3b54523ac08ce1bfdafda57926cd14984de1a9

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:35 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[PL], RC:[], CN:[EU], CIP:[5.253.206.148], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://perezhilton.com
x-cs-client-geo
09
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
09
expires
Sat, 24 Apr 2021 20:21:35 GMT
imp
g2.gumgum.com/hbid/ Frame 3B72 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?si=19226&pi=3&bf=300x250&schain=1.0%2C1!adtelligent.com%2C270443%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.36.0-1%22%7D&ogu=null&ns=10240
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/hb_270443_6798.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b1e4ccbca2876960b707f88e9fe78436b2980d0ab4a01c6ebe4da8e76ba4a77

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:36 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://perezhilton.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
bidRequest
c2shb.ssp.yahoo.com/ Frame 3B72 		62 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694c0017474985ad89cda5ed603fd&pos=4850946&cmd=bid&secure=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/hb_270443_6798.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
c3712ae004816457e7d6911e6cb928fd2632e0408c5bf82578f1b2f1ceb6cff2

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Apr 2021 20:21:36 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://perezhilton.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ Frame 3B72 		62 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694c0017474985ad89cda5ed603fd&pos=5242527&cmd=bid&secure=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/hb_270443_6798.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
b203d3cde3b7107c0b05bb619b82822bbbe3158aeea1e72c44317ef13b496614

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Apr 2021 20:21:36 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://perezhilton.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ Frame 3B72 		62 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9694c0017474985ad89cda5ed603fd&pos=8a969435017777a74966b045e6a00410&cmd=bid&secure=1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/hb_270443_6798.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS/7.1.2.128 /
Resource Hash
34c8605683819845adc21a52e806c6de16dec57f50afc9a57837901e86ff472f

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Apr 2021 20:21:36 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://perezhilton.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame 3B72 		374 B
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&SafeFrame=true&CanonicalUrl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&PublisherDomain=https%3A%2F%2Fperezhilton.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/hb_270443_6798.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 Paris, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
768018e5440c8dfbac061f3a59ac4e8e30137985b9757bda62cd458f87ecd33d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:36 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://perezhilton.com
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
52
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
374
expires
0
translator
hbopenbid.pubmatic.com/ Frame 3B72 		19 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/hb_270443_6798.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
5ff41594a7f85c5cd9a43524680a4eb4a5cb8e28962dd205ddece3be27768376

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://perezhilton.com
date
Sat, 24 Apr 2021 20:21:35 GMT
cache-control
no-cache, no-store, must-revalidate
x-openrtb-version
2.3
access-control-allow-credentials
true
content-type
application/json
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3B72 		264 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=785062&size_id=15&alt_size_ids=16%2C159&rp_schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&eid_pubcid.org=ce396109-2470-4d8a-8c88-dfd45f7f2a8f%5E1&rf=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&tk_flint=pbjs_lite_v4.36.0-1&x_source.tid=d6095007-fa58-4e23-ac6c-058df1766a01&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7444507254141268
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/hb_270443_6798.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
bde77ff89f04ed908fa58ea8d1963fef7a323389869f51877ff183ad9c7f1da6

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:35 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
264
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3B72 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=322812&zone_id=1676640&size_id=15&alt_size_ids=16%2C159&rp_schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&eid_pubcid.org=ce396109-2470-4d8a-8c88-dfd45f7f2a8f%5E1&rf=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&tk_flint=pbjs_lite_v4.36.0-1&x_source.tid=d6095007-fa58-4e23-ac6c-058df1766a01&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8681308358097148
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/hb_270443_6798.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
8dd4cf02e2cb11af6c97a26cd3ccc488955bfc5e617ed958dd7d7e74205059f1

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:35 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
1555
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 3B72 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=1796788&size_id=15&alt_size_ids=16%2C159&rp_schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&eid_pubcid.org=ce396109-2470-4d8a-8c88-dfd45f7f2a8f%5E1&rf=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&tk_flint=pbjs_lite_v4.36.0-1&x_source.tid=d6095007-fa58-4e23-ac6c-058df1766a01&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.0780839265007569
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/hb_270443_6798.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
95841505fea82c17283f57dc52aa753016203a07dd00c8a70d2e5a180ac9eb71

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:35 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
1546
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 6B2E 		142 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: p.delivercdn.com
URL: https://p.delivercdn.com/prebidlink/18741/pbm_307825_6864.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
5db990c6f9733c09e505ec960bad88b09de375bb7b42f36317f9471323e43c5c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://p.delivercdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:34 GMT
X-Proxy-Origin
5.253.206.148; 5.253.206.148; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.233:80
AN-X-Request-Uuid
f323abad-104a-414d-abcf-8c8e152b78a2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://p.delivercdn.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
142
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ Frame 6B2E 		0
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.22&cb=52370058169
Requested by
Host: p.delivercdn.com
URL: https://p.delivercdn.com/prebidlink/18741/pbm_307825_6864.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.delivercdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://p.delivercdn.com
date
Sat, 24 Apr 2021 20:21:35 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
prebid-request
onetag-sys.com/ Frame 6B2E 		0
0
hb
ice.360yield.com/ Frame 6B2E 		0
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 6B2E 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: p.delivercdn.com
URL: https://p.delivercdn.com/prebidlink/18741/pbm_307825_6864.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.delivercdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://p.delivercdn.com
date
Sat, 24 Apr 2021 20:21:34 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=mNNhtnxwdFY1dTJCVWE1Z2hzS01oM3JIdm92NlZFNjFzTUxIazV0bkdZempmcG9KbGt1bVhuSWV5c28xMHFoa3NQMW9RcE5wVFJjOW9FNllubUpVRmxseVNYUllUeUdZN1k5SjhCekwyeklQRmJlbFo3WDhhUHlrREJ6dW1HUFF2bUIrTEw1MS81bWt1akNOa1VrNXFTZHkyNlVxRFlib0FqZEFDblJ5Mk01aCtlYkNzcEFQRzdWdTUySEgvWUw2MFE2eEFEbEgzVEM5SmxJYWovMVNua0ZLNThBRU8rVitmemhuQnFuSnJGdnJXS0E0PXw&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
958
date
Sat, 24 Apr 2021 20:21:34 GMT
content-encoding
gzip
vary
Accept-Encoding
SPug
simage4.pubmatic.com/AdServer/ Frame CAEE 		0
418 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156758&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:34 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
multitracking
hb.spotim.market/adunit/ Frame 3B72 		0
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/wrapper_hb_270443_6798.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://perezhilton.com
Date
Sat, 24 Apr 2021 20:21:35 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
mut
ghb.adtelligent.com/adunit/ Frame 6B2E 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/mut
Requested by
Host: p.delivercdn.com
URL: https://p.delivercdn.com/prebidlink/18741/pbm_307825_6864.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.delivercdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://p.delivercdn.com
Date
Sat, 24 Apr 2021 20:21:35 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
ixmatch.html
js-sec.indexww.com/um/ Frame 29BD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://perezhilton.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://perezhilton.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Sat, 24 Apr 2021 20:21:36 GMT
Content-Length
1151
Connection
keep-alive
v2_270443_6798.json
player.spotim.market/prebidlink/2698826/ Frame 3B72 		32 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/2698826/v2_270443_6798.json?cb=perezhilton.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/wrapper_hb_270443_6798.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
941b16e73f9111eb5dd7c989554605705538e685793977d5cbfeeb345819bd97

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:36 GMT
content-encoding
gzip
last-modified
Fri, 23 Apr 2021 14:19:26 GMT
server
nginx
etag
W/"6082d76e-81d3"
content-type
application/json
access-control-allow-origin
https://perezhilton.com
expires
Sat, 24 Apr 2021 21:21:36 GMT
cache-control
max-age=3600
x-proxy-cache
HIT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame A2CC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e6af39b00ab94a2ea6e6067365b0926e7b0f84ed2b328c480c2a6ec4c4b9c2c0

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YIR90GoS1NI1hoTESwKCFAAA; CMPS=1119
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|241|39|45|191|195|239|218
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1832
Expires
Sat, 24 Apr 2021 20:21:36 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:36 GMT
Connection
keep-alive
Set-Cookie
CMID=YIR90GoS1NI1hoTESwKCFAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Apr 2022 20:21:36 GMT CMPS=1119;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 23 Jul 2021 20:21:36 GMT CMPRO=1160;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 23 Jul 2021 20:21:36 GMT CMRUM3=da60847dd027600&bf60847dd005a0&2760847dd00b40&f160847dd005a0&e660847dd027600&c360847dd005a00&ef60847dd005a00&2d60847dd005a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Apr 2022 20:21:36 GMT CMST=YIR90GCEfdAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Apr 2021 20:21:36 GMT

Redirect headers

Server
Apache
Content-Length
367
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sat, 24 Apr 2021 20:21:36 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:36 GMT
Connection
keep-alive
Set-Cookie
CMID=YIR90GoS1NI1hoTESwKCFAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Apr 2022 20:21:36 GMT CMPS=1119;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 23 Jul 2021 20:21:36 GMT
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame F44C 		995 B
875 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: p.delivercdn.com
URL: https://p.delivercdn.com/prebidlink/18741/pbm_307825_6864.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://p.delivercdn.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=7962826482425836735; icu=ChgI4axaEAoYASABKAEwzvuRhAY4AUABSAEQzvuRhAYYAA..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://p.delivercdn.com/

Response headers

Server
nginx/1.13.10
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Sun, 24 Apr 2022 20:21:36 GMT
Date
Sat, 24 Apr 2021 20:21:36 GMT
Connection
keep-alive
usermatchredir
ssum-sec.casalemedia.com/ Frame A2CC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YIR90GoS1NI1hoTESwKCFAAABIgAAAAB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDF8px5n25nEc-D8q-zBi1Y&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDF8px5n25nEc-D8q-zBi1Y&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 24 Apr 2021 20:21:36 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEDF8px5n25nEc-D8q-zBi1Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame A2CC
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIR90GoS1NI1hoTESwKCFAAABIgAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIR90GoS1NI1hoTESwKCFAAABIgAAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIR90GoS1NI1hoTESwKCFAAABIgAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:37 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:36 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIR90GoS1NI1hoTESwKCFAAABIgAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame A2CC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YIR90GoS1NI1hoTESwKCFAAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.88.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-88-205.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame A2CC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YIR90GoS1NI1hoTESwKCFAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIRxqTH6mkNA-eUDRFidb14&google_cver=1
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIRxqTH6mkNA-eUDRFidb14&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Apr 2021 20:21:36 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEIRxqTH6mkNA-eUDRFidb14&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index
dmp.brand-display.com/cm/api/ Frame A2CC 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:37 GMT
via
1.1 google
last-modified
Sat, 24 Apr 2021 20:21:37 GMT
server
nginx/1.20.0
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Sat, 24 Apr 2021 20:21:38 GMT
crum
dsum-sec.casalemedia.com/ Frame A2CC
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-9e1343fc-62ee-4bb9-8592-d354b986fee1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-9e1343fc-62ee-4bb9-8592-d354b986fee1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Apr 2021 20:21:38 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-9e1343fc-62ee-4bb9-8592-d354b986fee1
date
Sat, 24 Apr 2021 20:21:38 GMT
server
Apache-Coyote/1.1
content-length
0
user-registering
ads.stickyadstv.com/ Frame A2CC
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=YIR90GoS1NI1hoTESwKCFAAA%261160
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=302c4a9f28511ef04cc256ae0c42fb5&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=g100_6954822056874330276
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=de95517e-4e1b-49ba-8eef-27359a05f9a3
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/302c4a9f28511ef04cc256ae0c42fb5&gdpr=0&gdpr_consent=?
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-qHNvsKRE2oOfMvADcUVtwfygJl.bnBIVP6fhUlkt~A
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=7962826482425836735
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=20a76084-7dd0-4100-a3ed-4da25942f8e3&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=tUJyBPrE1LAoMy5&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=817&userId=AAETRk7BCPwAACnK6UvnwA&gdpr=0
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YIR9zgAAby6y9wAC&gdpr=0
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=18&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=6154775849588494842
0
0
demconf.jpg
dpm.demdex.net/ Frame A2CC
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YIR90GoS1NI1hoTESwKCFAAA%261160
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YIR90GoS1NI1hoTESwKCFAAA%261160
42 B
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YIR90GoS1NI1hoTESwKCFAAA%261160
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.54.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-54-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v005-0c7d1f46b.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
vWe9egL+QRo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-1-v005-00920e99e.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
9LiAehSwTwc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YIR90GoS1NI1hoTESwKCFAAA%261160
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
htw-pixel.gif
js-sec.indexww.com/ht/ Frame A2CC 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YIR90GoS1NI1hoTESwKCFAAA%261160?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:36 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2586
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Apr 2021 21:04:42 GMT
async_usersync
secure.adnxs.com/ Frame F44C 		0
750 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:36 GMT
X-Proxy-Origin
5.253.206.148; 5.253.206.148; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.241:80
AN-X-Request-Uuid
27a8c0b4-e079-4235-a97a-cfccd2727528
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 3B72 		80 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/hb_270443_6798.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:36 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sun, 25 Apr 2021 20:21:36 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 3B72 		80 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:36 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:27 GMT
server
nginx
etag
W/"605322db-14013"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Sun, 25 Apr 2021 20:21:36 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame EF1E 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KADUSERCOOKIE=15A37826-A991-4168-A89E-1E36D7193DE7; chkChromeAb67Sec=1; DPSync3=1620432000%3A201_227_226_221; SyncRTB3=1619827200%3A223_2_15_67%7C1621814400%3A203%7C1620518400%3A35%7C1620432000%3A161_99_230_204_189_222_7_71_22_88_56_8_166_55_13_54_165_176_3_81_231_220_21%7C1620086400%3A63; KRTBCOOKIE_1101=23040-6954822044008904848; PUBMDCID=3; KRTBCOOKIE_22=14911-3930141244502956213; KRTBCOOKIE_377=6810-de95517e-4e1b-49ba-8eef-27359a05f9a3&KRTB&22918-de95517e-4e1b-49ba-8eef-27359a05f9a3&KRTB&23031-de95517e-4e1b-49ba-8eef-27359a05f9a3; KRTBCOOKIE_409=22966-Y9EkSGPhVbZw0GjeEow0Wsml; PugT=1619295695; KRTBCOOKIE_218=22978-YIR9zgAAby6y9wAC&KRTB&23194-YIR9zgAAby6y9wAC&KRTB&23209-YIR9zgAAby6y9wAC&KRTB&23244-YIR9zgAAby6y9wAC; KRTBCOOKIE_153=1923-PuCRtT-0yuUlsZG1POiEsWnhkbgl6Zm4MOX23k_8&KRTB&19420-PuCRtT-0yuUlsZG1POiEsWnhkbgl6Zm4MOX23k_8&KRTB&22979-PuCRtT-0yuUlsZG1POiEsWnhkbgl6Zm4MOX23k_8; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_57=22776-7962826482425836735; KRTBCOOKIE_80=16514-CAESEBNf17irN2OSnP32JKsQPes&KRTB&22987-CAESEBNf17irN2OSnP32JKsQPes&KRTB&23025-CAESEBNf17irN2OSnP32JKsQPes; SPugT=1619295694; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=46497
Expires
Sun, 25 Apr 2021 09:16:34 GMT
Date
Sat, 24 Apr 2021 20:21:37 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame EF1E 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=23821359&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:35 GMT
Content-Length
0
mut
ghb.adtelligent.com/adunit/ Frame 6B2E 		0
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/mut
Requested by
Host: p.delivercdn.com
URL: https://p.delivercdn.com/prebidlink/18741/pbm_307825_6864.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.delivercdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://p.delivercdn.com
Date
Sat, 24 Apr 2021 20:21:36 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
getuid
secure.adnxs.com/ Frame 2C9E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D42%26key%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
YIR90X-t-YufiQktn5vrKwAABIgAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2C9E 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YIR90X-t-YufiQktn5vrKwAABIgAAAAB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D42%26key%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:37 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2C9E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAETRk7BCPwAACnK6UvnwA&expiration=1620505297&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAETRk7BCPwAACnK6UvnwA&expiration=1620505297&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D42%26key%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Apr 2021 20:21:37 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAETRk7BCPwAACnK6UvnwA&expiration=1620505297&gdpr=1
Date
Sat, 24 Apr 2021 20:21:37 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
YIR90X-t-YufiQktn5vrKwAABIgAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2C9E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YIR90X-t-YufiQktn5vrKwAABIgAAAAB
  • https://pr-bh.ybp.yahoo.com/sync/casale/YIR90X-t-YufiQktn5vrKwAABIgAAAAB
43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YIR90X-t-YufiQktn5vrKwAABIgAAAAB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D42%26key%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:37 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Sat, 24 Apr 2021 20:21:37 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://pr-bh.ybp.yahoo.com/sync/casale/YIR90X-t-YufiQktn5vrKwAABIgAAAAB
Connection
keep-alive
Content-Length
0
ix
ad4m.at/ad/sim/ Frame 2C9E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D42%26key%3D&C=1
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 2C9E
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06262204001249a0f46a217b&expiration=[EXPIRATION]&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06262204001249a0f46a217b&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D42%26key%3D&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Apr 2021 20:21:37 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=06262204001249a0f46a217b&expiration=[EXPIRATION]&gdpr=1
Date
Sat, 24 Apr 2021 20:21:37 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
index
dmp.brand-display.com/cm/api/ Frame 2C9E 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D42%26key%3D&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:37 GMT
via
1.1 google
last-modified
Sat, 24 Apr 2021 20:21:37 GMT
server
nginx/1.20.0
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Sat, 24 Apr 2021 20:21:38 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 2C9E 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1619295693899-998406242191-020775-010-000380&biddername=42&key=YIR90X.t.YufiQktn5vrKwAA%261160
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D42%26key%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.164.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:37 GMT
content-length
0
cs&eq_cc=1
um2.eqads.com/um/ Frame 64ED
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1619295693899-998406242191-020775-010-000380%26biddername%3D42%26key%3D&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.204.142.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
600ec3d9d6ff2fc313df1113be2ef0de4fb3b8427210caf399952024f629d70d

Request headers

:method
GET
:authority
um2.eqads.com
:scheme
https
:path
/um/cs&eq_cc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ssum.casalemedia.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
EQUser=UID=8839d2a1-80e6-414f-8156-e510cfea95cb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ssum.casalemedia.com/

Response headers

date
Sat, 24 Apr 2021 20:21:38 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Sat, 24 Apr 2021 20:21:38 GMT
pragma
no-cache

Redirect headers

date
Sat, 24 Apr 2021 20:21:38 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
set-cookie
EQUser=UID=8839d2a1-80e6-414f-8156-e510cfea95cb; Path=/; Domain=eqads.com; Expires=Sat, 24 Jul 2021 20:21:38 GMT; Secure; SameSite=None
multitracking
hb.spotim.market/adunit/ Frame 3B72 		0
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/wrapper_hb_270443_6798.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://perezhilton.com
Date
Sat, 24 Apr 2021 20:21:37 GMT
Access-Control-Allow-Credentials
true
Server
VertaMedia 1.0
Connection
Keep-Alive
crum
dsum-sec.casalemedia.com/ Frame 64ED 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=8839d2a1-80e6-414f-8156-e510cfea95cb&expiration=1627158098
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Apr 2021 20:21:38 GMT
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?r=perezhilton.com&sn=&cd1=sp_6oLVLzgr&cd2=Desktop&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd6=true&ic=0&tgt=0&app=&wi=400&he=300&test=5&apppkg=&fv=3&proto=https
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 24 Apr 2021 20:21:38 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
692.json
id5-sync.com/g/v2/ Frame 3B72 		210 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/hb_270443_6798.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.21.30 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
119855bc3d46cf7748d685a36588d9bafaa044a0de58a4edde6af50cea1975b0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://perezhilton.com
Date
Sat, 24 Apr 2021 20:22:01 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ Frame 3B72 		108 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=1qnzqyj&fmt=json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/449804/hb_270443_6798.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.88.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-88-205.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a82da0be9681c637c1ebbbf88ab32217b8f3360442d86d04f014ad0b94cf214e

