urlscan.io logo urlscan.io
SecurityTrails logo

www.hawtcelebs.com Open in urlscan Pro
2a06:98c1:3121::7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.hawtcelebs.com/
Effective URL: https://www.hawtcelebs.com/
Submission: On February 25 via manual from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 71 IPs in 10 countries across 53 domains to perform 358 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hawtcelebs.com. The Cisco Umbrella rank of the primary domain is 144010.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 4th 2021. Valid for: a year.
This is the only time www.hawtcelebs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
28 2606:4700::68... 13335 (CLOUDFLAR...)
5 68.71.249.118 20093 (ZEROLAG)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
7 2.18.234.190 16625 (AKAMAI-AS)
4 2600:9000:215... 16509 (AMAZON-02)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
37 2a00:1450:400... 15169 (GOOGLE)
15 142.250.186.98 15169 (GOOGLE)
7 2606:4700::68... 13335 (CLOUDFLAR...)
13 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
3 213.202.235.10 24961 (MYLOC-AS ...)
29 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
5 2620:116:800d... 16509 (AMAZON-02)
2 2 185.33.221.14 29990 (ASN-APPNEX)
3 3 185.64.190.79 62713 (AS-PUBMATIC)
16 28 142.250.186.162 15169 (GOOGLE)
1 1 185.64.190.80 62713 (AS-PUBMATIC)
1 1 198.47.127.20 3257 (GTT-BACKB...)
1 150.136.26.45 31898 (ORACLE-BM...)
4 10 2.18.234.21 16625 (AKAMAI-AS)
3 6 185.33.221.90 29990 (ASN-APPNEX)
14 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:215... 16509 (AMAZON-02)
4 35.244.159.8 15169 (GOOGLE)
4 104.111.242.245 16625 (AKAMAI-AS)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638:1::11 44788 (ASN-CRITE...)
1 176.9.26.250 24940 (HETZNER-AS)
2 4 54.76.210.111 16509 (AMAZON-02)
6 142.250.184.194 15169 (GOOGLE)
1 52.210.115.176 16509 (AMAZON-02)
5 2a02:2638::3 44788 (ASN-CRITE...)
1 178.250.2.148 44788 (ASN-CRITE...)
1 4 78.46.111.106 24940 (HETZNER-AS)
2 4 2001:678:cb4:... 56396 (AMOBEE)
2 2 52.57.143.183 16509 (AMAZON-02)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 35.227.252.103 15169 (GOOGLE)
1 178.162.133.149 60781 (LEASEWEB-...)
1 185.86.137.107 201081 (SMARTADSE...)
2 2 18.156.0.31 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 178.250.2.135 44788 (ASN-CRITE...)
1 178.250.2.150 44788 (ASN-CRITE...)
6 2600:9000:215... 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 151.101.2.49 54113 (FASTLY)
1 1 3.230.16.129 14618 (AMAZON-AES)
1 1 81.222.128.216 20597 (ELTEL-AS)
1 1 52.200.181.105 14618 (AMAZON-AES)
14 44.238.29.211 16509 (AMAZON-02)
1 88.99.69.161 24940 (HETZNER-AS)
5 2600:9000:215... 16509 (AMAZON-02)
1 2.18.232.28 16625 (AKAMAI-AS)
1 46.105.201.240 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
2 158.69.139.238 16276 (OVH)
1 67.202.94.86 32748 (STEADFAST)
1 143.204.98.117 16509 (AMAZON-02)
1 192.99.8.34 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
2 2600:1f18:e8a... 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 3.69.18.111 16509 (AMAZON-02)
1 104.18.28.199 13335 (CLOUDFLAR...)
9 64.202.112.255 22075 (AS-OUTBRAIN)
8 67.202.105.33 32748 (STEADFAST)
2 151.101.14.132 54113 (FASTLY)
2 151.101.114.132 54113 (FASTLY)
358 71
17    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
www.hawtcelebs.com
4    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
28    2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)
live.demand.supply
5    68.71.249.118 (United States)

ASN20093 (ZEROLAG, US)
udmserve.net
4    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:20::681a:507 (United States)

ASN13335 (CLOUDFLARENET, US)
waust.at
7    2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
4    2600:9000:2156:d800:5:c4ab:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
bid.underdog.media
5    2606:4700:10::ac43:15e3 (United States)

ASN13335 (CLOUDFLARENET, US)
services.vlitag.com
tag.vlitag.com
assets.vlitag.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
37    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
15    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
securepubads.g.doubleclick.net
7    2606:4700::6810:8516 (United States)