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 24 Apr 2021 20:21:39 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://perezhilton.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Mon, 24 May 2021 20:21:39 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=84726&t=1619295693&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295693899-998406242191-020775-010-000380&cha=0.7&cb=20688906628&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=bid&cb=1619295701029&asid=5f18176e0139a65a1e214114%2C5f18178167401046cd6afed4&ofpr=%2C&fpo=%2C
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 24A4 		328 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Mar 2021 03:29:54 GMT
ETag
"1616556594"
X-HW
1619295701.dop103.fr8.t,1619295701.cds015.fr8.shn,1619295701.cds015.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
113077
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 1C74 		328 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Mar 2021 03:29:54 GMT
ETag
"1616556594"
X-HW
1619295701.dop103.fr8.t,1619295701.cds015.fr8.shn,1619295701.cds015.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
113077
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 24A4 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1619295701112
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:41 GMT
Last-Modified
Wed, 24 Mar 2021 03:29:54 GMT
ETag
"1616556594"
X-HW
1619295701.dop023.fr8.t,1619295701.cds144.fr8.shn,1619295701.cds144.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
  • https://ad.turn.com/r/cs?pid=34&gdpr=1&gdpr_consent=null&gdpr=1&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=3930141244502956213
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=103&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D721%26userId%3D%7BuserId%7D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=721&userId=no-consent
  • https://sync.adotmob.com/cookie/stickyads?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=257&userId=06262204001249a0f46a217b&gdpr=0&gdprConsent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=2089911&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=aec58b1b-a53a-11eb-ba59-17e3a23ecc4a
  • https://7e1d5.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D993%26userId%3d%23%7buser.id%7d
  • https://ads.stickyadstv.com/user-registering?dataProviderId=993&userId=g100_6954822056874330276
  • https://1f2e7.v.fwmrm.net/ad/u?dsp_user_mapping=true&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D849&1501=06262204001249a0f46a217b&171=3930141244502956213&23329=tUJy...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=849
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&_cvt=t
  • https://ads.stickyadstv.com/user-registering?dataProviderId=609&userId=d6.aada98b43aa74d0a81dd3f9b009cb8f5
  • https://x.bidswitch.net/sync?ssp=stickyads&gdpr=0&gdpr_consent=
  • https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=stickyads
  • https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=stickyads
  • https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=8bbc1caa-9baf-4e6a-8017-f96106195627&ssp=stickyads
  • https://ads.stickyadstv.com/user-registering?dataProviderId=204&userId=b8512af5-b7bd-4f8e-b480-6fafde8685e2
0
0
/
ads.stickyadstv.com/additional-scripts/ Frame 24A4 		301 B
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=11955841&loc=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:41 GMT
Server
nginx
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1619295701219012-345
Expires
Sat, 24 Apr 2021 20:21:41 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 24A4 		67 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=11955841&_fw_gdpr=1&cbb=9295694019&_fw_gdpr_consent=&schain=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&vav=0d45d9faa287627c399779e2511584d9&vaviv=c5dad6feba553aae438255e679da492f&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.8.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&playerSize=400x300&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:41 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1619295701236014-352
Expires
Sat, 24 Apr 2021 20:21:41 GMT
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 1C74 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1619295701160
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:41 GMT
Last-Modified
Wed, 24 Mar 2021 03:29:54 GMT
ETag
"1616556594"
X-HW
1619295701.dop023.fr8.t,1619295701.cds144.fr8.shn,1619295701.cds144.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
25600
i.match
a.tribalfusion.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://ad.turn.com/r/cs?pid=34&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=3930141244502956213
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=5518897&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=aeb648e2-a53a-11eb-bd54-dda18c63c291
  • https://1f2e7.v.fwmrm.net/ad/u?dsp_user_mapping=true&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D849&1501=06262204001249a0f46a217b&171=3930141244502956213&23329=tUJy...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=849
  • https://7e1d5.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D993%26userId%3d%23%7buser.id%7d
  • https://ads.stickyadstv.com/user-registering?dataProviderId=993&userId=g100_6954822056874330276
  • https://1f2e7.v.fwmrm.net/ad/u?dsp_user_mapping=true&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D849&1501=06262204001249a0f46a217b&171=3930141244502956213&23329=tUJy...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=849
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&_cvt=t
  • https://ads.stickyadstv.com/user-registering?dataProviderId=609&userId=d6.51d8926b3aa24c8f8d2d21231fd07db7
  • https://x.bidswitch.net/sync?ssp=stickyads&gdpr=0&gdpr_consent=
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=stickyads
  • https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=stickyads
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=afcc440a-491a-480c-832f-ad9c1baa9e48&ssp=stickyads
  • https://ads.stickyadstv.com/user-registering?dataProviderId=204&userId=b8512af5-b7bd-4f8e-b480-6fafde8685e2
  • https://a.tribalfusion.com/i.match?p=b25&u=302c4a9f28511ef04cc256ae0c42fb5&gdpr=0&gdpr_consent=&redirect=https%3A//ads.stickyadstv.com/user-registering%3FdataProviderId%3D977%26userId%3D%24TF_USER_...
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b25&u=302c4a9f28511ef04cc256ae0c42fb5&gdpr=0&gdpr_consent=&redirect=https%3A//ads.stickyadstv.com/user-registering%3FdataProviderId%3D977%26userId%3D%24TF_USER_ID_ENC%24
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:44 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
64520a28ed1805cc-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
09a724ad92000005cc41a8a000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:44 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://a.tribalfusion.com/i.match?p=b25&u=302c4a9f28511ef04cc256ae0c42fb5&gdpr=0&gdpr_consent=&redirect=https%3A//ads.stickyadstv.com/user-registering%3FdataProviderId%3D977%26userId%3D%24TF_USER_ID_ENC%24
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1619295704324044-389
Expires
Sat, 24 Apr 2021 20:21:44 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 1C74 		301 B
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=11955841&loc=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:41 GMT
Server
nginx
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1619295701203054-389
Expires
Sat, 24 Apr 2021 20:21:41 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 1C74 		67 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=11955841&cbb=9295694022&schain=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&vav=f00ad7075aef3a1d8e866bf1dd794b94&vaviv=9e9d37496d1a2c5d8c8b4389570b9e8b&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.8.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&playerSize=400x300&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:41 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1619295701139094-429
Expires
Sat, 24 Apr 2021 20:21:41 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzAyYzRhOWYyODUxMWVmMDRjYzI1NmFlMGM0MmZiNQ==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzAyYzRhOWYyODUxMWVmMDRjYzI1NmFlMGM0MmZiNQ==&gdpr=0&gdpr_consent=
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:41 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzAyYzRhOWYyODUxMWVmMDRjYzI1NmFlMGM0MmZiNQ==&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1619295701268076-386
Expires
Sat, 24 Apr 2021 20:21:41 GMT
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=302c4a9f28511ef04cc256ae0c42fb5&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=302c4a9f28511ef04cc256ae0c42fb5&ex=freewheel.tv&gdpr=0&gdpr_consent=
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:41 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:41 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=302c4a9f28511ef04cc256ae0c42fb5&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1619295701408002-369
Expires
Sat, 24 Apr 2021 20:21:41 GMT
pixels
pix.spot.im/api/v1/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_6oLVLzgr
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.110.65 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-110-65.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
user-matching
ads.stickyadstv.com/ Frame 1C74 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzAyYzRhOWYyODUxMWVmMDRjYzI1NmFlMGM0MmZiNQ==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzAyYzRhOWYyODUxMWVmMDRjYzI1NmFlMGM0MmZiNQ==&gdpr=0&gdpr_consent=
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:41 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzAyYzRhOWYyODUxMWVmMDRjYzI1NmFlMGM0MmZiNQ==&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1619295701347061-355
Expires
Sat, 24 Apr 2021 20:21:41 GMT
user-matching
ads.stickyadstv.com/ Frame 1C74 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=302c4a9f28511ef04cc256ae0c42fb5&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=302c4a9f28511ef04cc256ae0c42fb5&ex=freewheel.tv&gdpr=0&gdpr_consent=
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:41 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:41 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=302c4a9f28511ef04cc256ae0c42fb5&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1619295701373088-371
Expires
Sat, 24 Apr 2021 20:21:41 GMT
11955841
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/11955841?_fw_gdpr=1&_fw_gdpr_consent=&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&cbb=9295701410
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
760d8bc5add660a53b93d7559e8f5a5814a855738c40ac19a66e93bdb85a80a5

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:41 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1206
x-sticky-vk
1619295701299096-413
Expires
Sat, 24 Apr 2021 20:21:41 GMT
11955841
ads.stickyadstv.com/vast/vpaid-adapter/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/11955841?&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&cbb=9295701410
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e0059e3064d1ed16b2ee630da2131245538958fd0bf4dcdf03febfd6aa976149

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:41 GMT
Server
nginx
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1148
x-sticky-vk
1619295701379055-400
Expires
Sat, 24 Apr 2021 20:21:41 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=628878&adId=2416044&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295701410
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:41 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=631525&adId=2449017&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295701410
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:41 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
306998
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/306998?VPI=MP4&content_page_url=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cb=9295701410&player_width=400&player_height=300&ip_addr=5.253.206.148&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:41 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000343
X-SpotX-Timing-SpotMarket
0.006385
X-SpotX-Timing-Page-Mux
0.001805
X-SpotX-Timing-Page-Require
0.000494
X-fe
066
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000036
Content-Length
77
X-SpotX-Timing-Page
0.013806
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000543
Last-Modified
Sat, 24 Apr 2021 20:21:41 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.006385
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://perezhilton.com
X-SpotX-Timing-Page-Misc
0.004185
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000014
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag
p4dt2-x71s7.ads.tremorhub.com/ad/ 		119 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p4dt2-x71s7.ads.tremorhub.com/ad/tag?adCode=p4dt2-z1bwz&playerWidth=400&playerHeight=300&gdpr=1&gdpr_consent=&srcPageUrl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&floor=USD:6.875&cbb=9295701411
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:d4f4:6ee9:b45e:a058 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
ae07da0b8bdaa74042237e5292bd98e9a7b4f6991843c1144757450b5573fd48

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:41 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
text/xml;charset=UTF-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=631526&adId=2449018&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295701411
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:41 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
294849
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/294849?VPI=MP4&content_page_url=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cb=9295701411&player_width=400&player_height=300&ip_addr=5.253.206.148&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:41 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000849
X-SpotX-Timing-SpotMarket
0.007476
X-SpotX-Timing-Page-Mux
0.001271
X-SpotX-Timing-Page-Require
0.000605
X-fe
015
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000029
Content-Length
77
X-SpotX-Timing-Page
0.014273
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000527
Last-Modified
Sat, 24 Apr 2021 20:21:41 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.007476
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://perezhilton.com
X-SpotX-Timing-Page-Misc
0.003500
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000015
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736552&adId=3041581&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295701411
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:41 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
292705
search.spotxchange.com/vast/2.00/ 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/2.00/292705?VPAID=JS&content_page_url=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&device[dnt]=[DO_NOT_TRACK]&device[os]=[DEVICEOS]&device[osv]=[DEVICEOSV]&ip_addr=5.253.206.148&device[ua]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&device[geo][lat]=52.15320&device[geo][lon]=20.99990&cb=9295701412&player_width=400&player_height=300&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:41 GMT
Content-Encoding
gzip
X-SpotX-Timing-Transform
0.000284
X-SpotX-Timing-SpotMarket
0.004837
X-SpotX-Timing-Page-Mux
0.000855
X-SpotX-Timing-Page-Require
0.000354
X-fe
088
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000003
Content-Length
77
X-SpotX-Timing-Page
0.008195
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000268
Last-Modified
Sat, 24 Apr 2021 20:21:41 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Vary
Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary
0.004837
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://perezhilton.com
X-SpotX-Timing-Page-Misc
0.001585
X-SpotX-Timing-Page-Exception
0.000000
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000009
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736549&adId=3041568&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295701412
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:41 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=726169&adId=2997080&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295701412
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:41 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295701412
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:41 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=726169&adId=2997080&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295701413
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:41 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736548&adId=3041576&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295701413
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:41 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736551&adId=3041580&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295701413
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:41 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
532 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=648081&adId=2550780&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295701414
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:41 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
s2s
s2s.aniview.com/api/adserver/ 		1 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=b1724564a47313a4b62675d22ca93740_172315966&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1619295693899-998406242191-020775-010-000380&AV_CDIM1=sp_6oLVLzgr&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&AV_CDIM4=7e9d72b5-de3f-4044-b3d6-15dc38522119&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=5&pce=1&npx=1&AV_DETDOMAIN=perezhilton.com&AV_DADPOS=3&v=6.1.1.243&avtoken=693515&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=9295701414&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:41 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 13 Apr 2021 06:35:01 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=84726&t=1619295693&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295693899-998406242191-020775-010-000380&cha=0.7&cb=20688906628&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1619295701413&asid=5f18176e0139a65a1e214114%2C5f18178167401046cd6afed4%2C5e85d2f0d23d91608a46c4ac%2C5e85d2f0d23d91608a46c4a8%2C5ff322342d4919083a16bde2%2C5f1827835fad3216f81efe59%2C5e85d2f0d23d91608a46c4a4%2C5f182bf818341f114d656736%2C5f0c270e47b76848fa6ef4d6%2C5ede146878b8e651e62d47ea%2C5f0c2689a6df1c579d429685%2C602a751b9fda7924a569e4cb%2C606ad3fbab545d54873de6d4%2C5f0c277120c3067939487264%2C5efd94c197164358fe79390e%2C5f0c26c95bc4ee1ba610d907&ofpr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C5.5%2C%2C%2C&fpo=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=84726&t=1619295693&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295693899-998406242191-020775-010-000380&cha=0.7&cb=20688906628&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1619295701414&asid=5f0c274d6641564e205ac355%2C5fb5756e6a973179765f33c3%2C5f4e3f85ad782d0f014069dc&ofpr=%2C4.98%2C&fpo=%2C%2C
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
288395
search.spotxchange.com/openrtb/2.3/dados/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/288395
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 24 Apr 2021 20:21:41 GMT
X-SpotX-Timing-Transform
0.000382
X-SpotX-Timing-SpotMarket
0.007395
X-SpotX-Timing-Page-Mux
0.001983
X-SpotX-Timing-Page-Require
0.001436
X-fe
011
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000042
X-SpotX-Timing-Page
0.015171
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000278
Last-Modified
Sat, 24 Apr 2021 20:21:41 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.007395
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://perezhilton.com
X-SpotX-Timing-Page-Misc
0.003640
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000014
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
cygnus
htlb.casalemedia.com/ 		24 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=504080&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2281e55888eb0e91%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A1%2C%22ren%22%3Afalse%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22sid%22%3A%22sp_6oLVLzgr%22%2C%22asi%22%3A%22spotim.market%22%2C%22hp%22%3A1%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%229e2e68be9d339f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22504080%22%2C%22sid%22%3A%22400x300%22%7D%2C%22bidfloor%22%3A5.5%2C%22bidfloorcur%22%3A%22USD%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A60%2C%22api%22%3A%5B2%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A400%2C%22h%22%3A300%2C%22placement%22%3A1%7D%7D%5D%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/avpb3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.215.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-215-69.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0980e79a78ec3f2b191634446343f73aa42cc64d9264d044e9b940a14795c1d8

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:41 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[PL], RC:[], CN:[EU], CIP:[5.253.206.148], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://perezhilton.com
x-cs-client-geo
09
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
09
expires
Sat, 24 Apr 2021 20:21:41 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=84726&t=1619295693&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295693899-998406242191-020775-010-000380&cha=0.7&cb=20688906628&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=bid&cb=1619295701798&asid=5f18176e0139a65a1e214114%2C5f18178167401046cd6afed4&ofpr=%2C&fpo=%2C
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 4240 		328 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Mar 2021 03:29:54 GMT
ETag
"1616556594"
X-HW
1619295701.dop103.fr8.t,1619295701.cds015.fr8.shn,1619295701.cds015.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
113077
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 71F0 		328 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 Mar 2021 03:29:54 GMT
ETag
"1616556594"
X-HW
1619295701.dop164.fr8.t,1619295701.cds161.fr8.shn,1619295701.cds161.fr8.c
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
113077
auto-user-sync
ads.stickyadstv.com/ Frame 4240 		0
0
i.match
a.tribalfusion.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=4360047&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=1&gd...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=aecb30ef-a53a-11eb-bd54-dda18c63c291
  • https://7e1d5.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D993%26userId%3d%23%7buser.id%7d
  • https://ads.stickyadstv.com/user-registering?dataProviderId=993&userId=g100_6954822056874330276
  • https://1f2e7.v.fwmrm.net/ad/u?dsp_user_mapping=true&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D849&1501=06262204001249a0f46a217b&171=3930141244502956213&23329=tUJy...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=849
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&_cvt=t
  • https://ads.stickyadstv.com/user-registering?dataProviderId=609&userId=d6.05787f263aa64a47966a6166e45204f9
  • https://x.bidswitch.net/sync?ssp=stickyads&gdpr=0&gdpr_consent=
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=stickyads
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=hhEC4Wb_QSxa-itDcKoxIwX9zpQ&user_group=1&ssp=stickyads&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=204&userId=b8512af5-b7bd-4f8e-b480-6fafde8685e2
  • https://a.tribalfusion.com/i.match?p=b25&u=302c4a9f28511ef04cc256ae0c42fb5&gdpr=0&gdpr_consent=&redirect=https%3A//ads.stickyadstv.com/user-registering%3FdataProviderId%3D977%26userId%3D%24TF_USER_...
43 B
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b25&u=302c4a9f28511ef04cc256ae0c42fb5&gdpr=0&gdpr_consent=&redirect=https%3A//ads.stickyadstv.com/user-registering%3FdataProviderId%3D977%26userId%3D%24TF_USER_ID_ENC%24
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:44 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
64520a2a582c05cc-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
09a724ae79000005cc479dd000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:44 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://a.tribalfusion.com/i.match?p=b25&u=302c4a9f28511ef04cc256ae0c42fb5&gdpr=0&gdpr_consent=&redirect=https%3A//ads.stickyadstv.com/user-registering%3FdataProviderId%3D977%26userId%3D%24TF_USER_ID_ENC%24
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1619295704664020-383
Expires
Sat, 24 Apr 2021 20:21:44 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 4240 		301 B
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=11955841&loc=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:41 GMT
Server
nginx
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1619295701796047-419
Expires
Sat, 24 Apr 2021 20:21:41 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 4240 		67 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=11955841&_fw_gdpr=1&cbb=9295701410&_fw_gdpr_consent=&schain=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&vav=25f12f150d14d4933332974eed45abf4&vaviv=f022ee90a570d43f5d8e96f962ea7ff8&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.8.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&playerSize=400x300&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:41 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1619295701779056-344
Expires
Sat, 24 Apr 2021 20:21:41 GMT
auto-user-sync
ads.stickyadstv.com/ Frame 71F0 		0
0
i.match
a.tribalfusion.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=stickyadstv&append=1&cb=2058008&redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D690%26userId%3D&gdpr=0&gd...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=690&userId=aed96149-a53a-11eb-bd89-6b8ad9c889b9
  • https://7e1d5.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D993%26userId%3d%23%7buser.id%7d
  • https://ads.stickyadstv.com/user-registering?dataProviderId=993&userId=g100_6954822056874330276
  • https://1f2e7.v.fwmrm.net/ad/u?dsp_user_mapping=true&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D849&1501=06262204001249a0f46a217b&171=3930141244502956213&23329=tUJy...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=849
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D609%26userId%3D%24%7Bssky_uuid%7D&_cvt=t
  • https://ads.stickyadstv.com/user-registering?dataProviderId=609&userId=d6.a58ecb933aae44d8bec76b489730cce7
  • https://x.bidswitch.net/sync?ssp=stickyads&gdpr=0&gdpr_consent=
  • https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=stickyads
  • https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=0&user_id=&ssp=stickyads
  • https://ads.stickyadstv.com/user-registering?dataProviderId=204&userId=b8512af5-b7bd-4f8e-b480-6fafde8685e2
  • https://a.tribalfusion.com/i.match?p=b25&u=302c4a9f28511ef04cc256ae0c42fb5&gdpr=0&gdpr_consent=&redirect=https%3A//ads.stickyadstv.com/user-registering%3FdataProviderId%3D977%26userId%3D%24TF_USER_...
43 B
852 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b25&u=302c4a9f28511ef04cc256ae0c42fb5&gdpr=0&gdpr_consent=&redirect=https%3A//ads.stickyadstv.com/user-registering%3FdataProviderId%3D977%26userId%3D%24TF_USER_ID_ENC%24
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:44 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
64520a28ed1c05cc-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
09a724ad92000005ccdb071000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:44 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://a.tribalfusion.com/i.match?p=b25&u=302c4a9f28511ef04cc256ae0c42fb5&gdpr=0&gdpr_consent=&redirect=https%3A//ads.stickyadstv.com/user-registering%3FdataProviderId%3D977%26userId%3D%24TF_USER_ID_ENC%24
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1619295704255086-376
Expires
Sat, 24 Apr 2021 20:21:44 GMT
/
ads.stickyadstv.com/additional-scripts/ Frame 71F0 		301 B
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/additional-scripts/?zoneId=11955841&loc=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27

Request headers

Accept
application/xml, text/xml
Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:41 GMT
Server
nginx
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
301
x-sticky-vk
1619295701885035-426
Expires
Sat, 24 Apr 2021 20:21:41 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 71F0 		67 B
715 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=11955841&cbb=9295701410&schain=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&vav=cb5eb70bcab4938098737a9068e47686&vaviv=d7eec3c532896964171cd5ab7ba6373c&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.11.8.1&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&playerSize=400x300&supportsFlash=false&supportsJavascript=true
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Accept
application/xml, text/xml
Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:42 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1619295701922015-370
Expires
Sat, 24 Apr 2021 20:21:42 GMT
user-matching
ads.stickyadstv.com/ Frame 4240 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzAyYzRhOWYyODUxMWVmMDRjYzI1NmFlMGM0MmZiNQ==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzAyYzRhOWYyODUxMWVmMDRjYzI1NmFlMGM0MmZiNQ==&gdpr=0&gdpr_consent=
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:42 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzAyYzRhOWYyODUxMWVmMDRjYzI1NmFlMGM0MmZiNQ==&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1619295701996013-355
Expires
Sat, 24 Apr 2021 20:21:42 GMT
user-matching
ads.stickyadstv.com/ Frame 4240 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=302c4a9f28511ef04cc256ae0c42fb5&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=302c4a9f28511ef04cc256ae0c42fb5&ex=freewheel.tv&gdpr=0&gdpr_consent=
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:42 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:42 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=302c4a9f28511ef04cc256ae0c42fb5&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1619295701914098-398
Expires
Sat, 24 Apr 2021 20:21:42 GMT
user-matching
ads.stickyadstv.com/ Frame 71F0 		0
0
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzAyYzRhOWYyODUxMWVmMDRjYzI1NmFlMGM0MmZiNQ==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzAyYzRhOWYyODUxMWVmMDRjYzI1NmFlMGM0MmZiNQ==&gdpr=0&gdpr_consent=
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:42 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MzAyYzRhOWYyODUxMWVmMDRjYzI1NmFlMGM0MmZiNQ==&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1619295702129009-352
Expires
Sat, 24 Apr 2021 20:21:42 GMT
user-matching
ads.stickyadstv.com/ Frame 71F0 		0
0
ecm3
s.amazon-adsystem.com/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
  • https://s.amazon-adsystem.com/ecm3?id=302c4a9f28511ef04cc256ae0c42fb5&ex=freewheel.tv&gdpr=0&gdpr_consent=
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=302c4a9f28511ef04cc256ae0c42fb5&ex=freewheel.tv&gdpr=0&gdpr_consent=
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:42 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:42 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=302c4a9f28511ef04cc256ae0c42fb5&ex=freewheel.tv&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1619295702177078-334
Expires
Sat, 24 Apr 2021 20:21:42 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295702161
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:42 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
s2s
s2s.aniview.com/api/adserver/ 		1 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=b1724564a47313a4b62675d22ca93740_172315966&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1619295693899-998406242191-020775-010-000380&AV_CDIM1=sp_6oLVLzgr&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&AV_CDIM4=7e9d72b5-de3f-4044-b3d6-15dc38522119&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=5&pce=1&npx=1&AV_DETDOMAIN=perezhilton.com&AV_DADPOS=3&v=6.1.1.243&avtoken=693515&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=9295702161&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:42 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 13 Apr 2021 06:35:02 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=84726&t=1619295693&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295693899-998406242191-020775-010-000380&cha=0.7&cb=20688906628&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1619295702161&asid=5f0c277120c3067939487264&ofpr=&fpo=
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295702390
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:42 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
s2s
s2s.aniview.com/api/adserver/ 		1 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=b1724564a47313a4b62675d22ca93740_172315966&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1619295693899-998406242191-020775-010-000380&AV_CDIM1=sp_6oLVLzgr&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&AV_CDIM4=7e9d72b5-de3f-4044-b3d6-15dc38522119&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=5&pce=1&npx=1&AV_DETDOMAIN=perezhilton.com&AV_DADPOS=3&v=6.1.1.243&avtoken=693515&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=9295702391&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:42 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 13 Apr 2021 06:35:02 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=84726&t=1619295693&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295693899-998406242191-020775-010-000380&cha=0.7&cb=20688906628&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1619295702391&asid=5f0c277120c3067939487264&ofpr=&fpo=
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=84726&t=1619295693&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295693899-998406242191-020775-010-000380&cha=0.7&cb=20688906628&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 24 Apr 2021 20:21:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295702712
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:42 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
s2s
s2s.aniview.com/api/adserver/ 		1 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=b1724564a47313a4b62675d22ca93740_172315966&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1619295693899-998406242191-020775-010-000380&AV_CDIM1=sp_6oLVLzgr&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&AV_CDIM4=7e9d72b5-de3f-4044-b3d6-15dc38522119&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=5&pce=1&npx=1&AV_DETDOMAIN=perezhilton.com&AV_DADPOS=3&v=6.1.1.243&avtoken=693515&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=9295702712&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:42 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 13 Apr 2021 06:35:02 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=84726&t=1619295693&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295693899-998406242191-020775-010-000380&cha=0.7&cb=20688906628&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1619295702712&asid=5f0c277120c3067939487264&ofpr=&fpo=
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295703067
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:43 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
s2s
s2s.aniview.com/api/adserver/ 		1 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=b1724564a47313a4b62675d22ca93740_172315966&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1619295693899-998406242191-020775-010-000380&AV_CDIM1=sp_6oLVLzgr&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&AV_CDIM4=7e9d72b5-de3f-4044-b3d6-15dc38522119&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=5&pce=1&npx=1&AV_DETDOMAIN=perezhilton.com&AV_DADPOS=3&v=6.1.1.243&avtoken=693515&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=9295703068&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:43 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 13 Apr 2021 06:35:03 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=84726&t=1619295693&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295693899-998406242191-020775-010-000380&cha=0.7&cb=20688906628&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1619295703069&asid=5f0c277120c3067939487264&ofpr=&fpo=
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
metrics
connect-metrics-collector.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/44c4576f-3ff8-44c4-94c2-d2c025cdc319/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 24 Apr 2021 20:21:44 GMT
content-length
0
vary
Origin
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295703405
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:43 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
s2s
s2s.aniview.com/api/adserver/ 		1 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=b1724564a47313a4b62675d22ca93740_172315966&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1619295693899-998406242191-020775-010-000380&AV_CDIM1=sp_6oLVLzgr&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&AV_CDIM4=7e9d72b5-de3f-4044-b3d6-15dc38522119&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=5&pce=1&npx=1&AV_DETDOMAIN=perezhilton.com&AV_DADPOS=3&v=6.1.1.243&avtoken=693515&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=9295703406&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:43 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 13 Apr 2021 06:35:03 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=84726&t=1619295693&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295693899-998406242191-020775-010-000380&cha=0.7&cb=20688906628&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1619295703406&asid=5f0c277120c3067939487264&ofpr=&fpo=
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295703574
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:43 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
s2s
s2s.aniview.com/api/adserver/ 		1 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=b1724564a47313a4b62675d22ca93740_172315966&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1619295693899-998406242191-020775-010-000380&AV_CDIM1=sp_6oLVLzgr&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&AV_CDIM4=7e9d72b5-de3f-4044-b3d6-15dc38522119&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=5&pce=1&npx=1&AV_DETDOMAIN=perezhilton.com&AV_DADPOS=3&v=6.1.1.243&avtoken=693515&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=9295703575&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:43 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 13 Apr 2021 06:35:03 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=84726&t=1619295693&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295693899-998406242191-020775-010-000380&cha=0.7&cb=20688906628&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1619295703575&asid=5f0c277120c3067939487264&ofpr=&fpo=
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:43 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
metrics
signal-metrics-collector-beta.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 24 Apr 2021 20:21:43 GMT
content-length
0
vary
Origin
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295703950
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:44 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
s2s
s2s.aniview.com/api/adserver/ 		1 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=b1724564a47313a4b62675d22ca93740_172315966&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1619295693899-998406242191-020775-010-000380&AV_CDIM1=sp_6oLVLzgr&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&AV_CDIM4=7e9d72b5-de3f-4044-b3d6-15dc38522119&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=5&pce=1&npx=1&AV_DETDOMAIN=perezhilton.com&AV_DADPOS=3&v=6.1.1.243&avtoken=693515&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=9295703950&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:44 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 13 Apr 2021 06:35:04 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=84726&t=1619295693&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295693899-998406242191-020775-010-000380&cha=0.7&cb=20688906628&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1619295703951&asid=5f0c277120c3067939487264&ofpr=&fpo=
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295704175
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:44 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
s2s
s2s.aniview.com/api/adserver/ 		1 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=b1724564a47313a4b62675d22ca93740_172315966&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1619295693899-998406242191-020775-010-000380&AV_CDIM1=sp_6oLVLzgr&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&AV_CDIM4=7e9d72b5-de3f-4044-b3d6-15dc38522119&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=5&pce=1&npx=1&AV_DETDOMAIN=perezhilton.com&AV_DADPOS=3&v=6.1.1.243&avtoken=693515&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=9295704175&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:44 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 13 Apr 2021 06:35:04 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=84726&t=1619295693&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295693899-998406242191-020775-010-000380&cha=0.7&cb=20688906628&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1619295704175&asid=5f0c277120c3067939487264&ofpr=&fpo=
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295704449
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:44 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
s2s
s2s.aniview.com/api/adserver/ 		1 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=b1724564a47313a4b62675d22ca93740_172315966&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1619295693899-998406242191-020775-010-000380&AV_CDIM1=sp_6oLVLzgr&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&AV_CDIM4=7e9d72b5-de3f-4044-b3d6-15dc38522119&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=5&pce=1&npx=1&AV_DETDOMAIN=perezhilton.com&AV_DADPOS=3&v=6.1.1.243&avtoken=693515&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=9295704449&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:44 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 13 Apr 2021 06:35:04 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=84726&t=1619295693&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295693899-998406242191-020775-010-000380&cha=0.7&cb=20688906628&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1619295704449&asid=5f0c277120c3067939487264&ofpr=&fpo=
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295704757
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:44 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
s2s
s2s.aniview.com/api/adserver/ 		1 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=b1724564a47313a4b62675d22ca93740_172315966&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1619295693899-998406242191-020775-010-000380&AV_CDIM1=sp_6oLVLzgr&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&AV_CDIM4=7e9d72b5-de3f-4044-b3d6-15dc38522119&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=5&pce=1&npx=1&AV_DETDOMAIN=perezhilton.com&AV_DADPOS=3&v=6.1.1.243&avtoken=693515&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=9295704758&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:44 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 13 Apr 2021 06:35:04 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=84726&t=1619295693&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295693899-998406242191-020775-010-000380&cha=0.7&cb=20688906628&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1619295704758&asid=5f0c277120c3067939487264&ofpr=&fpo=
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:44 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
syncframe
gum.criteo.com/ Frame EAD0 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=perezhilton.com&gdpr=1&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=perezhilton.com&gdpr=1&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://perezhilton.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://perezhilton.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1757
date
Sat, 24 Apr 2021 20:21:44 GMT
content-length
0
cuteness.png
perezhilton.com/wp-content/uploads/2020/07/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2020/07/cuteness.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6308ef86450f6023333cc8e1fe264879259bd4466cb1ec473d99f8f91daf4ff6

Request headers

:path
/wp-content/uploads/2020/07/cuteness.png
pragma
no-cache
cookie
ntv_ce_visitor=e365b1d3-288b-4872-9dbe-47f9020bab9b; spotim_visitId={%22visitId%22:%22f3b63069-5cb4-42b8-bdcd-a7863d41cf6a%22%2C%22creationDate%22:%222021-04-24T20:21:33.360Z%22%2C%22duration%22:0}; __cfduid=dc89e2eaadd470747276b756776b75c5d1619295693; _lr_retry_request=true; _lr_env_src_ats=false; _pbjs_userid_consent_data=3524755945110770; _pubcid=ce396109-2470-4d8a-8c88-dfd45f7f2a8f; cto_bidid=R5NmCV9KclRva0dxWSUyRlRDVHZXZ2RNbVlVem5IM2NPOTE3eDdxRWZVMUVzaHpJbCUyQmdORDFWd1hXVnQlMkJ5bXA0dVNIcjBZT1QxNyUyRjFOaDBIbyUyQk9FTkdMdlJyTlElM0QlM0Q; cto_bundle=c2g-e19GbGQ4MEJEOTBrTGg2YSUyRnZ2azk0JTJGN1plQW5sWiUyRnJaU1c4a05uJTJCd2VqSVhNbjlDM29zWVhLdXdtdk5zRFZ4NUlJJTJGd0Z0blIyeWdPbXFKNjVncWtlV2xyWFZVVGt1WHFKVExQUHBpWWNOdjVCZTlQb1N6YmhscEFTRGpXNVd6WjY; pbjs-unifiedid=%7B%22TDID%22%3A%22de95517e-4e1b-49ba-8eef-27359a05f9a3%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-03-24T20%3A21%3A39%22%7D; freewheel-detected-bandwidth=556
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:45 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
138217
cf-polished
origFmt=png, origSize=4817
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:45 PM
content-disposition
inline; filename="cuteness.webp"
cf-bgj
imgq:100,h2pri
content-length
3506
cf-request-id
09a724afa900005470a4364000000001
x-ntv-te
7 c:0 a:0
last-modified
Tue, 21 Jul 2020 22:56:27 GMT
server
cloudflare
etag
"5f17729b-12d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Vhfjo2LKTaxnrQaRv%2BqZe9F17rzC%2BQjd9e4rXRCk3qBLro1sQmbeFwiOm9sVbvVxHM96oa9wdeIQeFa6yonFlj2Ise5qph4SS9HXWB0YoFo%3D"}]}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
64520a2c3f395470-LHR
expires
Sat, 01 May 2021 05:58:08 GMT
drake.png
perezhilton.com/wp-content/uploads/2020/07/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2020/07/drake.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
079a9889dab480cf942f1a7774b3de2821f382ed22eedf4104c9e1ea789df7d6

Request headers

:path
/wp-content/uploads/2020/07/drake.png
pragma
no-cache
cookie
ntv_ce_visitor=e365b1d3-288b-4872-9dbe-47f9020bab9b; spotim_visitId={%22visitId%22:%22f3b63069-5cb4-42b8-bdcd-a7863d41cf6a%22%2C%22creationDate%22:%222021-04-24T20:21:33.360Z%22%2C%22duration%22:0}; __cfduid=dc89e2eaadd470747276b756776b75c5d1619295693; _lr_retry_request=true; _lr_env_src_ats=false; _pbjs_userid_consent_data=3524755945110770; _pubcid=ce396109-2470-4d8a-8c88-dfd45f7f2a8f; cto_bidid=R5NmCV9KclRva0dxWSUyRlRDVHZXZ2RNbVlVem5IM2NPOTE3eDdxRWZVMUVzaHpJbCUyQmdORDFWd1hXVnQlMkJ5bXA0dVNIcjBZT1QxNyUyRjFOaDBIbyUyQk9FTkdMdlJyTlElM0QlM0Q; cto_bundle=c2g-e19GbGQ4MEJEOTBrTGg2YSUyRnZ2azk0JTJGN1plQW5sWiUyRnJaU1c4a05uJTJCd2VqSVhNbjlDM29zWVhLdXdtdk5zRFZ4NUlJJTJGd0Z0blIyeWdPbXFKNjVncWtlV2xyWFZVVGt1WHFKVExQUHBpWWNOdjVCZTlQb1N6YmhscEFTRGpXNVd6WjY; pbjs-unifiedid=%7B%22TDID%22%3A%22de95517e-4e1b-49ba-8eef-27359a05f9a3%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-03-24T20%3A21%3A39%22%7D; freewheel-detected-bandwidth=556
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:45 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
138134
cf-polished
origFmt=png, origSize=6176
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:45 PM
content-disposition
inline; filename="drake.webp"
cf-bgj
imgq:100,h2pri
content-length
4636
cf-request-id
09a724afa800005470e907e000000001
x-ntv-te
10 c:0 a:0
last-modified
Tue, 21 Jul 2020 22:57:13 GMT
server
cloudflare
etag
"5f1772c9-1820"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VVHZnk8spdqK7vYlJAO%2Fjhd9Xw1dGdgi4W6%2BtEPJ%2BKBujfRugbLpRPVwv7Ugicg0FMrtC8aOH5cAIs79uPdgGN500FAYXP4Ga1dC5LXTRb8%3D"}]}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
64520a2c4f3c5470-LHR
expires
Sat, 01 May 2021 05:59:31 GMT
kanye.png
perezhilton.com/wp-content/uploads/2020/07/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2020/07/kanye.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe9f2173c29efe3f59ded59efbb075fd5c90d0b7c28bdfb0cfd4654c4e675259

Request headers

:path
/wp-content/uploads/2020/07/kanye.png
pragma
no-cache
cookie
ntv_ce_visitor=e365b1d3-288b-4872-9dbe-47f9020bab9b; spotim_visitId={%22visitId%22:%22f3b63069-5cb4-42b8-bdcd-a7863d41cf6a%22%2C%22creationDate%22:%222021-04-24T20:21:33.360Z%22%2C%22duration%22:0}; __cfduid=dc89e2eaadd470747276b756776b75c5d1619295693; _lr_retry_request=true; _lr_env_src_ats=false; _pbjs_userid_consent_data=3524755945110770; _pubcid=ce396109-2470-4d8a-8c88-dfd45f7f2a8f; cto_bidid=R5NmCV9KclRva0dxWSUyRlRDVHZXZ2RNbVlVem5IM2NPOTE3eDdxRWZVMUVzaHpJbCUyQmdORDFWd1hXVnQlMkJ5bXA0dVNIcjBZT1QxNyUyRjFOaDBIbyUyQk9FTkdMdlJyTlElM0QlM0Q; cto_bundle=c2g-e19GbGQ4MEJEOTBrTGg2YSUyRnZ2azk0JTJGN1plQW5sWiUyRnJaU1c4a05uJTJCd2VqSVhNbjlDM29zWVhLdXdtdk5zRFZ4NUlJJTJGd0Z0blIyeWdPbXFKNjVncWtlV2xyWFZVVGt1WHFKVExQUHBpWWNOdjVCZTlQb1N6YmhscEFTRGpXNVd6WjY; pbjs-unifiedid=%7B%22TDID%22%3A%22de95517e-4e1b-49ba-8eef-27359a05f9a3%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-03-24T20%3A21%3A39%22%7D; freewheel-detected-bandwidth=556
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:45 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
162347
cf-polished
origFmt=png, origSize=5869
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:45 PM
content-disposition
inline; filename="kanye.webp"
cf-bgj
imgq:100,h2pri
content-length
4236
cf-request-id
09a724afa900005470a903e000000001
x-ntv-te
17 c:0 a:0
last-modified
Tue, 21 Jul 2020 22:57:59 GMT
server
cloudflare
etag
"5f1772f7-16ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AuA3Bo4DRHOvEYfbezsB5zVyZMWipxAj3i5rYvVO2lc7ZubvEMa5i0oecgr%2FQC3nuVtnCPJEVMcFEJNaGDvoCmjEiIY2BDBjz206wPjXD%2F8%3D"}]}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
64520a2c4f3e5470-LHR
expires
Fri, 30 Apr 2021 23:15:58 GMT
kendall.png
perezhilton.com/wp-content/uploads/2020/07/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2020/07/kendall.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fba184ac4eea09117d0ba4f05d56761aec891c09c54c8cf0068206179cc286ce

Request headers

:path
/wp-content/uploads/2020/07/kendall.png
pragma
no-cache
cookie
ntv_ce_visitor=e365b1d3-288b-4872-9dbe-47f9020bab9b; spotim_visitId={%22visitId%22:%22f3b63069-5cb4-42b8-bdcd-a7863d41cf6a%22%2C%22creationDate%22:%222021-04-24T20:21:33.360Z%22%2C%22duration%22:0}; __cfduid=dc89e2eaadd470747276b756776b75c5d1619295693; _lr_retry_request=true; _lr_env_src_ats=false; _pbjs_userid_consent_data=3524755945110770; _pubcid=ce396109-2470-4d8a-8c88-dfd45f7f2a8f; cto_bidid=R5NmCV9KclRva0dxWSUyRlRDVHZXZ2RNbVlVem5IM2NPOTE3eDdxRWZVMUVzaHpJbCUyQmdORDFWd1hXVnQlMkJ5bXA0dVNIcjBZT1QxNyUyRjFOaDBIbyUyQk9FTkdMdlJyTlElM0QlM0Q; cto_bundle=c2g-e19GbGQ4MEJEOTBrTGg2YSUyRnZ2azk0JTJGN1plQW5sWiUyRnJaU1c4a05uJTJCd2VqSVhNbjlDM29zWVhLdXdtdk5zRFZ4NUlJJTJGd0Z0blIyeWdPbXFKNjVncWtlV2xyWFZVVGt1WHFKVExQUHBpWWNOdjVCZTlQb1N6YmhscEFTRGpXNVd6WjY; pbjs-unifiedid=%7B%22TDID%22%3A%22de95517e-4e1b-49ba-8eef-27359a05f9a3%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-03-24T20%3A21%3A39%22%7D; freewheel-detected-bandwidth=556
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:45 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
158806
cf-polished
origFmt=png, origSize=6066
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:45 PM
content-disposition
inline; filename="kendall.webp"
cf-bgj
imgq:100,h2pri
content-length
4300
cf-request-id
09a724afa90000547094869000000001
x-ntv-te
9 c:0 a:0
last-modified
Tue, 21 Jul 2020 22:58:30 GMT
server
cloudflare
etag
"5f177316-17b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F4GYAOL6hvklC7sLbiGsOvcXn%2B5gFMxX7jJ1MOdbr9KgbWgWNutDREtp6LFUHHXGGOPuqFltkYPMU2S9EyJgKgH%2BooVwTpgn3RPci65KlfU%3D"}]}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
64520a2c4f3f5470-LHR
expires
Sat, 01 May 2021 00:14:59 GMT
kylie.png
perezhilton.com/wp-content/uploads/2020/07/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2020/07/kylie.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6556a0c9c3ac0c11bbb8bef5111de00541e663bb265aa1e35efb3d9a64d5f8c

Request headers

:path
/wp-content/uploads/2020/07/kylie.png
pragma
no-cache
cookie
ntv_ce_visitor=e365b1d3-288b-4872-9dbe-47f9020bab9b; spotim_visitId={%22visitId%22:%22f3b63069-5cb4-42b8-bdcd-a7863d41cf6a%22%2C%22creationDate%22:%222021-04-24T20:21:33.360Z%22%2C%22duration%22:0}; __cfduid=dc89e2eaadd470747276b756776b75c5d1619295693; _lr_retry_request=true; _lr_env_src_ats=false; _pbjs_userid_consent_data=3524755945110770; _pubcid=ce396109-2470-4d8a-8c88-dfd45f7f2a8f; cto_bidid=R5NmCV9KclRva0dxWSUyRlRDVHZXZ2RNbVlVem5IM2NPOTE3eDdxRWZVMUVzaHpJbCUyQmdORDFWd1hXVnQlMkJ5bXA0dVNIcjBZT1QxNyUyRjFOaDBIbyUyQk9FTkdMdlJyTlElM0QlM0Q; cto_bundle=c2g-e19GbGQ4MEJEOTBrTGg2YSUyRnZ2azk0JTJGN1plQW5sWiUyRnJaU1c4a05uJTJCd2VqSVhNbjlDM29zWVhLdXdtdk5zRFZ4NUlJJTJGd0Z0blIyeWdPbXFKNjVncWtlV2xyWFZVVGt1WHFKVExQUHBpWWNOdjVCZTlQb1N6YmhscEFTRGpXNVd6WjY; pbjs-unifiedid=%7B%22TDID%22%3A%22de95517e-4e1b-49ba-8eef-27359a05f9a3%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-03-24T20%3A21%3A39%22%7D; freewheel-detected-bandwidth=556
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:45 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
158806
cf-polished
origFmt=png, origSize=4830
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:45 PM
content-disposition
inline; filename="kylie.webp"
cf-bgj
imgq:100,h2pri
content-length
3216
cf-request-id
09a724afa900005470bf1a5000000001
x-ntv-te
11 c:0 a:0
last-modified
Tue, 21 Jul 2020 22:59:43 GMT
server
cloudflare
etag
"5f17735f-12de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gHn7rhrGs3vI0LkV5Ej1Y7C2fzSaYyhTYGq%2BW7CEbi57pnAWAt17XCy7lqakXgLhOGcXwUGYjuiSsU2dUNrc5ka%2BTxztmesgOWj4GFR2%2FKY%3D"}]}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
64520a2c4f415470-LHR
expires
Sat, 01 May 2021 00:14:59 GMT
redCarpet.png
perezhilton.com/wp-content/uploads/2020/07/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2020/07/redCarpet.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f494fe4148f543b50fe7487c998b3853c5faf927bb67006d915d356a3ec154f