ASN13335 (CLOUDFLARENET, US)
api.demand.supply
13    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
8    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
3    213.202.235.10 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
29    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
8    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
2    185.33.221.14 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
3    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
28    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
1    150.136.26.45 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
10    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
6    185.33.221.90 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
14    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    2600:9000:2156:5400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
4    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    176.9.26.250 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de
hal9000.redintelligence.net
4    54.76.210.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-210-111.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
6    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
googleads4.g.doubleclick.net
1    52.210.115.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-115-176.eu-west-1.compute.amazonaws.com
secure-gg.imrworldwide.com
5    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
4    78.46.111.106 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de
hal900027.redintelligence.net
4    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    52.57.143.183 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-143-183.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    2a05:d018:d29:3605:68cd:a251:4c84:bc1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    178.162.133.149 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    185.86.137.107 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com
pix.eu.criteo.net
1    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
6    2600:9000:2156:2800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    3.230.16.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-16-129.compute-1.amazonaws.com
fksnk.com
1    81.222.128.216 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad16.adriver.ru
ssp.adriver.ru
1    52.200.181.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-181-105.compute-1.amazonaws.com
sync.srv.stackadapt.com
14    44.238.29.211 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-29-211.us-west-2.compute.amazonaws.com
dt.adsafeprotected.com
1    88.99.69.161 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.161.69.99.88.clients.your-server.de
cdn.contentspread.net
5    2600:9000:2156:fa00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
1    2.18.232.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    158.69.139.238 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip238.ip-158-69-139.net
t.dtscout.com
1    67.202.94.86 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us
whos.amung.us
1    143.204.98.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-117.fra50.r.cloudfront.net
ob.cheqzone.com
1    192.99.8.34 (Canada)