Request headers

:path
/wp-content/uploads/2020/07/redCarpet.png
pragma
no-cache
cookie
ntv_ce_visitor=e365b1d3-288b-4872-9dbe-47f9020bab9b; spotim_visitId={%22visitId%22:%22f3b63069-5cb4-42b8-bdcd-a7863d41cf6a%22%2C%22creationDate%22:%222021-04-24T20:21:33.360Z%22%2C%22duration%22:0}; __cfduid=dc89e2eaadd470747276b756776b75c5d1619295693; _lr_retry_request=true; _lr_env_src_ats=false; _pbjs_userid_consent_data=3524755945110770; _pubcid=ce396109-2470-4d8a-8c88-dfd45f7f2a8f; cto_bidid=R5NmCV9KclRva0dxWSUyRlRDVHZXZ2RNbVlVem5IM2NPOTE3eDdxRWZVMUVzaHpJbCUyQmdORDFWd1hXVnQlMkJ5bXA0dVNIcjBZT1QxNyUyRjFOaDBIbyUyQk9FTkdMdlJyTlElM0QlM0Q; cto_bundle=c2g-e19GbGQ4MEJEOTBrTGg2YSUyRnZ2azk0JTJGN1plQW5sWiUyRnJaU1c4a05uJTJCd2VqSVhNbjlDM29zWVhLdXdtdk5zRFZ4NUlJJTJGd0Z0blIyeWdPbXFKNjVncWtlV2xyWFZVVGt1WHFKVExQUHBpWWNOdjVCZTlQb1N6YmhscEFTRGpXNVd6WjY; pbjs-unifiedid=%7B%22TDID%22%3A%22de95517e-4e1b-49ba-8eef-27359a05f9a3%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-03-24T20%3A21%3A39%22%7D; freewheel-detected-bandwidth=556
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:45 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
138097
cf-polished
origFmt=png, origSize=6435
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:45 PM
content-disposition
inline; filename="redCarpet.webp"
cf-bgj
imgq:100,h2pri
content-length
4860
cf-request-id
09a724afa90000547099b74000000001
x-ntv-te
36 c:0 a:0
last-modified
Tue, 21 Jul 2020 23:00:34 GMT
server
cloudflare
etag
"5f177392-1923"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B3orNS1sx%2FrxUiIbZgbpvITyKJXGqM5iCKhBkbc7fJv8p1%2B4US8tiLCY9aQZobDCuBMP6bH9fbWS0XTU8xx%2FhFy6gwhgszSqrJhkOJDNUmw%3D"}]}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
64520a2c4f425470-LHR
expires
Sat, 01 May 2021 06:00:08 GMT
selena.png
perezhilton.com/wp-content/uploads/2020/07/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2020/07/selena.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ed26ab620d322c4e357074c873c9ea466ca08291e3cff1d2a41669a5c6ac852

Request headers

:path
/wp-content/uploads/2020/07/selena.png
pragma
no-cache
cookie
ntv_ce_visitor=e365b1d3-288b-4872-9dbe-47f9020bab9b; spotim_visitId={%22visitId%22:%22f3b63069-5cb4-42b8-bdcd-a7863d41cf6a%22%2C%22creationDate%22:%222021-04-24T20:21:33.360Z%22%2C%22duration%22:0}; __cfduid=dc89e2eaadd470747276b756776b75c5d1619295693; _lr_retry_request=true; _lr_env_src_ats=false; _pbjs_userid_consent_data=3524755945110770; _pubcid=ce396109-2470-4d8a-8c88-dfd45f7f2a8f; cto_bidid=R5NmCV9KclRva0dxWSUyRlRDVHZXZ2RNbVlVem5IM2NPOTE3eDdxRWZVMUVzaHpJbCUyQmdORDFWd1hXVnQlMkJ5bXA0dVNIcjBZT1QxNyUyRjFOaDBIbyUyQk9FTkdMdlJyTlElM0QlM0Q; cto_bundle=c2g-e19GbGQ4MEJEOTBrTGg2YSUyRnZ2azk0JTJGN1plQW5sWiUyRnJaU1c4a05uJTJCd2VqSVhNbjlDM29zWVhLdXdtdk5zRFZ4NUlJJTJGd0Z0blIyeWdPbXFKNjVncWtlV2xyWFZVVGt1WHFKVExQUHBpWWNOdjVCZTlQb1N6YmhscEFTRGpXNVd6WjY; pbjs-unifiedid=%7B%22TDID%22%3A%22de95517e-4e1b-49ba-8eef-27359a05f9a3%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-03-24T20%3A21%3A39%22%7D; freewheel-detected-bandwidth=556
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:45 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
158262
cf-polished
origFmt=png, origSize=6193
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:45 PM
content-disposition
inline; filename="selena.webp"
cf-bgj
imgq:100,h2pri
content-length
4562
cf-request-id
09a724affd00005470fc3d2000000001
x-ntv-te
11 c:0 a:0
last-modified
Tue, 21 Jul 2020 23:01:22 GMT
server
cloudflare
etag
"5f1773c2-1831"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lb8HWXlW73i88AkuKqMRYi8Dvy4KnWTj8F9HNDihAwRxxu%2B%2B4CCKp8P9r25qCec6mQSQTVdIRX8vOX9FC5kSyiYVwT%2FFlKJbEiXcnhl7bZE%3D"}]}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
64520a2cc8435470-LHR
expires
Sat, 01 May 2021 00:24:03 GMT
taylor.png
perezhilton.com/wp-content/uploads/2020/07/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2020/07/taylor.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bc5db545d1fb06cd87ec80cfc4c980defb107c53c86d5e552ae47b6385d6135

Request headers

:path
/wp-content/uploads/2020/07/taylor.png
pragma
no-cache
cookie
ntv_ce_visitor=e365b1d3-288b-4872-9dbe-47f9020bab9b; spotim_visitId={%22visitId%22:%22f3b63069-5cb4-42b8-bdcd-a7863d41cf6a%22%2C%22creationDate%22:%222021-04-24T20:21:33.360Z%22%2C%22duration%22:0}; __cfduid=dc89e2eaadd470747276b756776b75c5d1619295693; _lr_retry_request=true; _lr_env_src_ats=false; _pbjs_userid_consent_data=3524755945110770; _pubcid=ce396109-2470-4d8a-8c88-dfd45f7f2a8f; cto_bidid=R5NmCV9KclRva0dxWSUyRlRDVHZXZ2RNbVlVem5IM2NPOTE3eDdxRWZVMUVzaHpJbCUyQmdORDFWd1hXVnQlMkJ5bXA0dVNIcjBZT1QxNyUyRjFOaDBIbyUyQk9FTkdMdlJyTlElM0QlM0Q; cto_bundle=c2g-e19GbGQ4MEJEOTBrTGg2YSUyRnZ2azk0JTJGN1plQW5sWiUyRnJaU1c4a05uJTJCd2VqSVhNbjlDM29zWVhLdXdtdk5zRFZ4NUlJJTJGd0Z0blIyeWdPbXFKNjVncWtlV2xyWFZVVGt1WHFKVExQUHBpWWNOdjVCZTlQb1N6YmhscEFTRGpXNVd6WjY; pbjs-unifiedid=%7B%22TDID%22%3A%22de95517e-4e1b-49ba-8eef-27359a05f9a3%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-03-24T20%3A21%3A39%22%7D; freewheel-detected-bandwidth=556
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:45 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
158806
cf-polished
origFmt=png, origSize=6006
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:45 PM
content-disposition
inline; filename="taylor.webp"
cf-bgj
imgq:100,h2pri
content-length
4304
cf-request-id
09a724affe000054708992a000000001
x-ntv-te
7 c:0 a:0
last-modified
Tue, 21 Jul 2020 23:01:59 GMT
server
cloudflare
etag
"5f1773e7-1776"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=cKBSJ06%2B1dyYl1P%2BeOrk54KYIFAHuIa82aQ29%2BVUIInE1p7SOsmoFG1w5hGvJ8BJTPeM352ZdLfnX2JueuyEXkPv2AnSCAjMEzKD8sROjY0%3D"}]}
content-type
image/webp
cache-control
max-age=691200
accept-ranges
bytes
cf-ray
64520a2cc8455470-LHR
expires
Sat, 01 May 2021 00:14:59 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295705080
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:45 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
s2s
s2s.aniview.com/api/adserver/ 		1 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=b1724564a47313a4b62675d22ca93740_172315966&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1619295693899-998406242191-020775-010-000380&AV_CDIM1=sp_6oLVLzgr&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&AV_CDIM4=7e9d72b5-de3f-4044-b3d6-15dc38522119&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=5&pce=1&npx=1&AV_DETDOMAIN=perezhilton.com&AV_DADPOS=3&v=6.1.1.243&avtoken=693515&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=9295705081&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:46 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 13 Apr 2021 06:35:06 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=84726&t=1619295693&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295693899-998406242191-020775-010-000380&cha=0.7&cb=20688906628&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1619295705081&asid=5f0c277120c3067939487264&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:45 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295706240
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:46 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
s2s
s2s.aniview.com/api/adserver/ 		1 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=b1724564a47313a4b62675d22ca93740_172315966&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1619295693899-998406242191-020775-010-000380&AV_CDIM1=sp_6oLVLzgr&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&AV_CDIM4=7e9d72b5-de3f-4044-b3d6-15dc38522119&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=5&pce=1&npx=1&AV_DETDOMAIN=perezhilton.com&AV_DADPOS=3&v=6.1.1.243&avtoken=693515&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=9295706241&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:46 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 13 Apr 2021 06:35:06 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=84726&t=1619295693&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295693899-998406242191-020775-010-000380&cha=0.7&cb=20688906628&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1619295706241&asid=5f0c277120c3067939487264&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295706564
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:46 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
s2s
s2s.aniview.com/api/adserver/ 		0
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=84726&t=1619295693&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295693899-998406242191-020775-010-000380&cha=0.7&cb=20688906628&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1619295706565&asid=5f0c277120c3067939487264&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
I45YVWHO7e8
i3.ytimg.com/vi/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3.ytimg.com/vi/I45YVWHO7e8
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/wp-content/plugins/lazy-load-optimizer/assets/frontend/js/lazysizes.min.js?ver=1.4.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:21 GMT
x-content-type-options
nosniff
server
sffe
age
25
content-type
image/jpeg
cache-control
public, max-age=30
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1097
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:21:51 GMT
Here-Is-How-The-Kardashian-Family-Feels-About-Caitlyn-Jenner-Run-For-California-Governor-1024x720.jpg
perezhilton.com/wp-content/uploads/2021/04/ 		79 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perezhilton.com/wp-content/uploads/2021/04/Here-Is-How-The-Kardashian-Family-Feels-About-Caitlyn-Jenner-Run-For-California-Governor-1024x720.jpg
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/wp-content/plugins/lazy-load-optimizer/assets/frontend/js/lazysizes.min.js?ver=1.4.7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.0.93 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:path
/wp-content/uploads/2021/04/Here-Is-How-The-Kardashian-Family-Feels-About-Caitlyn-Jenner-Run-For-California-Governor-1024x720.jpg
pragma
no-cache
cookie
spotim_visitId={%22visitId%22:%22f3b63069-5cb4-42b8-bdcd-a7863d41cf6a%22%2C%22creationDate%22:%222021-04-24T20:21:33.360Z%22%2C%22duration%22:0}; __cfduid=dc89e2eaadd470747276b756776b75c5d1619295693; _lr_retry_request=true; _lr_env_src_ats=false; _pbjs_userid_consent_data=3524755945110770; _pubcid=ce396109-2470-4d8a-8c88-dfd45f7f2a8f; cto_bidid=R5NmCV9KclRva0dxWSUyRlRDVHZXZ2RNbVlVem5IM2NPOTE3eDdxRWZVMUVzaHpJbCUyQmdORDFWd1hXVnQlMkJ5bXA0dVNIcjBZT1QxNyUyRjFOaDBIbyUyQk9FTkdMdlJyTlElM0QlM0Q; cto_bundle=c2g-e19GbGQ4MEJEOTBrTGg2YSUyRnZ2azk0JTJGN1plQW5sWiUyRnJaU1c4a05uJTJCd2VqSVhNbjlDM29zWVhLdXdtdk5zRFZ4NUlJJTJGd0Z0blIyeWdPbXFKNjVncWtlV2xyWFZVVGt1WHFKVExQUHBpWWNOdjVCZTlQb1N6YmhscEFTRGpXNVd6WjY; pbjs-unifiedid=%7B%22TDID%22%3A%22de95517e-4e1b-49ba-8eef-27359a05f9a3%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-03-24T20%3A21%3A39%22%7D; freewheel-detected-bandwidth=556
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
perezhilton.com
referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:46 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
15339
cf-polished
origSize=170213, status=webp_bigger
x-ntv-worker-version
1.1.7w 4/24/2021, 1:21:46 PM
cf-bgj
imgq:100,h2pri
content-length
164509
cf-request-id
09a724b66b000054708937d000000001
x-ntv-te
12 c:0 a:0
last-modified
Sat, 24 Apr 2021 15:57:47 GMT
server
cloudflare
etag
"60843ffb-298e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zAcYy0yWhBetPcZal%2BOuH%2FTa79GL3n0Sz%2FYJiM9bDaNaMu3noKsk0LGmRaY37J5WEd0FT9Snh3K01E5VtD5jAueqnk0cEwC1pLG9BICW%2F%2FE%3D"}]}
content-type
image/jpeg
cache-control
max-age=691200
set-cookie
ntv_ce_visitor=35b5a913-6182-432a-8a91-7a741a45f889; Expires=Thu, 23 Apr 2026 20:21:46 GMT; Domain=.perezhilton.com; Secure; HttpOnly
accept-ranges
bytes
cf-ray
64520a371ff85470-LHR
expires
Sun, 02 May 2021 16:06:07 GMT
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=84726&t=1619295693&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295693899-998406242191-020775-010-000380&cha=0.7&cb=20688906628&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 24 Apr 2021 20:21:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295708167
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:49 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
s2s
s2s.aniview.com/api/adserver/ 		1 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=b1724564a47313a4b62675d22ca93740_172315966&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1619295693899-998406242191-020775-010-000380&AV_CDIM1=sp_6oLVLzgr&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&AV_CDIM4=7e9d72b5-de3f-4044-b3d6-15dc38522119&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=5&pce=1&npx=1&AV_DETDOMAIN=perezhilton.com&AV_DADPOS=3&v=6.1.1.243&avtoken=693515&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=9295708167&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:49 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 13 Apr 2021 06:35:09 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=84726&t=1619295693&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295693899-998406242191-020775-010-000380&cha=0.7&cb=20688906628&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1619295708167&asid=5f0c277120c3067939487264&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:49 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
live-updates
comments.yappaapp.com/ Frame 4ECD 		80 B
789 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://comments.yappaapp.com/live-updates?lastUpdate=1617664851586&url=https:%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&contentId=&domainList[]=135
Requested by
Host: widget.yappaapp.com
URL: https://widget.yappaapp.com/js/chunk-vendors.8d851cc7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53b9044b72b0ba7469f3b9b0e66e3b20f9aff5570607650f82a8802a47ca6d5f

Request headers

Referer
https://widget.yappaapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:48 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09a724becf0000dfc70ea4e000000001
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UU1%2FPt1TTUNFv6hdk7gr4qxOMnt0M0TjkdnM9YZtVDGDGAT0eQ5f3gE9d9ml%2FRl7ZPNXXVxw%2F5m%2F3c%2ButPzqW2%2B13Xg%2BjR0ox5eqLtLp%2BUjKVKwTaoElREKNHmdhRnVG97M%3D"}],"group":"cf-nel"}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-yappa-jwt, content-disposition
cf-ray
64520a44782ddfc7-FRA
x-amz-cf-id
pbm-FTFgjbS63A_KXEWwL-j-fsMfH3emfJXwtYPa4GUclZLRoBKUgQ==
/
go1.aniview.com/api/adserver/tag/5/ 		27 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/5/?AV_CDIM1=sp_6oLVLzgr&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&AV_CDIM4=7e9d72b5-de3f-4044-b3d6-15dc38522119&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=5&pce=1&npx=1&AV_DETDOMAIN=perezhilton.com&AV_DADPOS=3&v=6.1.1.243&avtoken=693515&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=1619295709292
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.219.93.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
285562482b285543a054dd848bb8bc65a483c0b92d170326e8a2cf90e9aaca96

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:49 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 13 Apr 2021 06:35:09 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295709551
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:49 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
s2s
s2s.aniview.com/api/adserver/ 		1 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=57fa6ee2c3343cfcb8fdaff4673889fd_1723156154&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1619295709036-931268756191-020981-013-006104&AV_CDIM1=sp_6oLVLzgr&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&AV_CDIM4=7e9d72b5-de3f-4044-b3d6-15dc38522119&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=5&pce=1&npx=1&AV_DETDOMAIN=perezhilton.com&AV_DADPOS=3&v=6.1.1.243&avtoken=693515&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=9295709552&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:49 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 13 Apr 2021 06:35:09 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=9339&t=1619295709&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295709036-931268756191-020981-013-006104&cha=0.1&cb=28449693451&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1619295709552&asid=5f0c277120c3067939487264&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:49 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
AdServerServlet
vid.pubmatic.com/AdServer/ 		27 B
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295709775
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.75 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:49 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
X-Vdbg
1:0/165:-1
Content-Type
application/xml; charset=utf-8
s2s
s2s.aniview.com/api/adserver/ 		0
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=9339&t=1619295709&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295709036-931268756191-020981-013-006104&cha=0.1&cb=28449693451&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300&nid=5e0e296628a061270b21ccab&ncid=5f327ef5712b6a63ae7736e5&e=request&cb=1619295709776&asid=5f0c277120c3067939487264&ofpr=&fpo=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:49 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
reporting.powerad.ai/ 		2 B
412 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://reporting.powerad.ai/
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js?ver=0.9.4.1610619161
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-151-247.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 24 Apr 2021 20:21:54 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
2
/
hb.brainlyads.com/json-parts/2283/ Frame CE42 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/json-parts/2283/?ver=1.0&pageId=1620440609&sizes=[[728,90]]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/%22],[%22referrer%22,%22%22]]
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
a8b8ee8b41af609ef848e4bf3ac2bb60c5d5bb38a51dc4a50ccda18ebda85f3b

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:54 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
X-Powered-By
Express
ETag
W/"9f8-CpPiasiyYhddJZtXuBWcTqE/wR8"
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
*
251
a.ad.gt/api/v1/u/matches/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&ref=
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.39.230.13 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
489df3ce919c9a27693901db9ebe4bdbf9236537cbbb979dd1063fca1a80291e

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:54 GMT
server
nginx/1.18.0
content-length
3350
content-type
application/javascript
/
hb.brainlyads.com/json-parts/1642/ Frame B424 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/json-parts/1642/?ver=1.0&pageId=1620440609&sizes=[[300,600],[160,600],[120,600]]&winbidder=&keyValues=[[%22refresh%22,0]]
Requested by
Host: perezhilton.com
URL: https://perezhilton.com/salon-owner-charged-clients-contract-hiv-vampire-facials/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
f4135ba686b3345c4914f7a00818f889136c81120d178de533e047b4ef6f7006

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:54 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
X-Powered-By
Express
ETag
W/"8a7-nqlHNYlkM/4PeWiwT55Lg85pE7Q"
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Headers
*
s2s
s2s.aniview.com/api/adserver/ 		0
0
/
reporting.powerad.ai/ 		2 B
412 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://reporting.powerad.ai/
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js?ver=0.9.4.1610619161
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-151-247.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sat, 24 Apr 2021 20:21:54 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
2
s2s
s2s.aniview.com/api/adserver/ 		1 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=57fa6ee2c3343cfcb8fdaff4673889fd_1723156154&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1619295709036-931268756191-020981-013-006104&AV_CDIM1=sp_6oLVLzgr&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&AV_CDIM4=7e9d72b5-de3f-4044-b3d6-15dc38522119&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=5&pce=1&npx=1&AV_DETDOMAIN=perezhilton.com&AV_DADPOS=3&v=6.1.1.243&avtoken=693515&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=9295713085&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:54 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 13 Apr 2021 06:35:14 GMT
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=9339&t=1619295709&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295709036-931268756191-020981-013-006104&cha=0.1&cb=28449693451&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 24 Apr 2021 20:21:54 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
s2s
s2s.aniview.com/api/adserver/ 		1 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=57fa6ee2c3343cfcb8fdaff4673889fd_1723156154&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1619295709036-931268756191-020981-013-006104&AV_CDIM1=sp_6oLVLzgr&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&AV_CDIM4=7e9d72b5-de3f-4044-b3d6-15dc38522119&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=5&pce=1&npx=1&AV_DETDOMAIN=perezhilton.com&AV_DADPOS=3&v=6.1.1.243&avtoken=693515&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=9295714707&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:54 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 13 Apr 2021 06:35:14 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 5908 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
9e5a3984c873d9f7009795b85f0d9bfa38e8f9dddc2309d83556aea4d7ee41a0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
FUA623DCjlDRvcvJxerHmi4TRUp1BV44
content-encoding
gzip
server
Server
age
715
etag
433bd8b9aebf928ab8f51e43abc531d2
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
cache-control
public, max-age=900
date
Sat, 24 Apr 2021 20:09:59 GMT
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Nq_jAj8VYlOQ7cvlSyT8ruu5r3kPkkrp6KL-kXnSC7gYv1GX1X0pNA==
gpt.js
www.googletagservices.com/tag/js/ Frame 5908 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5b714db37b15f12751494535f3b0010aa0bcaa9db892dafaba7ae356e86187c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"852 / 573 of 1000 / last-modified: 1619215815"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21128
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:21:54 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 65E1 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17888&site_id=298688&zone_id=1679570&size_id=2&p_pos=atf&rp_schain=1.0,1!nextmillennium.io,15042,1,,,&rf=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&tk_flint=pbjs_lite_v3.22.0&x_source.tid=6a5e38b5-dbb7-4ec5-a098-14788118cf69&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.2572042782947026
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
13d8635469724c9fe211aff6945630942c13f181fbe05ddf6e97e991b2972148

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:54 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 65E1 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
72136bf5d5dcaedfb9d794fff0c46e257c648e06aa7e16948a1010635aa4e0c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:54 GMT
X-Proxy-Origin
5.253.206.148; 5.253.206.148; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.203:80
AN-X-Request-Uuid
54ade857-b649-4f73-957f-90cc253e4baa
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ads.yieldmo.com/exchange/ Frame 65E1 		0
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?p=%5B%7B%22placement_id%22%3A%221-b586-%2F90814396%2Fperezhilton_728x90_stickybottom_HB%22%2C%22callback_id%22%3A%226580e01a6acf1%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222422700953154036356%22%7D%5D&page_url=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&bust=1619295714762&pr=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&scrd=1&dnt=false&e=90&description=&title=Salon%20Owner%20Charged%20After%20Two%20Clients%20Contract%20HIV%20From%20A%20%E2%80%98Vampire%20Facial%E2%80%99!%20-%20Perez%20Hilton&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nextmillennium.io%22%2C%22sid%22%3A%2215042%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.219.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://perezhilton.com
pragma
no-cache
date
Sat, 24 Apr 2021 20:21:54 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
cygnus
as-sec.casalemedia.com/ Frame 65E1 		24 B
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=501529&v=7.2&r=%7B%22id%22%3A%227606125ecd1504%22%2C%22imp%22%3A%5B%7B%22id%22%3A%228bb39d506addac%22%2C%22ext%22%3A%7B%22siteID%22%3A%22501529%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nextmillennium.io%22%2C%22sid%22%3A%2215042%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2b4433080e08fd0c65ef4b5cb80a82993bbbb4a3b1739e84d983278623a675c5

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:55 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
44
Expires
Sat, 24 Apr 2021 20:21:55 GMT
hb
hb.undertone.com/ Frame 65E1 		0
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3757&domain=perezhilton.com
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:f400:1f:df94:f9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:54 GMT
via
1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
ZRH50-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://perezhilton.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
x-amz-cf-id
GUcMGE3SA2RjkSuGuQ7A1bStGciYU1KnPQ3wQ_L9ITmMllwwab423w==
expires
Mon, 26 Jul 1997 05:00:00 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame A2BC 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
9e5a3984c873d9f7009795b85f0d9bfa38e8f9dddc2309d83556aea4d7ee41a0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
FUA623DCjlDRvcvJxerHmi4TRUp1BV44
content-encoding
gzip
server
Server
age
715
etag
433bd8b9aebf928ab8f51e43abc531d2
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
cache-control
public, max-age=900
date
Sat, 24 Apr 2021 20:09:59 GMT
x-amz-cf-pop
ZRH50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
n20QjIxNB7rmpd0NA58U99Gyc3OokC2XS69YmYFbRWKHt_c4ugePGw==
gpt.js
www.googletagservices.com/tag/js/ Frame A2BC 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5b714db37b15f12751494535f3b0010aa0bcaa9db892dafaba7ae356e86187c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"852 / 663 of 1000 / last-modified: 1619215815"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21128
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:21:54 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 65E1 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
7fb37d1b22fd013fe1e0a9cfe2d7dc0371390a2f716923cf9f66595ed363f9d8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:54 GMT
X-Proxy-Origin
5.253.206.148; 5.253.206.148; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.217:80
AN-X-Request-Uuid
f5326143-addd-4345-9283-bcb6aeb13646
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
as-sec.casalemedia.com/ Frame 65E1 		25 B
457 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?s=454476&v=7.2&r=%7B%22id%22%3A%221364d5acf7166d3%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2214566478603bfe1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22454476%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nextmillennium.io%22%2C%22sid%22%3A%2215042%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ae812456ad3be3b9dfb7b27fa55401db4f736c9fe00501394a7efe5950f96905

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:55 GMT
Content-Encoding
gzip
Server
Apache
Vary
Is-Traffic-Invalid,Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
45
Expires
Sat, 24 Apr 2021 20:21:55 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 65E1 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17888&site_id=298688&zone_id=1517292&size_id=9&alt_size_ids=8%2C10&p_pos=atf&rp_schain=1.0,1!nextmillennium.io,15042,1,,,&rf=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&tk_flint=pbjs_lite_v3.22.0&x_source.tid=99416a7d-2ccf-4709-9ab8-64039260c93d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6045788957045526
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.51 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
41f93c728c1086753907e468ead88f3040144a7d8891517b9ce60d3be2076da1

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:55 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://perezhilton.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
1526
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ads.yieldmo.com/exchange/ Frame 65E1 		0
353 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?p=%5B%7B%22placement_id%22%3A%221-494b-%2F90814396%2Fperezhilton_300x600_adhesionskin_HB%22%2C%22callback_id%22%3A%22186258c63b4e741%22%2C%22sizes%22%3A%5B%5B300%2C600%5D%2C%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%222422700953154036356%22%7D%5D&page_url=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&bust=1619295714782&pr=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&scrd=1&dnt=false&e=90&description=&title=Salon%20Owner%20Charged%20After%20Two%20Clients%20Contract%20HIV%20From%20A%20%E2%80%98Vampire%20Facial%E2%80%99!%20-%20Perez%20Hilton&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nextmillennium.io%22%2C%22sid%22%3A%2215042%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.219.156 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://perezhilton.com
pragma
no-cache
date
Sat, 24 Apr 2021 20:21:54 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
pubads_impl_2021042101.js
securepubads.g.doubleclick.net/gpt/ Frame 5908 		301 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
59c35f54d601301c5ad4ac4d92d0d60f8c09e264cafe2e61a756c059889b6da9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 21 Apr 2021 08:38:12 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108325
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:21:54 GMT
statistics
report.hb.brainlyads.com/ Frame 65E1 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://report.hb.brainlyads.com/statistics
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.215.247.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 24 Apr 2021 20:21:55 GMT
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
X-Powered-By
Express
Access-Control-Allow-Headers
*
Transfer-Encoding
chunked
statistics
report.hb.brainlyads.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://report.hb.brainlyads.com/statistics
Protocol
HTTP/1.1
Server
3.215.247.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://perezhilton.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sat, 24 Apr 2021 20:21:55 GMT
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
Express
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
*
pubads_impl_2021042101.js
securepubads.g.doubleclick.net/gpt/ Frame A2BC 		301 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060871
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
59c35f54d601301c5ad4ac4d92d0d60f8c09e264cafe2e61a756c059889b6da9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 21 Apr 2021 08:38:12 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108325
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:21:54 GMT
s2s
s2s.aniview.com/api/adserver/ 		1 B
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=57fa6ee2c3343cfcb8fdaff4673889fd_1723156154&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1619295709036-931268756191-020981-013-006104&AV_CDIM1=sp_6oLVLzgr&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&AV_CDIM4=7e9d72b5-de3f-4044-b3d6-15dc38522119&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=5&pce=1&npx=1&AV_DETDOMAIN=perezhilton.com&AV_DADPOS=3&v=6.1.1.243&avtoken=693515&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=9295714984&tgt=0&
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.214.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:55 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://perezhilton.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Tue, 13 Apr 2021 06:35:15 GMT
bid
c.amazon-adsystem.com/e/dtb/ Frame 5908 		23 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&pid=NM1RiuopL0pAY&cb=0&ws=0x0&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F90814396%2Fperezhilton_728x90_stickybottom_HB%22%7D%5D&cfgv=0&schain=1.0%2C1!nextmillennium.io%2C15042%2C1%2C%2C%2C&pubid=79e40b05-e673-4b6c-85f9-79252a7f96a5&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:55 GMT
via
1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://perezhilton.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
lxhrPNkMRC0ECjOCaX5MKJsr4dWGLpfp0nxsmPYrMISyc9yeD2jrQQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 5908 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 01:26:32 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
68123
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
via
1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
wMKFLlPDfQfIGtsAVAyNCYMakDIUgjEluvS53JxqhFAZRstHzV8Lvg==
bid
c.amazon-adsystem.com/e/dtb/ Frame A2BC 		23 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&pid=EjrnqFS797gur&cb=0&ws=0x0&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%2C%22120x600%22%5D%2C%22sn%22%3A%22%2F90814396%2Fperezhilton_300x600_adhesionskin_HB%22%7D%5D&cfgv=0&schain=1.0%2C1!nextmillennium.io%2C15042%2C1%2C%2C%2C&pubid=79e40b05-e673-4b6c-85f9-79252a7f96a5&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:55 GMT
via
1.1 a2037d86ccb1a548f20827ebd95a65f3.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH50-C1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://perezhilton.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Dc8K9DAKUwToHEV9yC8elhkEYHXSW8rdv5cGZW_2Coc-EfRwXfUcEQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame A2BC 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-103-105.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 01:26:32 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
68123
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
via
1.1 d4ab4520827d99650a0d233539c37425.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
ZRH50-C1
content-type
application/javascript
x-amz-cf-id
9J_UKxha-VzYvIr-ElUBTR30rkc9YuIkRISpkppaq0oSfvikQ5PmwA==
haloid
aufp.io/api/v1/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aufp.io/api/v1/haloid
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&ref=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.33.73.108 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-33-73-108.us-west-2.compute.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
3e35ce33f0bf35b7dc2569b494f27675b856043a57ecc024b11a0da5b1db3692

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:55 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 20:32:36 GMT
server
nginx/1.14.1
etag
W/"1619037156.0-5932-2958560116"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*, *
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
public, max-age=43200
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires
Sun, 25 Apr 2021 08:21:55 GMT
251
p.ad.gt/api/v1/p/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/251
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&ref=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.36.224 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
df151e22be1dd1d0b9c8e0748aafc86c9ad2b73a965fdb159040f517bbb6db9b

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:55 GMT
content-encoding
gzip
last-modified
Wed, 21 Apr 2021 20:31:20 GMT
server
nginx/1.14.1
etag
W/"1619037080.0-25597-2710964840"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
public, max-age=43200
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires
Sun, 25 Apr 2021 08:21:55 GMT
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=3078499a-c220-4db0-9be3-5551b0657e7f&adnxs_id=$UID
  • https://ids.ad.gt/api/v1/match?id=3078499a-c220-4db0-9be3-5551b0657e7f&adnxs_id=484300030681540270
43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=3078499a-c220-4db0-9be3-5551b0657e7f&adnxs_id=484300030681540270
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.70.166.124 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:55 GMT
cache-control
public, max-age=43200
server
nginx/1.16.1
content-type
image/gif
expires
Sun, 25 Apr 2021 08:21:55 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:55 GMT
X-Proxy-Origin
5.253.206.148; 5.253.206.148; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.91:80
AN-X-Request-Uuid
1e161a7c-27d1-4d6d-a6bb-9643fdbe54b3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ids.ad.gt/api/v1/match?id=3078499a-c220-4db0-9be3-5551b0657e7f&adnxs_id=484300030681540270
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=3078499a-c220-4db0-9be3-5551b0657e7f
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=3078499a-c220-4db0-9be3-5551b0657e7f
  • https://ids.ad.gt/api/v1/t_match?tdid=90e1a64a-ee12-4e34-854a-f98690a6ec4e&id=3078499a-c220-4db0-9be3-5551b0657e7f
43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=90e1a64a-ee12-4e34-854a-f98690a6ec4e&id=3078499a-c220-4db0-9be3-5551b0657e7f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.70.166.124 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:55 GMT
cache-control
public, max-age=43200
server
nginx/1.16.1
content-type
image/gif
expires
Sun, 25 Apr 2021 08:21:55 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ids.ad.gt/api/v1/t_match?tdid=90e1a64a-ee12-4e34-854a-f98690a6ec4e&id=3078499a-c220-4db0-9be3-5551b0657e7f
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D3078499a-c220-4db0-9be3-5551b0657e7f
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D3078499a-c220-4db0-9be3-5551b0657e7f
  • https://ids.ad.gt/api/v1/pbm_match?pbm=F5CE1084-D981-4EE7-BB5A-C698BB77894F&id=3078499a-c220-4db0-9be3-5551b0657e7f
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=F5CE1084-D981-4EE7-BB5A-C698BB77894F&id=3078499a-c220-4db0-9be3-5551b0657e7f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.70.166.124 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:55 GMT
cache-control
public, max-age=43200
server
nginx/1.16.1
content-type
image/gif
expires
Sun, 25 Apr 2021 08:21:55 GMT

Redirect headers

Location
https://ids.ad.gt/api/v1/pbm_match?pbm=F5CE1084-D981-4EE7-BB5A-C698BB77894F&id=3078499a-c220-4db0-9be3-5551b0657e7f
Date
Sat, 24 Apr 2021 20:21:55 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=3078499a-c220-4db0-9be3-5551b0657e7f
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=3078499a-c220-4db0-9be3-5551b0657e7f&google_tc=
  • https://ids.ad.gt/api/v1/g_match?id=3078499a-c220-4db0-9be3-5551b0657e7f&google_gid=CAESEBAdlJ3_AwhbDjVG-3Ix0tQ&google_cver=1&google_ula=450542624,0
43 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=3078499a-c220-4db0-9be3-5551b0657e7f&google_gid=CAESEBAdlJ3_AwhbDjVG-3Ix0tQ&google_cver=1&google_ula=450542624,0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.70.166.124 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:55 GMT
cache-control
public, max-age=43200
server
nginx/1.16.1
content-type
image/gif
expires
Sun, 25 Apr 2021 08:21:55 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:55 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ids.ad.gt/api/v1/g_match?id=3078499a-c220-4db0-9be3-5551b0657e7f&google_gid=CAESEBAdlJ3_AwhbDjVG-3Ix0tQ&google_cver=1&google_ula=450542624,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=3078499a-c220-4db0-9be3-5551b0657e7f
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MzA3ODQ5OWEtYzIyMC00ZGIwLTliZTMtNTU1MWIwNjU3ZTdm
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MzA3ODQ5OWEtYzIyMC00ZGIwLTliZTMtNTU1MWIwNjU3ZTdm
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=MzA3ODQ5OWEtYzIyMC00ZGIwLTliZTMtNTU1MWIwNjU3ZTdm
date
Sat, 24 Apr 2021 20:21:55 GMT
server
nginx/1.16.1
content-length
473
content-type
text/html; charset=utf-8
adb_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=3078499a-c220-4db0-9be3-5551b0657e7f&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D3078499a-c220-4db0-9be3-5551b...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=3078499a-c220-4db0-9be3-5551b0657e7f&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D3078499...
  • https://ids.ad.gt/api/v1/adb_match?adb=81340870076996171530840746490421546506&id=3078499a-c220-4db0-9be3-5551b0657e7f
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/adb_match?adb=81340870076996171530840746490421546506&id=3078499a-c220-4db0-9be3-5551b0657e7f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.70.166.124 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:55 GMT
cache-control
public, max-age=43200
server
nginx/1.16.1
content-type
image/gif
expires
Sun, 25 Apr 2021 08:21:55 GMT

Redirect headers

DCS
dcs-prod-irl1-1-v005-063fc6c9c.edge-irl1.demdex.com 6.2.1.20210422111706-PR_1432-SNAPSHOT
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
df83WBfORYE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://ids.ad.gt/api/v1/adb_match?adb=81340870076996171530840746490421546506&id=3078499a-c220-4db0-9be3-5551b0657e7f
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
getuid
sync.smartadserver.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3D3078499a-c220-4db0-9be3-5551b0657e7f%26sas_uid%3D%5bsas_uid%5d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
us
sync.go.sonobi.com/ 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=3078499a-c220-4db0-9be3-5551b0657e7f&uid=[UID]
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:55 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
statistics
report.hb.brainlyads.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://report.hb.brainlyads.com/statistics
Protocol
HTTP/1.1
Server
3.215.247.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://perezhilton.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Sat, 24 Apr 2021 20:21:55 GMT
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
Express
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
*
statistics
report.hb.brainlyads.com/ Frame 65E1 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://report.hb.brainlyads.com/statistics
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.215.247.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 24 Apr 2021 20:21:55 GMT
Server
nginx/1.14.0 (Ubuntu)
Connection
keep-alive
X-Powered-By
Express
Access-Control-Allow-Headers
*
Transfer-Encoding
chunked
halo_match
ids.ad.gt/api/v1/ 		43 B
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=3078499a-c220-4db0-9be3-5551b0657e7f&halo_id=0300b69q6w07jv2yg08xizqr0bwpa1w0evvmq41k7cm960ome3m40ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91ayhfwi1elzfjf1hl5r1i1kkc2jl
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.70.166.124 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:55 GMT
cache-control
public, max-age=43200
server
nginx/1.16.1
content-type
image/gif
expires
Sun, 25 Apr 2021 08:21:55 GMT
getpixels
pixels.ad.gt/api/v1/ 		0
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=5ad8072e0d451a3ccc417edde94568a0&url=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&code=%27none%27
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.112.180.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 24 Apr 2021 20:21:56 GMT
server
nginx/1.14.1
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
fbevents.js
connect.facebook.net/en_US/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23961
x-fb-rlafr
0
pragma
public
x-fb-debug
QPHhAo24fUCBK5Zzw+hHQmJNtHU7A65P5DuyaOeUnUT7cQZIxanZZL/HVclbRaO/NTzwd2pyDQd9GY5egQvuVw==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sat, 24 Apr 2021 20:21:55 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
827 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
866
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
expires
Sat, 24 Apr 2021 21:07:29 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 19:59:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1336
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Sat, 24 Apr 2021 20:59:39 GMT
openx
ids.ad.gt/api/v1/
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0300b69q6w07jv2yg08xizqr0bwpa1w0evvmq41k7cm960om...
  • https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0300b69q6w07jv2yg08xizqr0bwpa1w0evvmq41k7cm...
  • https://ids.ad.gt/api/v1/openx?openx_id=c4998d24-198b-4750-b048-9b73891e5329&id=0300b69q6w07jv2yg08xizqr0bwpa1w0evvmq41k7cm960ome3m40ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91ayhfwi1e...
43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/openx?openx_id=c4998d24-198b-4750-b048-9b73891e5329&id=0300b69q6w07jv2yg08xizqr0bwpa1w0evvmq41k7cm960ome3m40ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91ayhfwi1elzfjf1hl5r1i1kkc2jl&auid=3078499a-c220-4db0-9be3-5551b0657e7f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.70.166.124 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:56 GMT
cache-control
public, max-age=43200
server
nginx/1.16.1
content-type
image/gif
expires
Sun, 25 Apr 2021 08:21:56 GMT

Redirect headers

date
Sat, 24 Apr 2021 20:21:56 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ids.ad.gt/api/v1/openx?openx_id=c4998d24-198b-4750-b048-9b73891e5329&id=0300b69q6w07jv2yg08xizqr0bwpa1w0evvmq41k7cm960ome3m40ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91ayhfwi1elzfjf1hl5r1i1kkc2jl&auid=3078499a-c220-4db0-9be3-5551b0657e7f
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
1853083501571805
connect.facebook.net/signals/config/ 		257 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1853083501571805?v=2.9.39&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d0417f1e44b9b12690110ac44fdc0741355788d22101b24119b97f8c8548ee1d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
75907
x-fb-rlafr
0
pragma
public
x-fb-debug
nCQeywMkYZiSOVTlwXBRRM9VBVBH1xGDPABS6etuwMtY5as9nXruMVuqDGffK9abfLHjQ/5lspOaby4nK52rKw==
x-frame-options
DENY
date
Sat, 24 Apr 2021 20:21:55 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&rl=&if=false&ts=1619295715818&cd[partner_id]=251&cd[tagger_id]=5ad8072e0d451a3ccc417edde94568a0&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1619295715816.2058262935&it=1619295715773&coo=false&tm=1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:55 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 24 Apr 2021 20:21:55 GMT
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundarySHNrVM52Edxpg7my

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Sat, 24 Apr 2021 20:21:56 GMT
content-type
text/plain
access-control-allow-origin
https://perezhilton.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 35C4 		995 B
875 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://perezhilton.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
icu=ChgI195jEAoYASABKAEw4vuRhAY4AUABSAEQ4vuRhAYYAA..; uuid2=484300030681540270
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://perezhilton.com/