ASN16276 (OVH, FR)
PTR: ns501383.ip-192-99-8.net
s4.histats.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2600:9000:2156:9e00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.quantcast.mgr.consensu.org
2    2600:1f18:e8a:cd04:9b88:a313:d24d:af44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
obs.cheqzone.com
1    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
6    2606:4700:10::6816:3bc7 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.vlitag.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
1    3.69.18.111 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-18-111.eu-central-1.compute.amazonaws.com
audit-tcfv2.quantcast.mgr.consensu.org
1    104.18.28.199 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
9    64.202.112.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
log.outbrainimg.com
8    67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
ic.tynt.com
de.tynt.com
2    151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
2    151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
mv.outbrain.com
Apex Domain
Subdomains		 Transfer
71 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
1 MB
61 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
cm.g.doubleclick.net — Cisco Umbrella Rank: 175
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
382 KB
35 demand.supply
live.demand.supply — Cisco Umbrella Rank: 28082
api.demand.supply — Cisco Umbrella Rank: 50568
40 KB
24 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 671
static.adsafeprotected.com — Cisco Umbrella Rank: 502
dt.adsafeprotected.com — Cisco Umbrella Rank: 465
192 KB
17 hawtcelebs.com
www.hawtcelebs.com — Cisco Umbrella Rank: 144010
603 KB
14 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
569 KB
11 vlitag.com
services.vlitag.com — Cisco Umbrella Rank: 19174
tag.vlitag.com — Cisco Umbrella Rank: 23525
assets.vlitag.com — Cisco Umbrella Rank: 21091
996 KB
11 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1281
widget-pixels.outbrain.com — Cisco Umbrella Rank: 1643
odb.outbrain.com — Cisco Umbrella Rank: 1501
mv.outbrain.com — Cisco Umbrella Rank: 3517
177 KB
10 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 4060
log.outbrainimg.com — Cisco Umbrella Rank: 2231
3 KB
10 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488
9 KB
9 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 6696
ic.tynt.com — Cisco Umbrella Rank: 4079
de.tynt.com — Cisco Umbrella Rank: 1078
8 KB
9 criteo.net
static.criteo.net — Cisco Umbrella Rank: 638
pix.eu.criteo.net — Cisco Umbrella Rank: 7678
csm.eu.criteo.net — Cisco Umbrella Rank: 7893
37 KB
8 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 350
ib.adnxs.com — Cisco Umbrella Rank: 210
7 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
294 KB
8 google.com
adservice.google.com — Cisco Umbrella Rank: 59
www.google.com — Cisco Umbrella Rank: 2
1 KB
7 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2040
test.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 5726
audit-tcfv2.quantcast.mgr.consensu.org — Cisco Umbrella Rank: 9863
173 KB
5 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 31122
hal900027.redintelligence.net — Cisco Umbrella Rank: 228737
10 KB
5 openx.net
us-u.openx.net — Cisco Umbrella Rank: 322
rtb.openx.net — Cisco Umbrella Rank: 1330
852 B
5 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 543
image2.pubmatic.com — Cisco Umbrella Rank: 752
image4.pubmatic.com — Cisco Umbrella Rank: 738
2 KB
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 829
pixel.quantserve.com — Cisco Umbrella Rank: 374
21 KB
5 udmserve.net
udmserve.net — Cisco Umbrella Rank: 3148
6 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
imasdk.googleapis.com — Cisco Umbrella Rank: 407
125 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 653
r.turn.com — Cisco Umbrella Rank: 2694
2 KB
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 792
688 B
4 underdog.media
bid.underdog.media — Cisco Umbrella Rank: 15547
181 KB
4 gstatic.com
fonts.gstatic.com
107 KB
3 cheqzone.com
ob.cheqzone.com — Cisco Umbrella Rank: 7383
obs.cheqzone.com — Cisco Umbrella Rank: 4740
20 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419
ups.analytics.yahoo.com — Cisco Umbrella Rank: 269
2 KB
3 criteo.com
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14241
ads.eu.criteo.com — Cisco Umbrella Rank: 7942
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9904
41 KB
3 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 770
1 KB
3 exactag.com
m.exactag.com — Cisco Umbrella Rank: 11797
3 KB
3 google.de
adservice.google.de — Cisco Umbrella Rank: 9027
1 KB
2 dtscout.com
t.dtscout.com — Cisco Umbrella Rank: 13733
3 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
20 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 17271
s4.histats.com — Cisco Umbrella Rank: 14990
5 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 683
s.tribalfusion.com — Cisco Umbrella Rank: 1640
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 704
2 KB
1 google.nl
www.google.nl — Cisco Umbrella Rank: 9098
501 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 401
1 KB
1 amung.us
whos.amung.us — Cisco Umbrella Rank: 14961
145 B
1 contentspread.net
cdn.contentspread.net — Cisco Umbrella Rank: 46991
44 KB
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 768
691 B
1 adriver.ru
ssp.adriver.ru — Cisco Umbrella Rank: 12204
339 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 3888
610 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 491
535 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 197
5 KB
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1193