Response headers

Server
nginx/1.13.10
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Sun, 24 Apr 2022 20:21:58 GMT
Date
Sat, 24 Apr 2021 20:21:58 GMT
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame 09C6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://perezhilton.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://perezhilton.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Sat, 24 Apr 2021 20:21:58 GMT
Content-Length
1151
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 6A94 		995 B
875 B 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://perezhilton.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
icu=ChgI195jEAoYASABKAEw4vuRhAY4AUABSAEQ4vuRhAYYAA..; uuid2=484300030681540270
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://perezhilton.com/

Response headers

Server
nginx/1.13.10
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
"573e714d-3e3"
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
506
Cache-Control
max-age=31536000
Expires
Sun, 24 Apr 2022 20:21:58 GMT
Date
Sat, 24 Apr 2021 20:21:58 GMT
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame 8EC0 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.121.175.131 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-175-131.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://perezhilton.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhOqmt0HZRUZWfOgx0qIf5NGr8QsKaCrTlkuPKR3OktVOpDwv9SSiUXyP4Wwn1rWxbuVEZ+xAvac7RQXIhpnWsD89eNbX7JKS3dwHNbrrxlA==; ses2=; vis2=298688^1; khaos=KNW6UY66-T-AUO3; ses9=298688^1; vis9=298688^1; audit=1|0o8zzNO5o4bXeS96UseISiZK9RXPCPzu6HEGQ/wqHBvOeaDoITKEC5loHh0M9Fn+cpj76PKZXj/hk5WIOeCMzL+mauXqFHyH
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://perezhilton.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"40005-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 24 Apr 2021 20:21:58 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 336E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://perezhilton.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://perezhilton.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Sat, 24 Apr 2021 20:21:58 GMT
Content-Length
1151
Connection
keep-alive
usersync.html
cdn.undertone.com/js/ Frame 2BBF 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:a00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21d46bb0a238b8c1b0ab5ea12b5fa6cab58b90e30ca08727321e1e40e2970046

Request headers

:method
GET
:authority
cdn.undertone.com
:scheme
https
:path
/js/usersync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://perezhilton.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://perezhilton.com/

Response headers

content-type
text/html
date
Fri, 23 Apr 2021 23:52:36 GMT
last-modified
Wed, 16 Dec 2020 12:35:23 GMT
etag
W/"8ee422394c26ec0371c4676b43dd838d"
server
AmazonS3
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 4ee178becf6bd81a5ce90c64ae0621b5.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
fdMXzPXWOZ2b_2ni3P3t_1SihfOWhRpUnIMFExU5a7Fzsq96iPVoDQ==
age
73763
usync.html
eus.rubiconproject.com/ Frame 162F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.121.175.131 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-175-131.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cdn.undertone.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhOqmt0HZRUZWfOgx0qIf5NGr8QsKaCrTlkuPKR3OktVOpDwv9SSiUXyP4Wwn1rWxbuVEZ+xAvac7RQXIhpnWsD89eNbX7JKS3dwHNbrrxlA==; ses2=; vis2=298688^1; khaos=KNW6UY66-T-AUO3; ses9=298688^1; vis9=298688^1; audit=1|0o8zzNO5o4bXeS96UseISiZK9RXPCPzu6HEGQ/wqHBvOeaDoITKEC5loHh0M9Fn+cpj76PKZXj/hk5WIOeCMzL+mauXqFHyH
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://cdn.undertone.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"40005-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 24 Apr 2021 20:21:58 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=12776
Date
Sat, 24 Apr 2021 20:21:58 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
sync
usr.undertone.com/userPixel/ Frame 2BBF
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=484300030681540270
0
0
sync
usr.undertone.com/userPixel/ Frame 2BBF
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=a6b4f366-90a8-44cf-8936-90e469cdbc7f
0
0
sync
usr.undertone.com/userPixel/ Frame 2BBF
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb82a0651-a53a-11eb-8cd5-06f3176763d2
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPb82a0651-a53a-11eb-8cd5-06f3176763d2&verify=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-MBpOm8pE2uEftgOq9D4vs8eqncxE9H3X~A~UPb82a0651-a53a-11eb-8cd5-06f3176763d2
0
0
sync
usr.undertone.com/userPixel/ Frame 2BBF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=90e1a64a-ee12-4e34-854a-f98690a6ec4e&ttl=1621887718
0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame 2BBF 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif
sync
usr.undertone.com/userPixel/ Frame 2BBF
Redirect Chain
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=4833eb2c9129ecd367b6d898f4e993ee4d3e2d36
0
0
usync.js
eus.rubiconproject.com/ Frame 8EC0 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.121.175.131 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-175-131.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
85e38c4d71d56942a70f3594fecfdf95d4383e0b6eb934dcddf9910f93294bfa

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Apr 2021 20:34:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=15717
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9242
Expires
Sun, 25 Apr 2021 00:43:55 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 3CA7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
033115708840b062c186f706870c253c95c338e198778469b8fa6a48f8452b83

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YIR95p7F5nMVRqmmgC6lrAAA; CMPS=1119
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|230|39|241|88|105|46|5
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1736
Expires
Sat, 24 Apr 2021 20:21:58 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:58 GMT
Connection
keep-alive
Set-Cookie
CMID=YIR95p7F5nMVRqmmgC6lrAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Apr 2022 20:21:58 GMT CMPS=1119;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 23 Jul 2021 20:21:58 GMT CMPRO=1182;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 23 Jul 2021 20:21:58 GMT CMST=YIR95mCEfeYA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Apr 2021 20:21:58 GMT CMRUM3=0560847de605a0&e660847de627600&f160847de605a0&2760847de60b40&5860847de605a0&6960847de605a0&2e60847de605a0&2d60847de605a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Apr 2022 20:21:58 GMT

Redirect headers

Server
Apache
Content-Length
367
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sat, 24 Apr 2021 20:21:58 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:58 GMT
Connection
keep-alive
Set-Cookie
CMID=YIR95p7F5nMVRqmmgC6lrAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Apr 2022 20:21:58 GMT CMPS=1119;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 23 Jul 2021 20:21:58 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame CA94
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2f114e83d6444f6a83ff1e7ac807eeed1d25536ddb3f5a00e3ee8e7e12b6dfab

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMPS=1119; CMID=YIR95p7F5nMVRqmmgC6lrgAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|39|241|45|13|176|206|90
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1833
Expires
Sat, 24 Apr 2021 20:21:58 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:58 GMT
Connection
keep-alive
Set-Cookie
CMID=YIR95p7F5nMVRqmmgC6lrgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Apr 2022 20:21:58 GMT CMPS=1119;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 23 Jul 2021 20:21:58 GMT CMPRO=1210;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 23 Jul 2021 20:21:58 GMT CMST=YIR95mCEfeYA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Apr 2021 20:21:58 GMT CMRUM3=0d60847de605a0&b060847de605a00&5a60847de605a0&2d60847de605a0&2760847de60b40&f160847de605a0&e660847de627600&ce60847de605a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Apr 2022 20:21:58 GMT

Redirect headers

Server
Apache
Content-Length
367
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Sat, 24 Apr 2021 20:21:58 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:58 GMT
Connection
keep-alive
Set-Cookie
CMID=YIR95p7F5nMVRqmmgC6lrgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 24 Apr 2022 20:21:58 GMT CMPS=1119;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Fri, 23 Jul 2021 20:21:58 GMT
async_usersync
secure.adnxs.com/ Frame 35C4 		0
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:58 GMT
X-Proxy-Origin
5.253.206.148; 5.253.206.148; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.153:80
AN-X-Request-Uuid
cb5a1ed1-fe2b-4435-b364-315d3763836d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
secure.adnxs.com/ Frame 6A94 		0
748 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:58 GMT
X-Proxy-Origin
5.253.206.148; 5.253.206.148; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.89:80
AN-X-Request-Uuid
0ceb4758-2fd0-4ca8-8dc2-db4deca7201f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
track1.aniview.com/ 		0
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=PL&cos=Windows&r=perezhilton.com&rs=perezhilton.com&sid=9339&t=1619295709&cip=5.253.206.148&sn=&tgt=0&osv=10&bv=89.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=5&aafaid=&proto=https&uid=1619295709036-931268756191-020981-013-006104&cha=0.1&cb=28449693451&cd3=pitc&cd4=7e9d72b5-de3f-4044-b3d6-15dc38522119&cd1=sp_6oLVLzgr&cd6=true&cd5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&cd2=Desktop&d9=1000&AV_WIDTH=400&AV_HEIGHT=300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanagerab5.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.33.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://perezhilton.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 24 Apr 2021 20:21:58 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
usync.js
eus.rubiconproject.com/ Frame 162F 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.121.175.131 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-121-175-131.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
85e38c4d71d56942a70f3594fecfdf95d4383e0b6eb934dcddf9910f93294bfa

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:58 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Apr 2021 20:34:13 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=15717
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9242
Expires
Sun, 25 Apr 2021 00:43:55 GMT
crum
dsum-sec.casalemedia.com/ Frame 3CA7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YIR95p7F5nMVRqmmgC6lrAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOgna64ok2zUuLGC0ryceEM&google_cver=1
43 B
1000 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOgna64ok2zUuLGC0ryceEM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Apr 2021 20:21:58 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOgna64ok2zUuLGC0ryceEM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 3CA7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YIR95p7F5nMVRqmmgC6lrAAABJ4AAAAB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEKGuczK4rwtrEPZKpFOfehs&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEKGuczK4rwtrEPZKpFOfehs&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 24 Apr 2021 20:21:58 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEKGuczK4rwtrEPZKpFOfehs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 3CA7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YIR95p7F5nMVRqmmgC6lrAAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.88.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-88-205.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 3CA7
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIR95p7F5nMVRqmmgC6lrAAABJ4AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIR95p7F5nMVRqmmgC6lrAAABJ4AAAAB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIR95p7F5nMVRqmmgC6lrAAABJ4AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:58 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:58 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIR95p7F5nMVRqmmgC6lrAAABJ4AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3CA7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YIR95gAAba0mHgBg
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YIR95gAAba0mHgBg&gdpr=1&_test=YIR95gAAba0mHgBg
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YIR95gAAba0mHgBg&gdpr=1&_test=YIR95gAAba0mHgBg
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Apr 2021 20:21:58 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:58 GMT
via
1.1 varnish
server
Varnish
x-timer
S1619295719.520154,VS0,VE0
x-served-by
cache-hhn4020-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YIR95gAAba0mHgBg&gdpr=1&_test=YIR95gAAba0mHgBg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 3CA7
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1021 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Apr 2021 20:21:58 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Sat, 24 Apr 2021 20:21:58 GMT
server
nginx/1.18.0
content-length
76
getuid
secure.adnxs.com/ Frame 3CA7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ix
ad4m.at/ad/sim/ Frame 3CA7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 3CA7 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YIR95p7F5nMVRqmmgC6lrAAA%261182?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:58 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2564
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Apr 2021 21:04:42 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame CA94
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YIR95p7F5nMVRqmmgC6lrgAABLoAAAIB
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEKGuczK4rwtrEPZKpFOfehs&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEKGuczK4rwtrEPZKpFOfehs&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Sat, 24 Apr 2021 20:21:58 GMT

Redirect headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:58 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESEKGuczK4rwtrEPZKpFOfehs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame CA94 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=70&cm_user_id=YIR95p7F5nMVRqmmgC6lrgAA&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.88.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-241-88-205.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 24 Apr 2021 20:21:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame CA94
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIR95p7F5nMVRqmmgC6lrgAABLoAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIR95p7F5nMVRqmmgC6lrgAABLoAAAIB&dcc=t
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIR95p7F5nMVRqmmgC6lrgAABLoAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.232.32 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:58 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:58 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YIR95p7F5nMVRqmmgC6lrgAABLoAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame CA94
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YIR95p7F5nMVRqmmgC6lrgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOgna64ok2zUuLGC0ryceEM&google_cver=1
0
0
crum
dsum-sec.casalemedia.com/ Frame CA94
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0626220400620762df1992fd&expiration=[EXPIRATION]&gdpr=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0626220400620762df1992fd&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Apr 2021 20:21:58 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0626220400620762df1992fd&expiration=[EXPIRATION]&gdpr=1
Date
Sat, 24 Apr 2021 20:21:58 GMT
Access-Control-Allow-Credentials
true
X-Powered-By
Express
Content-Length
0
Vary
Origin
113
match.deepintent.com/usersync/ Frame CA94 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:58 GMT
content-length
0
server
b
YIR95p7F5nMVRqmmgC6lrgAABLoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame CA94
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YIR95p7F5nMVRqmmgC6lrgAABLoAAAIB
  • https://pr-bh.ybp.yahoo.com/sync/casale/YIR95p7F5nMVRqmmgC6lrgAABLoAAAIB
43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YIR95p7F5nMVRqmmgC6lrgAABLoAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Apr 2021 20:21:58 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Sat, 24 Apr 2021 20:21:58 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://pr-bh.ybp.yahoo.com/sync/casale/YIR95p7F5nMVRqmmgC6lrgAABLoAAAIB
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame CA94
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=9A9F10FE157E46E693EE78BF22BC94CC&gdpr=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=9A9F10FE157E46E693EE78BF22BC94CC&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 24 Apr 2021 20:21:58 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Apr 2021 20:21:58 GMT

Redirect headers

date
Sat, 24 Apr 2021 20:21:58 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=9A9F10FE157E46E693EE78BF22BC94CC&gdpr=1
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
154
expires
Fri, 23 Apr 2021 20:21:58 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame CA94 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YIR95p7F5nMVRqmmgC6lrgAA%261210?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=&d=https://perezhilton.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sat, 24 Apr 2021 20:21:58 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2564
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Sat, 24 Apr 2021 21:04:42 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 162F 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s.w.org
URL
https://s.w.org/images/core/emoji/13.0.0/svg/1f48e.svg
Domain
s.w.org
URL
https://s.w.org/images/core/emoji/13.0.0/svg/1f389.svg
Domain
s.w.org
URL
https://s.w.org/images/core/emoji/13.0.0/svg/1f4f8.svg
Domain
api.britepool.com
URL
https://api.britepool.com/v1/britepool/id
Domain
api.britepool.com
URL
https://api.britepool.com/v1/britepool/id
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=1258
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=628878&adId=2416044&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295694023
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=631525&adId=2449017&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295694023
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=631526&adId=2449018&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295694025
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736552&adId=3041581&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295694025
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736549&adId=3041568&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295694026
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=726169&adId=2997080&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295694026
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736550&adId=3041578&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295694027
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=726169&adId=2997080&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295694028
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736548&adId=3041576&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295694028
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=736551&adId=3041580&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295694028
Domain
vid.pubmatic.com
URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156758&siteId=648081&adId=2550780&vadFmt=2&vminl=1&vmaxl=60&vh=300&vw=400&placement=1&vtype=1&vpos=1&vplay=2&vskip=0&vcom=0&vfmt=1+5+6+7&sec=1&gdpr=1&gdpr_consent=&schain=1.0,1!spotim.market,sp_6oLVLzgr,1,,,&kadpageurl=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&cbb=9295694029
Domain
prebid-us.creativecdn.com
URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Domain
spot-im-d.openx.net
URL
https://spot-im-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d6095007-fa58-4e23-ac6c-058df1766a01%2Cd6095007-fa58-4e23-ac6c-058df1766a01%2Cd6095007-fa58-4e23-ac6c-058df1766a01%2Cd6095007-fa58-4e23-ac6c-058df1766a01&nocache=1619295694880&pubcid=ce396109-2470-4d8a-8c88-dfd45f7f2a8f&schain=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&aus=300x250%2C336x280%2C320x250%7C300x250%2C336x280%2C320x250%7C300x250%2C336x280%2C320x250%7C300x250%2C336x280%2C320x250&divIds=div-gpt-ad-1588781147706-0%2Cdiv-gpt-ad-1588781147706-0%2Cdiv-gpt-ad-1588781147706-0%2Cdiv-gpt-ad-1588781147706-0&auid=540934835%2C541046290%2C541192057%2C543856208
Domain
ice.360yield.com
URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%225139980de1c9b4e%22%2C%22version%22%3A%227.3.0-JS-6.4.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adtelligent.com%22%2C%22sid%22%3A%22270443%22%2C%22hp%22%3A1%7D%5D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ce396109-2470-4d8a-8c88-dfd45f7f2a8f%22%2C%22atype%22%3A1%7D%5D%7D%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221317bfe8349381f%22%2C%22currency%22%3A%22USD%22%2C%22pid%22%3A22348073%2C%22tid%22%3A%22d6095007-fa58-4e23-ac6c-058df1766a01%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Domain
onetag-sys.com
URL
https://onetag-sys.com/prebid-request
Domain
ice.360yield.com
URL
https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22secure%22%3A1%2C%22id%22%3A%2215cb6390d25aa67%22%2C%22version%22%3A%226.1.0-JS-6.3.0%22%2C%22referrer%22%3A%22https%3A%2F%2Fp.delivercdn.com%2Fprebidlink%2F18741%2Fj.html%3Fi%3D6864%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221483be567d3dbe%22%2C%22currency%22%3A%22USD%22%2C%22pid%22%3A22296314%2C%22tid%22%3A%221321f0c495117a3%22%2C%22banner%22%3A%7B%7D%7D%5D%7D%7D
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=6154775849588494842
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=204&userId=b8512af5-b7bd-4f8e-b480-6fafde8685e2
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=null
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=11&_fw_gdpr=0&_fw_gdpr_consent=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
Domain
s2s.aniview.com
URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=b1724564a47313a4b62675d22ca93740_172315966&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1619295693899-998406242191-020775-010-000380&AV_CDIM1=sp_6oLVLzgr&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&AV_CDIM4=7e9d72b5-de3f-4044-b3d6-15dc38522119&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=5&pce=1&npx=1&AV_DETDOMAIN=perezhilton.com&AV_DADPOS=3&v=6.1.1.243&avtoken=693515&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=9295706565&tgt=0&
Domain
s2s.aniview.com
URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=57fa6ee2c3343cfcb8fdaff4673889fd_1723156154&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1619295709036-931268756191-020981-013-006104&AV_CDIM1=sp_6oLVLzgr&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&AV_CDIM4=7e9d72b5-de3f-4044-b3d6-15dc38522119&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=5&pce=1&npx=1&AV_DETDOMAIN=perezhilton.com&AV_DADPOS=3&v=6.1.1.243&avtoken=693515&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=9295709776&tgt=0&
Domain
s2s.aniview.com
URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=57fa6ee2c3343cfcb8fdaff4673889fd_1723156154&wpm=&ssrtb=&pbjs=&AV_C_USER_ID=1619295709036-931268756191-020981-013-006104&AV_CDIM1=sp_6oLVLzgr&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_6oLVLzgr%2C1%2C%2C%2C&AV_CDIM4=7e9d72b5-de3f-4044-b3d6-15dc38522119&AV_CDIM5=Jrd1t2B3sW9QvjgH0fR2vw%3D%3D&AV_CDIM6=true&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fperezhilton.com%2Fsalon-owner-charged-clients-contract-hiv-vampire-facials%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=5f327ef5712b6a63ae7736e5&format=json&tgt=0&AV_SUBID=&AV_ABT=5&pce=1&npx=1&AV_DETDOMAIN=perezhilton.com&AV_DADPOS=3&v=6.1.1.243&avtoken=693515&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=9295711478&tgt=0&
Domain
usr.undertone.com
URL
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=484300030681540270
Domain
usr.undertone.com
URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=a6b4f366-90a8-44cf-8936-90e469cdbc7f
Domain
usr.undertone.com
URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-MBpOm8pE2uEftgOq9D4vs8eqncxE9H3X~A~UPb82a0651-a53a-11eb-8cd5-06f3176763d2
Domain
usr.undertone.com
URL
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=90e1a64a-ee12-4e34-854a-f98690a6ec4e&ttl=1621887718
Domain
usr.undertone.com
URL
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=4833eb2c9129ecd367b6d898f4e993ee4d3e2d36
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOgna64ok2zUuLGC0ryceEM&google_cver=1
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776