75 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 811
478 B
1 imrworldwide.com
secure-gg.imrworldwide.com — Cisco Umbrella Rank: 2601
561 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1041
297 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
37 KB
1 waust.at
waust.at — Cisco Umbrella Rank: 48212
6 KB
0 inmobi.com Failed
sync.inmobi.com Failed
358 53
Domain Requested by
34 pagead2.googlesyndication.com live.demand.supply
c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
www.hawtcelebs.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
29 tpc.googlesyndication.com c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
www.hawtcelebs.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
28 cm.g.doubleclick.net 16 redirects googleads.g.doubleclick.net
c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
28 live.demand.supply www.hawtcelebs.com
live.demand.supply
17 www.hawtcelebs.com 1 redirects www.hawtcelebs.com
15 securepubads.g.doubleclick.net live.demand.supply
securepubads.g.doubleclick.net
www.hawtcelebs.com
c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
www.googletagservices.com
14 dt.adsafeprotected.com www.hawtcelebs.com
c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
14 s0.2mdn.net www.hawtcelebs.com
googleads.g.doubleclick.net
s0.2mdn.net
c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
11 googleads.g.doubleclick.net pagead2.googlesyndication.com
c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
www.hawtcelebs.com
10 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
9 log.outbrainimg.com widgets.outbrain.com
8 assets.vlitag.com tag.vlitag.com
8 www.googletagservices.com c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
www.hawtcelebs.com
tag.vlitag.com
8 c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com securepubads.g.doubleclick.net
7 ic.tynt.com
7 api.demand.supply live.demand.supply
6 static.adsafeprotected.com fw.adsafeprotected.com
www.hawtcelebs.com
c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
6 googleads4.g.doubleclick.net googleads.g.doubleclick.net
www.hawtcelebs.com
6 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
6 widgets.outbrain.com www.hawtcelebs.com
widgets.outbrain.com
5 quantcast.mgr.consensu.org www.hawtcelebs.com
quantcast.mgr.consensu.org
5 static.criteo.net ads.eu.criteo.com
5 www.google.com c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 udmserve.net www.hawtcelebs.com
bid.underdog.media
4 hal900027.redintelligence.net 1 redirects c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
hal900027.redintelligence.net
4 fw.adsafeprotected.com 2 redirects googleads.g.doubleclick.net
4 sync.teads.tv googleads.g.doubleclick.net
4 us-u.openx.net googleads.g.doubleclick.net
4 bid.underdog.media www.hawtcelebs.com
udmserve.net
bid.underdog.media
4 fonts.gstatic.com fonts.googleapis.com
4 fonts.googleapis.com www.hawtcelebs.com
c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
cdnjs.cloudflare.com
3 pix.eu.criteo.net ads.eu.criteo.com
3 pixel.quantserve.com www.hawtcelebs.com
3 rules.quantcount.com secure.quantserve.com
3 image8.pubmatic.com 3 redirects
3 m.exactag.com c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
ads.eu.criteo.com
3 adservice.google.com securepubads.g.doubleclick.net
3 adservice.google.de securepubads.g.doubleclick.net
2 mv.outbrain.com widgets.outbrain.com
2 odb.outbrain.com widgets.outbrain.com
2 obs.cheqzone.com ob.cheqzone.com
2 t.dtscout.com waust.at
t.dtscout.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 ups.analytics.yahoo.com 2 redirects
2 pm.w55c.net 2 redirects
2 r.turn.com c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
2 ad.turn.com 2 redirects
2 secure.adnxs.com 2 redirects
2 secure.quantserve.com udmserve.net
quantcast.mgr.consensu.org
2 services.vlitag.com www.hawtcelebs.com
services.vlitag.com
1 de.tynt.com cdn.tynt.com
1 cdn.tynt.com waust.at
1 audit-tcfv2.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 www.google.nl
1 cdn.jsdelivr.net assets.vlitag.com
1 stats.g.doubleclick.net www.google-analytics.com
1 test.quantcast.mgr.consensu.org quantcast.mgr.consensu.org
1 imasdk.googleapis.com tag.vlitag.com
1 s4.histats.com s10.histats.com
1 ob.cheqzone.com widgets.outbrain.com
1 whos.amung.us waust.at
1 s10.histats.com www.hawtcelebs.com
1 widget-pixels.outbrain.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 tag.vlitag.com services.vlitag.com
1 cdn.contentspread.net hal900027.redintelligence.net
1 sync.srv.stackadapt.com 1 redirects
1 ssp.adriver.ru 1 redirects
1 fksnk.com 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 s.tribalfusion.com c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 csm.eu.criteo.net ads.eu.criteo.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 ssbsync.smartadserver.com c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
1 sync.go.sonobi.com c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
1 rtb.openx.net c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 cat.nl.eu.criteo.com ads.eu.criteo.com
1 secure-gg.imrworldwide.com c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
1 hal9000.redintelligence.net c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
1 ads.eu.criteo.com c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
1 rtb.fr.eu.criteo.com www.hawtcelebs.com
1 sync.technoratimedia.com www.hawtcelebs.com
1 image4.pubmatic.com 1 redirects
1 image2.pubmatic.com 1 redirects
1 www.googletagmanager.com www.hawtcelebs.com
1 waust.at www.hawtcelebs.com
0 sync.inmobi.com Failed c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
358 89

This site contains links to these domains. Also see Links.

Domain
undefined
dyingforbeginners.com
www.outbrain.com
www.uptown-aces-casino.com
theversusmarket.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
demand.supply
Cloudflare Inc ECC CA-3		 2021-04-21 -
2022-04-20		 a year crt.sh
udmserve.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-08-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
underdog.media
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-08-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.exactag.com
Sectigo RSA Organization Validation Secure Server CA		 2020-01-22 -
2022-04-21		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-04		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-10		 3 months crt.sh
redintelligence.net
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-09 -
2022-04-06		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-03 -
2022-05-02		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-11-19 -
2022-12-18		 a year crt.sh
contentspread.net
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
quantcast.mgr.consensu.org
Amazon		 2021-04-24 -
2022-05-23		 a year crt.sh
*.outbrainimg.com
DigiCert SHA2 Secure Server CA		 2021-05-04 -
2022-05-09		 a year crt.sh
histats.com
R3		 2022-01-21 -
2022-04-21		 3 months crt.sh
*.dtscout.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-28 -
2022-11-27		 a year crt.sh
whos.amung.us
Sectigo RSA Domain Validation Secure Server CA		 2020-05-21 -
2022-05-21		 2 years crt.sh
*.cheqzone.com
Amazon		 2022-01-22 -
2023-02-20		 a year crt.sh
*.google.nl
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh

This page contains 32 frames:

Primary Page: https://www.hawtcelebs.com/
Frame ID: 15BEBCB248716759310294357B1DECBD
Requests: 160 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/zrt_lookup.html
Frame ID: CA2B8B3E29EE433DD3AD94EA01B0570D
Requests: 1 HTTP requests in this frame

Frame: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7724C6785276AF936A3E870622FDA373
Requests: 1 HTTP requests in this frame

Frame: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8E3EA49A4AEDAFF86EAEA4B42F772BD1
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGOTWzcIBMAE&v=APEucNU7MCMmJCp4AjyCAe2kWvEWZGpx1iu4Q1R-KmU7E5SMV6LSIFgtpm6q65N53Q8LwADG885Huh0aqOFeBdQFg2fSGc4GSqHAIZj8H6W0eV-T1n-aRNQTDdGHJ0lhQKYBcC_lr_0HdPH7vYllWj7OPh-k9C1n3jtplatGyH5083H1IW5_Vq1RICtF7VYLIqeHiYwgpBDWCKJeyS4F8GA9QJlJbKigBA
Frame ID: C79C088180A0ED1D42517503362ACFCE
Requests: 5 HTTP requests in this frame

Frame: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8600B9EA790DFEC0E9E232FC2C3A0707
Requests: 15 HTTP requests in this frame