Verdicts & Comments Add Verdict or Comment

271 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| ntv object| ntvConfig object| _wpemojiSettings undefined| $ function| jQuery function| __tcfapi function| __uspapi undefined| nQuery number| ntvLoadStart object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus number| startTime object| paGlobal function| callUnitMan function| documentInitOneSignal object| OneSignal function| gtag object| dataLayer object| _0x1ae8 function| _0x4230 function| RhScanner object| google_tag_manager object| _qevents object| twemoji object| wp string| sbiajaxurl object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| sprintf function| vsprintf undefined| _ function| lodash object| wpcf7 function| _typeof function| loadSpotim object| bootstrap object| jQuery112406921374342898512 function| checkMobile function| mobileAndTabletcheck boolean| isMobile boolean| isTablet boolean| isDevice object| adUnits object| kioskedScript object| googletag object| pbjs object| PWT boolean| gptRan function| loadGPT string| desktopBodySlotName string| mobileBodySlotName string| desktopLeaderboardSlotName string| mobileLeaderboardSlotName string| desktopContentSlotName string| desktopFooterSlotName string| mobileFooterSlotName string| rightRailSticky string| rightRail string| desktopClickDetailsSlotName string| mobileClickDetailsSlotName string| mobileGalleryBellowImageSlotName object| desktop_content_sizes object| leaderboard_sizes object| right_rail_sizes object| rectangle_body_sizes object| footer_sizes object| desktop_gallery_sizes object| mobile_leaderboard_sizes object| mobile_right_rail_sizes object| mobile_rectangle_body_sizes object| mobile_footer_sizes object| mobile_gallery_sizes object| mobile_gallery_below_image_sizes object| slots number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT number| adsOffset object| prop2map function| initAdserver object| AdsManager function| generateSlot function| refreshBid function| refreshAnchor function| checkIncontentPlaceholders function| getButtonSpotAd function| getHomePostSpotAd function| getGalleryPostSpotAd function| generateAnchor function| generateSideSpotHolders function| injectFirstRightRailSpotAD function| injectFirstButtonSpotAD function| injectGalleryIncontentAD function| getRightRailSpotAD number| __ITGS_started object| anchorSlot object| addComment object| lazySizesConfig object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| wpcf7_recaptcha object| alm_localize object| ajax_load_more_vars object| ajaxloadmore function| almInit function| almUpdateCurrentPage function| almGetParentContainer function| almGetObj function| almTriggerClick object| sb_instagram_js_options boolean| sbi_js_exists function| sbi_init function| animateCheck object| sbi number| sbiWindowWidth number| sbi_photo_width_manual object| pa_pbjs_fw object| SocialCanvas object| socialCanvas object| __OW_CONFIG__ object| webpackChunk_spotim_launcher string| OW_AD_UNIT_TYPE object| __OPEN_WEB__ string| __SPOTIM_PAGE_VIEW_ID__ object| __SPOTIM__ object| webpackChunkads object| process boolean| __OW_STANDALONE_SCRIPT_RUN__ object| __OW_ASYNC_CALL_POST_IDS__ object| lazySizes object| _oneSignalInitOptions boolean| mgCanLoad1017368 boolean| mgFallback1017368 boolean| mgShortWidget1017368 boolean| mgUseConvertedCode1017368 string| mgRootId1017368 object| div1017368 string| rootDiv1017368 string| mgPreloadId1017368 object| _mgIntExchangeNews object| MarketGidInfC1017368 function| MarketGidCContextBlock1017368 function| MarketGidCMainBlock1017368 function| MarketGidCInternalExchangeBlock1017368 function| MarketGidCColorBlock1017368 function| MarketGidCRejectBlock1017368 function| MarketGidCCriteoBlock1017368 function| MarketGidCAmpRenderBlock1017368 function| MarketGidCInternalExchangeLoggerBlock1017368 function| MarketGidCObserverBlock1017368 function| MarketGidCSendDimensionsBlock1017368 function| MarketGidCAntifraudBlock1017368 function| MarketGidCAntifraudStatisticsBlock1017368 function| MarketGidCRtbBlock1017368 function| MarketGidCExternalCountersBlock1017368 function| MarketGidCYandexTurboBlock1017368 function| MarketGidCContentPreviewBlock1017368 function| MarketGidCCountersBlock1017368 function| MarketGidCGradientBlock1017368 function| MarketGidCResponsiveBlock1017368 object| onClickExcludes function| mgReject1017368 function| mgLoadAds1017368_10362 function| MarketGidCReject1017368 function| MarketGidLoadGoods1017368_10362 function| mgReject1017383 function| mgLoadAds1017383_10362 function| MarketGidCReject1017383 function| MarketGidLoadGoods1017383_10362 boolean| mg_loaded_645207_1017368 function| quantserve function| __qc object| ezt object| _qoptions function| qtrack function| __tcfapiui object| com object| STREAM_CONFIGS string| STREAM_ID string| __EXCO_INTEGRATION_TYPE function| _avcp object| pbStream string| pbPageIdentifier object| __EXCO object| recaptcha object| closure_lm_578335 string| _mgCanonicalUri boolean| _mgPageView645207 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| google_tag_data object| gaGlobal string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| __s object| instgrm function| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| OWT object| gaplugins object| gaData function| LoadCriteoAllPlaces1017368_10362 boolean| i.js.loaded boolean| i-noref.js.loaded object| _comscore object| ggeac object| google_js_reporting_queue function| pbjsChunk object| __OW_AD_OPS_CONFIG__ object| __connect string| $$SPOTIM_VID$$ string| $$SPOTIM_BID$$ function| __SPOTIM_DISABLE_ADS__ object| SPOTIM function| owActionQueue function| udm_ object| ns_p object| COMSCORE function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing string| pubcidCookie object| scCGSHMRCache function| avPlayer object| storageAni

64 Cookies

Domain/Path Name / Value
.eqads.com/ Name: EQUser
Value: UID=8839d2a1-80e6-414f-8156-e510cfea95cb
.adnxs.com/ Name: uuid2
Value: 7962826482425836735
.spotim.market/ Name: vmuid
Value: 5a23202fd25b6c5a
.spotim.market/ Name: a271858
Value: 8181359259227230873
.casalemedia.com/ Name: CMRUM3
Value: 8260847dd12760AAETRk7BCPwAACnK6UvnwA&c360847dd22760av-9e1343fc-62ee-4bb9-8592-d354b986fee1&ce60847dd105a00&da60847dd027600&0560847dd105a0&bf60847dd105a0&2860847dd227608839d2a1-80e6-414f-8156-e510cfea95cb&f160847dd005a0&2760847dd00b40&e660847dd027600&2e60847dd105a0&4960847dd105a00&0d60847dd1276006262204001249a0f46a217b&ef60847dd005a00&2d60847dd02760CAESEIRxqTH6mkNA-eUDRFidb14
.casalemedia.com/ Name: CMST
Value: YIR90GCEfdIA
.casalemedia.com/ Name: CMPS
Value: 1119
sync.aniview.com/ Name: 2_C_42
Value: YIR90X.t.YufiQktn5vrKwAA&1160
.aniview.com/ Name: 2_C_42
Value: YIR90X.t.YufiQktn5vrKwAA&1160
.casalemedia.com/ Name: CMID
Value: YIR90X.t.YufiQktn5vrKwAA
.rubiconproject.com/ Name: ses16
Value: 163630^1
sync.aniview.com/ Name: 2_C_2
Value: a9cf5301-a53a-11eb-8086-191344880506
.aniview.com/ Name: 2_C_2
Value: a9cf5301-a53a-11eb-8086-191344880506
.aniview.com/ Name: 2_C_55
Value: 7962826482425836735
.pubmatic.com/ Name: KRTBCOOKIE_1074
Value: 22956-e_2ea32158-1114-4ddf-92ea-a9a7601d826c
.adtelligent.com/ Name: vmuid
Value: 0aa77e58ed31363a
.rubiconproject.com/ Name: vis16
Value: 163630^1
.casalemedia.com/ Name: CMPRO
Value: 1160
.rubiconproject.com/ Name: vis15
Value: 163630^1
.rubiconproject.com/ Name: khaos
Value: KNW6UJAL-11-HL5L
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-b8512af5-b7bd-4f8e-b480-6fafde8685e2
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-5cec51e5-52d2-4cfe-9bc9-89ab01ba53e3-003&KRTB&17107-RX-5cec51e5-52d2-4cfe-9bc9-89ab01ba53e3-003
.perezhilton.com/ Name: _pubcid
Value: ce396109-2470-4d8a-8c88-dfd45f7f2a8f
.pubmatic.com/ Name: PugT
Value: 1619295701
perezhilton.com/ Name: _lr_retry_request
Value: true
.pubmatic.com/ Name: SPugT
Value: 1619295700
.perezhilton.com/ Name: spotim_visitId
Value: {%22visitId%22:%22f3b63069-5cb4-42b8-bdcd-a7863d41cf6a%22%2C%22creationDate%22:%222021-04-24T20:21:33.360Z%22%2C%22duration%22:0}
.rubiconproject.com/ Name: audit
Value: 1|0o8zzNO5o4Ys5l2aqy5YVyZK9RXPCPzu6HEGQ/wqHBtzTLYi6rbGCJloHh0M9Fn+cpj76PKZXj+oQRmqZ/LPod/LAaxiSsiA
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-363877213540098050&KRTB&23263-363877213540098050
.rubiconproject.com/ Name: ses15
Value:
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:21676084-7dd0-4600-846a-ede0a2f43f77&KRTB&16736-uid:21676084-7dd0-4600-846a-ede0a2f43f77&KRTB&23019-uid:21676084-7dd0-4600-846a-ede0a2f43f77&KRTB&23114-uid:21676084-7dd0-4600-846a-ede0a2f43f77
.rubiconproject.com/ Name: rsid
Value: 1|AIfsdBUH+v3fWCPuzNowDE/csJlhOqmt0HZRUZWfOgx0qIf5NGr8QsKaCrTlkuPKR3OktVOpDwv9SSiUXyP4Wwn1rWxbuVEZ+xAvac7RQXIhpnWsD89eNbX7JKS3dwHNbrrxlA==
perezhilton.com/ Name: cto_bidid
Value: R5NmCV9KclRva0dxWSUyRlRDVHZXZ2RNbVlVem5IM2NPOTE3eDdxRWZVMUVzaHpJbCUyQmdORDFWd1hXVnQlMkJ5bXA0dVNIcjBZT1QxNyUyRjFOaDBIbyUyQk9FTkdMdlJyTlElM0QlM0Q
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEBNf17irN2OSnP32JKsQPes&KRTB&22987-CAESEBNf17irN2OSnP32JKsQPes&KRTB&23025-CAESEBNf17irN2OSnP32JKsQPes
.pubmatic.com/ Name: PMDTSHR
Value: cat:
perezhilton.com/ Name: cto_bundle
Value: c2g-e19GbGQ4MEJEOTBrTGg2YSUyRnZ2azk0JTJGN1plQW5sWiUyRnJaU1c4a05uJTJCd2VqSVhNbjlDM29zWVhLdXdtdk5zRFZ4NUlJJTJGd0Z0blIyeWdPbXFKNjVncWtlV2xyWFZVVGt1WHFKVExQUHBpWWNOdjVCZTlQb1N6YmhscEFTRGpXNVd6WjY
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-PuCRtT-0yuUlsZG1POiEsWnhkbgl6Zm4MOX23k_8&KRTB&19420-PuCRtT-0yuUlsZG1POiEsWnhkbgl6Zm4MOX23k_8&KRTB&22979-PuCRtT-0yuUlsZG1POiEsWnhkbgl6Zm4MOX23k_8
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-6954822044008904848
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-de95517e-4e1b-49ba-8eef-27359a05f9a3&KRTB&22918-de95517e-4e1b-49ba-8eef-27359a05f9a3&KRTB&23031-de95517e-4e1b-49ba-8eef-27359a05f9a3
.pubmatic.com/ Name: PUBMDCID
Value: 3
.taboola.com/ Name: t_gid
Value: 3764d166-5f4d-4127-811a-b85ca6f4d682-tuct77e034e
.pubmatic.com/ Name: DPSync3
Value: 1620432000%3A201_227_226_221
.pubmatic.com/ Name: SyncRTB3
Value: 1619827200%3A223_2_15_67%7C1621814400%3A203%7C1620518400%3A35%7C1620432000%3A161_99_230_204_189_222_7_71_22_88_56_8_166_55_13_54_165_176_3_81_231_220_21%7C1620086400%3A63
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.tribalfusion.com/ Name: ANON_ID
Value: annvfMoZdUQcR2Hp9vbgjortqyIsZbtOgGGv0rAx8DsujGZaL0sZbc2dqKm6eIk5CqNM3cdZdIBDUbp5tf4H4Zc5j5obrZaSmhZcZaYUAZcxqrFnYuZbKODFwxgCM9H
perezhilton.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22de95517e-4e1b-49ba-8eef-27359a05f9a3%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-03-24T20%3A21%3A39%22%7D
perezhilton.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
perezhilton.com/ Name: _lr_env_src_ats
Value: false
sync.aniview.com/ Name: 2_C_55
Value: 7962826482425836735
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3930141244502956213
perezhilton.com/ Name: freewheel-detected-bandwidth
Value: 556
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7962826482425836735
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 22978-YIR9zgAAby6y9wAC&KRTB&23194-YIR9zgAAby6y9wAC&KRTB&23209-YIR9zgAAby6y9wAC&KRTB&23244-YIR9zgAAby6y9wAC
.aniview.com/ Name: aniC
Value: 1619295693899-998406242191-020775-010-000380
.adtelligent.com/ Name: a309017
Value: no-consent
.adnxs.com/ Name: icu
Value: ChgI4axaEAoYASABKAEwzvuRhAY4AUABSAEQzvuRhAYYAA..
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-Y9EkSGPhVbZw0GjeEow0Wsml
.pubmatic.com/ Name: pp
Value: 156758
.spotim.market/ Name: a281178
Value: 15A37826-A991-4168-A89E-1E36D7193DE7
.spotim.market/ Name: a301276
Value: a8f8351e-a53a-11eb-bfb6-132476d60406
.perezhilton.com/ Name: __cfduid
Value: dc89e2eaadd470747276b756776b75c5d1619295693
.ads.pubmatic.com/ Name: repi
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 15A37826-A991-4168-A89E-1E36D7193DE7

278 Console Messages

Source Level URL
Text
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://launcher.spot.im/spot/sp_6oLVLzgr(Line 4)
Message:
[OpenWeb Launcher] v2.53.3
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.5.3(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api info URL: https://mcd-sdk.playbuzz.com/embed/sdk.js?embedId=7bf0df57-3cb6-41b5-be24-76e9e5f90af4(Line 6)
Message:
[exco-log] - 4/24/2021, 10:21:31 PM: logger - enabled
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api warning URL: https://mcd-sdk.playbuzz.com/embed/sdk.js?embedId=7bf0df57-3cb6-41b5-be24-76e9e5f90af4(Line 6)
Message:
[exco-log] - 4/24/2021, 10:21:31 PM: geoLocation targeting was not met
console-api warning URL: https://ads.pubmatic.com/AdServer/js/pwt/159143/2782/pwt.js(Line 1)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api debug URL: https://jsc.mgid.com/a/d/aditude.io.perezhilton.com.1017368.js(Line 1)
Message:
[object HTMLImageElement]
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api warning URL: https://hb.brainlyads.com/prebid.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api error URL: https://widget.yappaapp.com/js/app.c6d113eb.js(Line 1)
Message:
Error: TypeError: Cannot read property '$gtag' of undefined Component: [object Object] Info: directive track-load bind hook
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api warning URL: https://player.spotim.market/prebidlink/449804/hb_270443_6798.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://powerad.ai/script.js?ver=0.9.4.1610619161(Line 1)
Message:
300
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData
console-api log URL: https://socialcanvas-cdn.kargo.com/js/rh.min.js(Line 2)
Message:
SC: No rhData