Frame: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3B9A7A0F6314F0FE7CAB8C6B73EF87BB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGP6GzsIBMAE&v=APEucNUnRg5LhDQKRdNaCT9Qc2NZpP9vXHxvSbLMVt-ZQ__QoTiBPshVn2FdTYslq1ukX7Weq8P3nd1wGiJeaJqeEglOeH3ZP2GerdySVcf3yL7xcrzhkgRjtjVYHw7JNbvPhKSngj0uers2BITplFDOCRg7pBKrahvXbsQ0QP_GRKbDJr64XpGRQf_Wq9CyOl1apgmVon5qnPrHlJ7jK7LIX7mQstynFw
Frame ID: 5748CB00E7671C09B46DA458E8D22C1A
Requests: 5 HTTP requests in this frame

Frame: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C4F620CFB3AD0AD067A1A3B76E846417
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNWLXAlM0_JJrXCcoYlUwqsBoVXDY9vJMscGkN2SX3i1NXIOy4HzyAUl82t_7nXs0j_tNkSP1rmh-iLxPF-7qw3g59BN_oR8QrT-vacG0eFPkFoKGVL0n09JRHru4-6kE_n31z0fe46xSkkdTsqhG-fuuBRnP3Ja0vgkn2VMIxUpk15Od4_r87aGkrocg8UUFJMZdSyVAmKuBi3eCANU-ML-MG48AA
Frame ID: AA62476263CA9AB43FFB88B6874CE9A5
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C2ns3TZnDXFqh9_eYK_BdYkcf6tFU-fBtW3Zw1cgmV4mpbvbm4On66K10fPuxA30an9hCrN82XnoMAKbcUmOzBmWO1kPeKgqNoEliflgZq0GlGSwxqi9TGZyqkl6b8xmjBckVdHB5d7sV1H1Bs4s-9wl8DqQ&cry=1&dbm_d=AKAmf-CiyKYT8FK5y6MTes4h5CKAoXJkXNGZOu9szE0mPoV2OmHzLU4un9g1kL3xEo03OZ-moPhjjImNRvzKtTi-lDZG_S83D-SrNarDKu1-XAde0BCPVfsV-JNmdOR4Gr13v5ha1H8facGExKQ4DvhWKj32FNNNzYpVTP21Vher2k4CSzV3kWBcuOcLEIBI2iv4R-_65qabkrAQEWLgh9l7AOTWVCm7oQwCT2TyZ-EP8UQ6eEbcF2tYk_OjGYS_64ySa2w1oV5M6JnhwWjMdFVa609WogHmJr7i35SJcn4NfrgY_ydNdoU9HECpRyeUWmewZwJYjkAHu2SJ-Xj8x-3BX_8TfVQ1oF4Ffe2KntcIucJl39xjkfPPuFFOiPZC8AkMWG_ZYxDi9laCSDP-JSOnXSParahYGJDGldk0yuS8O-vchFK8gbQ9IOgpmO4Dep7GpK3v4h2_1aqlrk3WFeF0OOQRIYxts6B6cSSc5jTGVnI_TBBqo0sNbUfR6WVgeyQkPHxMzwvLEWQT1kwc1pesp9AXtN4m-sOWLiQVH4JCbodnCv8JKwL_WfcU7RqjGRrfz9zPDUMlGYsR5QMTb6JW9vmVuGBzrHs8nW2tHhubI-xQiVB8gG50nW83AhMdpxHQYpCcbg_JpLwz3eiUFVREPShAcX8oGQhDGh_cYC3cG64FkuM9abEAePNsXGUimGNU5OVjsG67nocEPm4DP7vOKXPWsErIqU39oy-iUaLEt0BQzVlpmTV0Gv5lUX57qoUvQKTghEWaFfs4s9rtu1frE3DItw-2TE5rYTbWo1j3KgvxxltfuoXIFQ6FdS_0hR5Uvbx_iu2zjCJoPwVPDC0w4nXmAZ-owjXT8WhB0Qyj9Agoyhntr0UPx5I01H8FRrkXx5we0Ew1lCtS3bNTT35Y-FAAbbLKvcEgnMjw3z6hlVlHAKXQnNsRqQQPGq7PppSY5tVzKyymhWr2qVoa70DxjzjPO9FU_kICR226QLBatfgXFzjv0vQaHsK8VQz48k1F_CtD3rcvF_X48AbNlpmQDLjis3L79nQV88MQxSJJAyFxMBjEgkbza2rQ0jtsHEsAn7O4OMrwIC0Y5wXPeTbd1EhXZRB1rgBwpgYyTotiu7RczO2oDed3jGMjjYUZ03JQQpSOhrVC2bKE7ooaYxL17I_gEDaqP9oJPSLjB_9_6_NkxkNar2zLM8kX_3bIw26ZAtMhqsOnpWi9LWuUCJLMR1aqgdGnY4fiKNHzlK8qdLIjBzHiKbKQb_vJh-D8FNppc3Anpx06olYE_nRu58S0-_62Hci31KGSlr7XctsY2NC65wQzcdU-ATU1jpgr0sjwJpVh7p-QKysFTo-svlxxHdHb8CA-viCqsUlhAr4puHmBoxOw_2dFDNcMRGu-_u5ax-qx5OUoErRNyARc9CgBkXfYl2-EzPgobjSEh2XXXhFwhpwQfYDT6TkhPlyCNxvR3jPAbIynBuWJXUsA1j17G5AVAOG9Q8ojiAiPFxKsu8XOLIQ9lGwnd_kYs0TD5Mq6gLoPb0ya4hS_mz2MIRVSpfsy-rDUukzanFSa3fMX6t03G3tj2JXawYm55NrHGlJvWNX22CyflgVdz8Jl8x66CRODBoiLrns2g-HbNewHA5CtRCsB69KAI2UlBcFIg3A1To2xYWTec6oez-ZmX1l6_VgKmVOoMY-LaB80gCgTajFSHt1SDWbm8r06MLGOWc3Kaj5cJv_qrHzbmMYZh9iH5pBT10O0sw0KQsORlWx4zDhrSrQzEL1eMqSKXz35VuwFKs5-5WzX7NUz-qJs2Xm3m2g_CHxtTS0tkQpm2vKF2XrNQvywf3KmnrnK4J7q_wcrYjBDUCz7gIeopey9XFq-kLAJlfHElIuDT0FSS0xH5ZVwgb0zrEqLb42LMjJABWe2SIKywOuqRO02RD2NQWqifS3H2rv-erfjawWDcp7CRH9knqGxzpdaP3e70JIvaoj4v80_COzDHhe0KbMmCD9NzFJKLGIOBy07UdGbh8WuFJZCoyr7L74g7SleBX1nsQ92o_lFpNEYUXzu6LhDyUTUJM3rMCYP50ktCo7Xn8Osyiz7qGBMfmZPMOfC-IX8N8DJin_sV-3qWVRZ75YTcw1jXqeosGCl7aLXuGnV31DJyl5ufxxpwoKyBNPyVEcG7A7QCNLNCY31PAjhkoGrxKEIgaZVHQXkemPTNgLV0sMnLMK6DtYqjNkysxyklS5pb58ciSAiiVtFd08Q1f0XccZh2r3OElnwdVxsm2rElWtzdUIfRIXuJQafISus8GSoHZZl15ETSAr42zZlHntLN9cmi7oW6u804Ki8fbTLk98nx8P7K9RZFMusm2qGGMpeq6AfN9Fcc2d4cxO3L8Y-1G_huX8UAc9iWNEXUkQWv5VtQPOAel-bCCdIEwfhAENUVkn1OBSmMQ1C4XxXTQ2YfC3NtAVyjJ4fa1e1SQTiBQ0UloISd5L5F1GnjYmxYSnWShghpSvKBpJc9uZUKeokwxsJqLc6Xlr-LtASzVpiq5TPcYUts3ycb26UszKtgraHaWALATjxnwV2y87xPdmNwBRjUNY_KhboKeiY5It-0_m_V0s4hHT7sI5k-xu2xScvfQeLLCqx2DbDzSTiK3xBU-GCgnZ0BFWNi0bPqnWzpEE9REqvzMOYrbpWkUfFm07-qYqvWEbVg9Jfn0MA83Cw6bNknn57hZUT3BjfYTR0x2wRBHWPVgBiNGSMQ7p9-zrovxZAuofLoGLX700Qm7cQyTZz7xKstErlkXc9bBXzhmYuSmxfFA5ebQlD0ss_auGfT-xyamt7fkgiAxaHGVerADfZ9BPFLQnDayBYfvs33D21GEvxxctf4GOaaPP_RVSdtGZ-csoqTezEvHSrwmOgnV59oMWyu222B_HrLFEWF68XN0gfuJcCKQ3nD5D_4_k9kbjVagbtXMAhGyfy3mnoOq_eGIYtKjx8LC9JIKQYMFBW0_e1XB_Q3X5jgjcxtU6DGVe2b2HJ42N3Chvlr0tixs70tW_zEnuLSIE3r_JeoZoG44xdx-Ty5Io0qtBl8eoh1-mA5TkY6sor1kVUFAMLjL4vfF6feGJqIVXcjq5KJ-7RqnJSJnPYdR8FmIEIN-fitySyDpmzs-bfEyM4g-pEWqNgQhQWK4QkarxOZX9mdxVYF-ChFzLlqtp_Jfg09oipBW58JiHcOueqlrJg7OuwZjHuAM0DaME-BsHIfrqb8TRLNtPyczRja6c&cid=CAASFeRotu0-NxBjPVcV8oSzVR8rZrKLTA&rfl=2%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Frame ID: 33F279F19E5299123B333B9B5FEDE90E
Requests: 10 HTTP requests in this frame