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
7e1d5.v.fwmrm.net
a.ad.gt
a.tribalfusion.com
a.volvelle.tech
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
ap.lijit.com
api-2-0.spot.im
api.britepool.com
api.rlcdn.com
as-sec.casalemedia.com
aud.pubmatic.com
audit-tcfv2.quantcast.mgr.consensu.org
aufp.io
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
cdn.mgid.com
cdn.onesignal.com
cdn.stickyadstv.com
cdn.undertone.com
cm.adgrx.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
comments.yappaapp.com
connect-metrics-collector.s-onetag.com
connect.facebook.net
creativecdn.com
d.adroll.com
d5p.de17a.com
di.rlcdn.com
direct-events-collector.spot.im
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
embed.yappaapp.com
eus.rubiconproject.com
events-collector.spot.im
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
get.s-onetag.com
ghb.adtelligent.com
go1.aniview.com
green.erne.co
gum.criteo.com
hb-api.omnitagjs.com
hb.brainlyads.com
hb.spotim.market
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i3.ytimg.com
ib.adnxs.com
ice.360yield.com
id5-sync.com
ids.ad.gt
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
jadserve.postrelease.com
js-sec.indexww.com
jsc.mgid.com
launcher.spot.im
market-dev.s-onetag.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
mcd-sdk.playbuzz.com
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
onetag-sys.com
p.ad.gt
p.delivercdn.com
p4dt2-x71s7.ads.tremorhub.com
perezhilton.com
pix.spot.im
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pixels.ad.gt
platform.instagram.com
player.adtelligent.com
player.aniview.com
player.spotim.market
pool.admedo.com
powerad.ai
pr-bh.ybp.yahoo.com
prd-collector-anon.ex.co
prebid-eu.creativecdn.com
prebid-us.creativecdn.com
publisher-assets.spot.im
pubmatic-match.dotomi.com
px.britepool.com
quantcast.mgr.consensu.org
report.hb.brainlyads.com
reporting.powerad.ai
rtb-csync.smartadserver.com
rtb.gumgum.com
rules.quantcount.com
rumcdn.geoedge.be
s-img.mgid.com
s.adtelligent.com
s.amazon-adsystem.com
s.ntv.io
s.tribalfusion.com
s.w.org
s2s.aniview.com
sb.scorecardresearch.com
scontent-sjc3-1.cdninstagram.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
servicer.mgid.com
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
socialcanvas-cdn.kargo.com
spot-im-d.openx.net
ssum-sec.casalemedia.com
ssum.casalemedia.com
static-cdn.spot.im
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.adtelligent.com
sync.aniview.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.spotim.market
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
test.quantcast.mgr.consensu.org
thrtle.com
token.rubiconproject.com
track1.aniview.com
trc.taboola.com
trends.revcontent.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
usr.undertone.com
vid.pubmatic.com
visitor.fiftyt.com
vop.sundaysky.com
widget.yappaapp.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.instagram.com
x.bidswitch.net
ads.stickyadstv.com
api.britepool.com
api.rlcdn.com
dsum-sec.casalemedia.com
ice.360yield.com
onetag-sys.com
pixel.rubiconproject.com
prebid-us.creativecdn.com
s.w.org
s2s.aniview.com
spot-im-d.openx.net
usr.undertone.com
vid.pubmatic.com
104.121.175.131
104.16.199.73
104.19.132.78
104.19.133.78
104.19.216.61
104.26.0.93
13.224.103.105
13.224.95.101
13.224.95.112
13.224.95.46
142.250.185.66
142.250.186.66
151.101.114.49
151.101.194.132
154.57.158.51
159.253.128.183
159.65.196.12
169.197.150.7
178.162.133.149
178.250.2.131
178.250.2.146
178.250.2.151
18.156.0.31
18.211.226.152
185.183.112.155
185.184.8.30
185.255.84.150
185.29.133.52
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.249
185.64.190.75
185.64.190.80
185.86.138.114
185.94.180.123
185.94.180.125
198.148.27.139
199.232.137.44
2.18.232.130
2.18.233.180
2.18.234.163
2.18.234.21
2.18.234.233
2001:4de0:ac19::1:b:3b
2001:678:cb4:bbbb::11
213.155.156.181
213.174.135.1
213.174.135.2
213.19.147.44
213.19.147.45
213.19.162.51
216.52.2.48
23.20.158.212
23.218.215.69
23.227.137.155
23.55.110.49
23.55.110.60
23.55.110.65
23.55.110.77
2600:1f18:612b:4232:d4f4:6ee9:b45e:a058
2600:9000:2021:4a00:9:46dc:4700:93a1
2600:9000:206f:8200:4:b37b:9440:93a1
2600:9000:211e:7200:1d:76ee:780:93a1
2600:9000:215d:600:6:44e3:f8c0:93a1
2600:9000:215d:6e00:3:a4cd:8380:93a1
2600:9000:2190:7c00:13:6a46:aa00:93a1
2600:9000:2190:a00:1f:2473:9080:93a1
2600:9000:2190:f400:1f:df94:f9c0:93a1
2606:4700:10::ac43:db6
2606:4700:20::681a:ad1
2606:4700::6812:c05
2606:4700::6812:e234
2606:4700:e0::ac40:6113
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:800::2002
2a00:1450:4001:803::200a
2a00:1450:4001:808::2003
2a00:1450:4001:808::2004
2a00:1450:4001:808::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200e
2a00:1450:400c:c00::9c
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:6c00:2ab::2c79
2a02:26f0:6c00::210:ba20
2a02:fa8:8806:12::1370
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:2880:f21c:81c4:face:b00c:0:43fe
2a03:2880:f21c:81e5:face:b00c:0:4420
2a03:2880:f231:c5:face:b00c:0:43fe
2a0c:5c81:5095:0:225:90ff:fefa:245d
2a0c:5c81:5142::2
3.121.66.166
3.126.63.176
3.208.68.46
3.215.247.12
3.219.93.236
3.226.75.51
3.64.111.42
34.192.164.183
34.236.212.156
34.236.214.42
34.241.88.205
34.251.173.19
34.252.219.109
34.252.219.156
34.98.107.212
34.98.64.218
35.157.246.167
35.174.102.7
35.201.96.126
35.210.178.101
35.210.53.219
35.241.40.233
35.244.174.68
37.157.6.241
37.252.172.250
50.112.180.98
51.89.21.30
52.212.126.234
52.24.36.224
52.33.73.108
52.39.230.13
52.49.40.147
52.70.33.53
52.73.31.234
52.86.201.23
52.94.232.32
54.204.142.198
54.205.191.176
54.234.151.247
54.67.80.248
54.70.166.124
54.76.54.153
54.88.209.254
62.149.0.72
63.35.200.21
65.9.66.128
65.9.66.22
65.9.66.5
66.155.71.150
69.173.144.165
72.251.241.204
75.2.13.80
77.243.60.138
85.114.159.93
87.98.128.108
99.83.181.31
00fd0ec42b432ab5d108b9d657f40db1dfe67269183afb550cbbbceb87e91165
0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
02a424cb2c550f1ed13acbd4c8c3d9bf1114ae6ed898cfd88d156d50469161f6
033115708840b062c186f706870c253c95c338e198778469b8fa6a48f8452b83
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
079a9889dab480cf942f1a7774b3de2821f382ed22eedf4104c9e1ea789df7d6
08f292eb5c5e04d849233aaaa81692af8cd61e16844b3c5ecb474979f558be99
0907d46a39b94a6e1e80fa5b0232d26df3e4bd36ad2ffe9d51bdc21e043b84f5
0980e79a78ec3f2b191634446343f73aa42cc64d9264d044e9b940a14795c1d8
0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f494fe4148f543b50fe7487c998b3853c5faf927bb67006d915d356a3ec154f
101412a2a4164836f6a2ab21e918022aaf23bb44b9a4e1eb4ef56962ca8bc5c5
108f1e05d8142239699ac64b0cff538b45269d6cc0c0d27c24311ba57c67f39f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
119855bc3d46cf7748d685a36588d9bafaa044a0de58a4edde6af50cea1975b0
1299ce67397a707e7293ce99272f03b906402a6e5471f7ebc00c190f66a054af
12f75943ae70e85f454fddd6bfeecca5e1c12cd54f3f5fa7cef56bfc5576ae23
13d8635469724c9fe211aff6945630942c13f181fbe05ddf6e97e991b2972148
1550346cc4acb90924ac38fd0a7157a20e8750c2df0fa0cfab411980c9bc1cfe
181354b74660b46765c2d185f35284c278b5780dfacbd3f80d2e3a28eae15575
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
188d8ca04205f71d0a2a9c46ca272f208f196aaca656330f20057913bbf8b351
19b189704d2c4dc6a0b6889eca5c676e1af451db42932589c178e2cddb7bcfe6
1b460840487c7419340c409f5d2e230e5f36d965a061754bd2402b7e4068962c
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
1fb754cec74956af6531826d6f73a28e8bb2049d3bb3913c524e4d7583b0435c
20a4511b44d65c98c5986afbe05b1858252bfb71f2f33f71636da9cc20c376e1
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
21d46bb0a238b8c1b0ab5ea12b5fa6cab58b90e30ca08727321e1e40e2970046
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
2408bf89259349f212995f3d934008346ed92755c380b3a0797012a91b3e4825
26f87df80e0735b6d6b169750f0ee403336c537cbc7a51888cb9d449434cb4b8
2717481d28d98b22e3277c45a2a0529b5044aef42d8f262ca7e11e73240c563d
284401fd9cc6074e6211119acdfbb4abb56b1d4c0be4323ccce1d6f6da7642ea
285562482b285543a054dd848bb8bc65a483c0b92d170326e8a2cf90e9aaca96
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2a2ded9b27d20ea56a79296399cbd5113cd16cd10963914109e08d7c4a41357b
2ac05781d1a4eec5d40e9b668ee97489a3c6adc8104e4f7610ce2f07b02cb2e7
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b4433080e08fd0c65ef4b5cb80a82993bbbb4a3b1739e84d983278623a675c5
2c01eb02b169c34320241d002edf0d09f06802afc629f8430e7fb430606d67c8
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e9b0f8da2df420bc5412002babc97c4873c7c36fbdc77336aca374168da6a33
2ed26ab620d322c4e357074c873c9ea466ca08291e3cff1d2a41669a5c6ac852
2f114e83d6444f6a83ff1e7ac807eeed1d25536ddb3f5a00e3ee8e7e12b6dfab
2f2308ca7578361acb19aa9ce4ffb39048721be560d3c48f1d6a87e95ce419fc
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
32b22a0afc0f838a0a79367705150f9ec0eb6e72b162601c5a3f4446ad44015b
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
344c68745ffbc884ce5dccfdb8a19b222d67821a2675edbc27672082a05da8f7
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
34c8605683819845adc21a52e806c6de16dec57f50afc9a57837901e86ff472f
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37f424eea05384463f70a2ecb799c322c916e2b9323653727f4cc5568c1b0742
382a0d99e04f15ea8202e5269d73585527cb39e33b3ca8b917ebaf674510f255
3b109f3bc0a79d117de72fe268a344a9d3a1d7491bd9e48008d99af135bc2d74
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3e35ce33f0bf35b7dc2569b494f27675b856043a57ecc024b11a0da5b1db3692
3e6643c0f263147cc6cfeeb25b7dbcec9c8146e811eed36173fd152e4fe4ba46
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed0bd9c375c3dd1f9c1140ac2a1370a8ee7a1be4fbd558e45a7a5ab6b2ca9d4
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
417f95806735296a54d76f9991d9ce1c3900d8390c261f1694e7818393920465
419830988aedbd0fcc510f3970ac19cf73076367a35e949f746a7d77e564fa4e
41db52d3e69af01a49963884b2acf2f12d6c0b418b254340bdd92951b7f3f8f9
41f93c728c1086753907e468ead88f3040144a7d8891517b9ce60d3be2076da1
42213451aa623fd3aece028309ec6a7297ba1c8ed5b321118a451d8c6cf836e0
431e29d65b6ceb09901b0f0e4d6bfbbe30f4bd1582861672c6d0a036c494ecdf
473ed2b3cc909e671ececf33b6f8a17c0762e996cc357fa4e71a2948a4ec8435
48661db8c04f212923d503b9cb4ecdedf0ece453b9206d5facd6fbc5b914e9e2
489df3ce919c9a27693901db9ebe4bdbf9236537cbbb979dd1063fca1a80291e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49ab37124dae250734256216e5f61e62eeab00c6ebbafa272f1b653bfb00c258
4b57916af1cef2a55be28cd3a66468f93f2bcec023bfbac9eb3a6d648ba42ff7
4bc5db545d1fb06cd87ec80cfc4c980defb107c53c86d5e552ae47b6385d6135
4c7856c0d39606a745670d4c03525f3644fe65304191be208516def923cc3762
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef414f947bc802bea88d18ae69ca7d56939d81d7df79a7266688a8e1c14b190
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fb52a08b6e1c28c24c5f22a7d88d5b865f4709e7c74d7813e8cb7cf9381f54b
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
53b9044b72b0ba7469f3b9b0e66e3b20f9aff5570607650f82a8802a47ca6d5f
53d498637d3729f9082115b547255e3741d328021543c3cc38814a1112a26901
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
554de259d6e2adf1ef030f6ef8ff9f8c227984299d83c6845cbe652bcf86fddc
55d39a852fd547eeeffe91cac325ff702d03a619445711ed33435cd5afff11dd
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
568d7b83659993469a2d729ad98daba3a7de2568f74d670d18ae618f118fe353
57375afac9a15dd9fa7fbab9070c5c2016da12da0b3c9265a5a66e162a0aaa18
5757b3abce5defba2b718a420cb3d9605eeb9447efdd516cc0b97f0d0f1f9e10
57a431c43675574d9936e370b8edcea09b70acb706f9bdcb39438ffc5cbee32d
587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42
59c35f54d601301c5ad4ac4d92d0d60f8c09e264cafe2e61a756c059889b6da9
5d77edb71e1031ff06541a7a2bd05cd3dbc3bfd5434711bae081fc06f8791558
5da1b7de6689ca5f3bd142b9810450d30f13ff29781ae85e91dc34603762d34c
5db990c6f9733c09e505ec960bad88b09de375bb7b42f36317f9471323e43c5c
5f24e5b8b2578ab1e9fd5345e93f0eaee37a41bbdc10b8d256a60e5dc9880705
5f5fb2c39d3ae84523a7a4be35ec82e19c6ad3cad21061a9862a5ab1f337a70c
5ff41594a7f85c5cd9a43524680a4eb4a5cb8e28962dd205ddece3be27768376
600ec3d9d6ff2fc313df1113be2ef0de4fb3b8427210caf399952024f629d70d
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
61800a93f719d316fb8f0e470a24581637cb974570a34711283491f959160aac
6200e714505710fd1d7ce9e238ca86ec8dee8dccb9034fe3f7781c93d8e62699
6308ef86450f6023333cc8e1fe264879259bd4466cb1ec473d99f8f91daf4ff6
64a14c1566ed5e882e60ea9d6e3722949c5767823cd23dc1244503991661dc27
6685a3a8df5bc7d0d40c2aa7f4ec191f804c3ab0ec5160acd486b826cddb4d35
671792033b9675a4d8ddbdfbb6b048da36b11b6d569c4f92ad3f785e71bba8de
6881530bd6ad594c51f17b893b3ec928af01cc14220a6f6efea9e978ee9a1d3b
6a2b7118a3b3b8aa99ba4aab0d85dffe414f2cc5158f18c6e5b4e6e99aad76fc
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e117e62294ab51b39d94b11d6bb24557f80399deb1068a862e6faf29386b406
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6ed3bf99ae6134fef15ec4bf563cb1306f9b081a6004e90ebbeff12fba640914
6f329805823e188a4dbe85292a20300632b1e72461f0c479f4df3932002fbb05
71582292b0a4bed150fb2e8c08f70177cf76cb21eefa7b25580cd5b28191aca2
72136bf5d5dcaedfb9d794fff0c46e257c648e06aa7e16948a1010635aa4e0c5
734b8a197f82abbdf3e01bdeec2191cf1f98ff6fdebffccb5458261ecf3fdb7d
73963ddaa02770bbc444f4227a5fa1f340111be366d6cdb2b627027f54720254
741932350156677164b36a1506347cfd558bc502310bd1d50e246d454c4c1131
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7471350afcb8b389430656e2c47c9a36e28cad4840c3146425db18ed7b8cd0d6
74c084085d11213e42caadfd5631fb4a65a03be8a7e4aa33fd75bf8bb22d670b
760d8bc5add660a53b93d7559e8f5a5814a855738c40ac19a66e93bdb85a80a5
768018e5440c8dfbac061f3a59ac4e8e30137985b9757bda62cd458f87ecd33d
788b1fcc66fdae97ec1507251d438d4d6617a77fbf032c48c9c5e303ffca11a6
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
7a3358479564a40c3dba8fb9515b767068bdc9fcc989763fc8ca8af4e7bbfe1f
7b1e4ccbca2876960b707f88e9fe78436b2980d0ab4a01c6ebe4da8e76ba4a77
7b4fe3ee149d29fe2436c1115242a7895e42514871aa8e75c872f1e4af7d2a48
7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b
7cb7125d4f8b01c27526687abb6d8a8e3b1d7e785b2d149947bde2397a89dc06
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7e053f8e39822131ea09a3b778c84da3c0babf9631cad49f7f09686d16c50c44
7e69af5a26a426149841dd795972043e9f664661eea37210093ab2ef2c91d74f
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fb37d1b22fd013fe1e0a9cfe2d7dc0371390a2f716923cf9f66595ed363f9d8
7fefc3c0b0ecf4b77d05fe57ead2543ae951e1506595d1331ff4c6012c31327d
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629
80aa9195c9a343a1e267504cdaada85509a1f1fac45ceb59f5bdd0e8c7d8b64a
81d97aaa54b8f2d06a92554ff37810c59846f1666b919909737bee86b265e621
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84ec4ee78c402655cf707e667f79ab728e2b5afb147c404a8444d25ba3fd4c2e
85e38c4d71d56942a70f3594fecfdf95d4383e0b6eb934dcddf9910f93294bfa
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
876b4c12685e991d88378c1b6dd3638fd2da0c88f3c24da1ada950c1f26604e1
87bc4dc7ce342f7e7e54b7a64ef8cac0ac4b15f58a2ca790a743590609692b95
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd4cf02e2cb11af6c97a26cd3ccc488955bfc5e617ed958dd7d7e74205059f1
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8eb3f8862f5adb64efccf61e5ee46b07daace9b12aae73b90b9e986a462046ef
9212424a62705ecdfd064df5e7f5cf802d5e4f6ef7b04c638095edfb80280c4d
9344e788387cbb6d6223cb215f5d2264f244e9716e68fc8a3311fc3d9783a511
941b16e73f9111eb5dd7c989554605705538e685793977d5cbfeeb345819bd97
9521d40a2fd9860f1e622f9d698054ef4a76dbf037751a705bafe3955c288c61
95607382e380f946456b9d56cc03bc61946bedf84d4f139d7612f3d03f7791a6
95841505fea82c17283f57dc52aa753016203a07dd00c8a70d2e5a180ac9eb71
95d4e4c0c114d0c12976f06d0b19d828c6970deadaea2e5933bdcb1e7db73dec
96f2914828a8a83dea9e0715638208634ef3e1a04a94a1fc6b31af9968923bb3
9890b523125c63685ab6e157e022072740363afb75a023b694cec0b986a25481
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c1fb517a7c5806a46cdb0f90203fe27a007da23d6c5f488a09079b2c1007e56
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9e5a3984c873d9f7009795b85f0d9bfa38e8f9dddc2309d83556aea4d7ee41a0
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a038ae2dc667c2b3d7964626a2289136579dec16c427521ed36247fb623f8c2d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a16df2f75e04129b12a5fde7311c7ea9131418080fd3f6bcb2b28ce1faa2fe8e
a1a16a47700ca3491e948b4e70b0269c2f7569b803ef695d1aa1aa7b09b7de6d
a2026a55ec0a210fe2ead2f13042ffc4b31f9fa3f0484dfef89794781e2ae281
a22e9aa5f3fa5d68162414b9d87a215b1f66d4aaeffca6cb164cade10ddc8088
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2aca9aa200ad3e4dd9afcd27fd2bd5b272a5d297e9f85d708394857ca6a1ffe
a49bde1f3cceeba945b158d948d06aa73d78610f7df9be86826189b70ab88b41
a58c64448de39e2e419b445deef9c0dd77f8666f4d3a21ab684018c479ff6bf6
a5a7ec40d58b775fb55ed71b21e3977da65ca762f046e77a20c2519a8fff6044
a6556a0c9c3ac0c11bbb8bef5111de00541e663bb265aa1e35efb3d9a64d5f8c
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a82da0be9681c637c1ebbbf88ab32217b8f3360442d86d04f014ad0b94cf214e
a8b8ee8b41af609ef848e4bf3ac2bb60c5d5bb38a51dc4a50ccda18ebda85f3b
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aaeb50dcee135e1482123e90081fc348ed7390ddb7718cbc9fcd441ddb6e8c01
ad309904b3882d0bc665ba54e6fc9a708e89a6155fdce036c73ab386c80086c1
adb7d542ec2bea4907ac7cc212204ff1a656de69f78206384d64228f40beb815
ae07da0b8bdaa74042237e5292bd98e9a7b4f6991843c1144757450b5573fd48
ae812456ad3be3b9dfb7b27fa55401db4f736c9fe00501394a7efe5950f96905
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b203d3cde3b7107c0b05bb619b82822bbbe3158aeea1e72c44317ef13b496614
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b5b714db37b15f12751494535f3b0010aa0bcaa9db892dafaba7ae356e86187c
b5c95244731527f9678a2c06919fe776517e7a1a80b47d1588cf155f5d6840ab
b67df89b4dacf0ff9a72382d4c985f11369433300f0ff01e8067b6860c7653de
b7956f221d4d7b6d72f0c44751149c81f7c23ab60db3c8ce0e8e223a427cbb88
b8931595f72b598e415adbf57cbc51a58e231304a143a9a582b6c998e2d2c0b9
bac5de7555bedf576123b753ea7bb6b68bd73821a6ab19da6a04aa9f6b1d6b82
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bd0843f621fe24f045c80a3a911b827e2708ea3a1b7a2b686c4e7e5bb21bd89c
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bd7273b05b95573a54d13c983b0e653e7135f57a3973ae050db6dfafb8405290
bde77ff89f04ed908fa58ea8d1963fef7a323389869f51877ff183ad9c7f1da6
be7e41cfec2ddce96746d4b81e823e7184a964ef5b0295f3d155c48d17d83661
c02c2290fc433842a4611ff9d6413845069bfffbefcef2b5a0041cf8d5fa65ad
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c307be905947f4a92b8b4538d7a3012c9515ae79461111899de9c9aa4399b42c
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
c3712ae004816457e7d6911e6cb928fd2632e0408c5bf82578f1b2f1ceb6cff2
c3b7882bfdedbd30012248e42038cd16f6e1facbba40f049e373c27aea828cf2
c46efdacd46e85f4180e2614b9db57754566d6a1bc8405e1fae96cc3e4576089
c89b8c809b8b77893dee599e8dbd0ecc9a3a6ef7107d9865bc20e5297c61f9f4
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cafc8cae6539b81401032b3b552b3a6199007bfd7b572b5c97dceeea4a614a51
cb12924bb9ade92ddedd2d1dcad96cd72cc3076d8e4d7f18e03ad85461f0169a
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ccff49c86ee1937dd371734a05307e1abc057b3c255587ed918e47b1cf728d93
ce364e88e708e5fb598f5bcecbe60e34d86dc8a3ab9f29a6ac56f5c264007b4c
cf35c9e8af47d8cd7233bebf1b785af16546782547f31501432cb7ad97d84714
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0417f1e44b9b12690110ac44fdc0741355788d22101b24119b97f8c8548ee1d
d0925ef070b190d0770bf1e7c0c3a27551f5ea7bc11133c3814fade0b506cb71
d0c668a87d9c7d81bdd971ca9196007607173987309dd1d2114b4a64c0761841
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d2ecd40a81ef0b38ac62fb8862755c327b38bbe48c3878d7be8aa606c681a695
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d39d78be44afa08675e7cc5d0bcf6b728d562c0560abf1cbca2b44b95dce883d
d5c6f858535943fab3f1389524b81a2fe25151d8e686a218c77f4b0d9b5e6905
d614cb3adedc9cf5ef2ba1e62ae283ec73bcb8c3c31f8355832f0e5b0cc70fed
d627c5efafdfa214ce32052d123ff17f341c5b5f9e21dad826ef0e791d004d29
d9f358ac96364691546b524828ca74d623ca8256c41f9231bb00c4aaf59bdaee
dd23ee2d447749cbbc982f7ee9cc9a88fbf70dd9a712324c8b1bdbea05209f0c
dd98fffd9c687ab74e9731fdb3c1dfbcc1e64af0526e3610e70e6b1817c98de3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de516f330c0084178fc78cd5e6d49cba306d8380428386b088b6805c512a1561
df151e22be1dd1d0b9c8e0748aafc86c9ad2b73a965fdb159040f517bbb6db9b
df15236d4098113e3479fc540a9bd1046ca6029f5508098e9c4245a0e12fab05
dfb523b8624fa3b74bdc0c51baf73322723476b487f1a5d4ec70abf36b3e1ece
dfd228cc8094a12ad7cbe3244fe657a3a1a42280c037b9ffc8dc7073ce342612
e0059e3064d1ed16b2ee630da2131245538958fd0bf4dcdf03febfd6aa976149
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4367181b34bca83228bcb6a00d4e9f3f0b48e5ee4399a10ed466cc49b36114d
e43ad82cd9be246ca0f3594e733d326c83177eb92422e185f9c38bdc4fa49b12
e47eca73d4f42cce27c15cbff1e6b28a6716616c71f893d912ae941b37460998
e4b86e254c20b49531c19b3385d027cf5ad8bbd3a41d6d9096d1456839e0cbb9
e52d1f207596e9bee7b2328c081fc57c63834f50c62ce93620c3223a08ec1735
e534c76d4161a751554b9b349e39cbdba64737c613c12e6d529db9ee76730774
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e644d8fb25b86534364c40e046b5f63762a5ae666241c01dd92010ebbd98517d
e6af39b00ab94a2ea6e6067365b0926e7b0f84ed2b328c480c2a6ec4c4b9c2c0
ea4297365b0987ae8ac6cdb3c4fb2f0f8a597ca186e9fd006cfa9da741edd51b
eb32633a40695a487dd80912b7d58b061aac6eee2bfcaa76ec7f36cf7749c635
eb56ff85fb747aed4f89be26055e6669d119f68165a52e441f4e670aad8d048d
eba32bc5ef70516ebba66efde63a169dc4696cd642ad06a7a2feabc2996963a7
ed8c9ed710b14cb20237ee17d9fe721bab7b78777b9bdcf9a5afb35e72245c70
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989
f305bdc4ea2f16f6f5638b0e923f96d8032a4739a5560cb57bacd8f111bb1b52
f4135ba686b3345c4914f7a00818f889136c81120d178de533e047b4ef6f7006
f41c890f1c175ce835d0b35eb643876e4029f7217ed1ac88806b96e546b84123
f42a056a4add83f94e3e9d0de6eeead41e267f3081de79d7cfd420a4d6db08f1
f552246407a4f8b34a08fc42783296a8579d8f934081a0086cf37d051f334d6d
f5591a4946b6102005f0c62e26072fa0754fb1dbb6ca37ca440bf01d1f6dd246
f7941b7836f0b2917a0a6b3f37bb37e536a69720ebbc69c58e97cdaa28b50453
f7f50ceea4dcad83eea61dff325d95f0b850b87d8624192f5a4e503dfef3ff3c
f94340d1c015947f41ef27d4eef0257f1a6c6237ad06844eaa6f36aba1946bf7
f9ad52075ac93876898c0b58553e3358ba5e275f7138b3855c0410290f2735c1
fba184ac4eea09117d0ba4f05d56761aec891c09c54c8cf0068206179cc286ce
fbe28a1b807c1e7e6c98e4c5900817dc26fe9ee04cd549d97c9cdb057003ab78
fd902dfd010088990a20dd6b6b0dffa68c30c5c0bc8749a35c268d0c1e62d426
fe9f2173c29efe3f59ded59efbb075fd5c90d0b7c28bdfb0cfd4654c4e675259
fecdc9b541566caa7ae7b0397b3b54523ac08ce1bfdafda57926cd14984de1a9
fedb323bbd9864b07e93f2dd3c9556733a9d1b883d7cd77cfb17eb131f7c47e9
ff4db9d8118d98c5cd4521fea3766b2907aad19ad1bc14b93e84e0e35bebcf99
ff5717ac6506d02b2893832837a4a7b6220ad138e1a41283b20d211517250869