Frame: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D7D0249753ADC34AA7B58A779B9E8D32
Requests: 8 HTTP requests in this frame

Frame: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 093310F3EE4791C56FC7DAF01626C816
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDtqwEQio_TsQIYnfqnwgEwAQ&v=APEucNVgC4crAAeHyVjXVwTIhQHy7LO8hKLmL55N3gPV2EMb0Cz1JCUpL-hh7CyI4VXirsHxnPYsoU0R2zUHw84mdXtFwYgeZQVGXnYm_LMCQ1s4CvsdoxCJDyl-YmeQ8WL3eCOXlXUxyYKlVdukUJNKbXdy3psc6WTnkoOdVvAAT4BZSqb94N6LKVR6eFJDQsswByT-TsLwOgF6q957VPCuWRHGqPAU1g
Frame ID: 78D8934640E397D13A921CC9FB7923D5
Requests: 5 HTTP requests in this frame

Frame: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DC5F943B3EFB4C611392BE7A4A79C6BE
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhhDbwAKoG0Hg4bWAAfQCskRsyKG2fQvDftJeg&u=%7C9ELlD9KQb%2Fz0eg9Hwf4869hjPjpA4WHDFzG9Rq1eGnk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOkMar8-yfGc15w0edYqkXr7_ByuHu9tWhBBk4MbA_WwhwoTHvNBiNJmilko35kcnWz7L_GRrqkP-ad9cUcqpR80XxHnd2lxr6mtsnUFif5z6eaQagz6UmFprJdRWmxm832zpl6CnoummdmAGoIIlzzYd9xMuKFYE5oon1mmSgCqkDGpdHcW0NW97tqReK2gtkeOU1vzxruQ-CdEG4HeaUg3P-iFt96p8NBY-TMmFKuwza_yU4uHMxTxjTEQGiTzZh9EuutVNQ9U2DUHMtw8iJjcbao23mHggOpoA-zdIhkLSqrhhJpQy882iXQ4Oug_PEhCOy9DCsLnWgnYRIAjiqbV-IKaIitPaYSzu2fG3lWA2F34A5H1AObtUVewy9so0wT4X2_kvg5D6gxXkvs6IIU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbBT7b0MYYu3AKtaNjuwPiqCf0AzJntKxXIX-l_dwwI23ARABIABgleqOgpwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTSgAdW20uoDyAEJqQIavs0D58ayPuACAKgDAaoEowJP0CvX8tDN7VGQ0CB3X0XkWiYTLo6f4p_nJZRuNlRyTqROa0BbsjHnScie0QGcbEm2nCIjVN5mjn3QwfSZQVq070l_ZrUlgsrUjyOqmrBOpeqNkrS2hzMG6XSxvyTHf-vDiuihcZqJndxrkgJo2lW7djrY8BnEpQlkOTB4eMSOcGyytYS0stAX-TxvaR4PIbSwENpgbCqfe-9_Kii8bm2Y4ixYijS4648GjcrOc-7czCX7BMMTSKxG7iSgWQiMAnebT1nAA5sM-UPney28U__QIagBr48mbPttg5QJS7TCcwMN845GTPfZeYXd1-nhVVEf83nKcGMzoRIewg5_KOjc1A1phvcraPEo_i3TpkUvTh_sst-tf5bICZk3NYGHSdVqkangBAGABpyDt46vq_-3mgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_224EEJ4_nIIq_BbqrBXkX6my1gPQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Frame ID: 310F9A73E04277044BF465F1622A37AE
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D085770A6191970E4985563A466CB4A0
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDtqwEQio_TsQIYwIqowgEwAQ&v=APEucNV5qr1d7z2x7VPIgFv_J4KQ5vs7APluIMWzcpU5Z3BTvgrBqM2MMffdA-K96cz2YT7fTOolFMC1E9Yyh-CvHEKpfMvm-Sb-lzkUkGOj9NH6-Qr8R37PNynuZYrB3z1SGhAdVnFgZZzm5hmCDPAotJR9pWUdX_ToOAalZYRy-ynDA1wtbSa8GwGndagFAKa_iBthx9N8CtZDrxP4lCNMjZl0bDGt8Q
Frame ID: FA098CD6DF723983653F27B25657A5DB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6h_3XWYD0sRME5rCuu381bZ9AFz53teXNo5saDY-RbZpsdzANlutRdDey39-0xdGbzuIC-eROaSsUpdQ5yb7w71mymg&cry=1&dbm_d=AKAmf-ABfEW4A6ZkzbnhosZ_V4JTAJLJiNUZ7VP6mj12GnfdUW6zhfNsWeffW1Qtb_HJzoB9XuJgzxJHLq2u4gm3vMM1McHp2Cf1MOUtH4bz12_yIv3SG_RNYjE6prprAnTXO-vKrbC72gzqtDNfkENaWO0fKGtlubFPMyQvuYpFygp-p6I86UNVRD-h_aT8HTUCSGu_eJuPWGjspUwqCgLWOP3RrRvMshrWoUFsYdKYV-UtKRI7KtzeE3B1AwehhoiJaGsWPYEknyjp6x_oXqZtaIFBSspomio9xSwcHaz90i1FkCVpRZggbOk8rPVU1L0BDulHY8KxpqzCAeTvBg2zRJFNfZgBO0cu3_R0udGXCaBhVpdSzL-dbhsnn8Dc0Ewgm8DctUfORqwVDzEBsiMNLGa3vNwVgzJsiqAiVgCOrH6-v7qN2opVvzjv3VWHMGWEpUqOM5DvvwAgqGvlj-FT2yOGUcEB2ZoD055g4dti1iFPy3AiKYlyWNSuB9jiY0Z6KE-OfBr3kcNz9cVEGP7wOJigveQq-D_IoGdj-joMoGCyqIJohdliguvIbH2TojtY-itQLFTXBrr_q6fS2YXWlU_qjqtwucdIaUP3QprJPrgyyNy7I-6Ej8Ft_-4wsYEv_B005i2BLrltoQPWLM8GsbmawpErWPU9faWEwrLSAY5suiJku-OXtR2cDuewoSS_t8aFe8REmXJcSKqe5oZzUxLwe9ceRb1USB-Sbo6DjO6B9XEBwKm9Y-A6EyhzEMSXLIWHMOI1p1dezQMLHzFBw3dp8W-dS8Q3YnpJmMv7T6PQlJUK-77oa2pDTZBP9yHAtFZlALxX071xuJKYZuA33uBHQ5QjHUz9ryRrMiiQxcHM-mjDaCE9C3568QDD7vboUWAxxnopm6O14XA9QLphYXl_Zs0_2wDHenLirikSrHrCAuuDO2WHP4CxESkbiGnNGWLOgo5CSjVsmDQw1Kr7GJWAGqTZi119U6CGpHI7RB6cGzR52blVDzJzI_JztethTCQISlXwtkHrAU2fO638SeoBtjmbs6C-Hpp5BAfVNVcjOTgvcX9EtcWv_HpYxkQfUzahq9spksJQJn7tM4_udOOHgE6wuto0rX-95CRZZSsvkerzq1MxtkaHMuDMAU1md38upMjuwBiF-PEBkPI2W_kdgX7RbnvYRRo63lEa1Xj7MwW7fWp_wB1-TgMwCbNvYK4OI_YZ3QvGUYfQOi4quR-mLlWDcVK9WD4Ax2Kj6H7yu1_1E0XothbIWTzUdc2ikXJl4KyUVH3HycThOBAcDVhnVoj3Fyu554Zu8OzUzmfj0aJaTtpTU8mWF8_ZSAyEU3atDzMlylNZfzKDm_UyqRZoPfNqqkAPmRYy2fW2QfkkimPt3lcERPvRHIu10BMZinDbCI1ro65qiLefRXUgSu-b4QjA9Oj9t6kVLTv1RH9I561xRXv48CJa3AJXth52bqA8Lj9QKnrMxRTHvhibWrJ661cZ_imkfhI5-iJdFEGi3d89LSmpGn-RJ8u1GtaC5OU73bMuq_pfABWk6A3oOopVnnDOqzv63Pd6oZmASv-O0HfarPxCFWQywPvX5UrZw_QsXtijl7p4IVMEiD-uPhuw0_e6W4th1o4wSVFFR9ambXNqCsEPFq7LmfIBIR4LHQ4wn0iOT2saoMLlLrJDGOne4RE9y-t3NLsVB60toW4GVE9fUa4-7gL5VO067WzSq1k-PFCq2CJuFijYjIf8Lv6tIjwhOLVAEJbYuvnBSLMrzfXw7hvKUlTII6eHpwGFmBtnFgIud5NFxd-Mo0C_yMhQDSEbRa7xay__X_zVdX3c1jeQBBzIJ2oIzQutzxRWiOZPbSlMrghaZRLwElADiGl6m9l2tm6nnuJHreIPPrtXzuxGrBXGqZXXKyGR348lUto5DVoS5qeQgo7zVZs9cd4DQkr7X3cSBzpYrOvMGrixfOLbLWj6XzkXbuoVd4clSo0cPluqWHZ6ZKsuYbVZHUl184x5azjxN97UQTUdw-XnBC2EjDBfd4VCP1IzG5HKvJDadP-jrmEpdIdytye264QmWFcuh0FZn1SklLqc6Agp143T_BJzoPceEQyo9N1lKJgz1CmwGI-wAy3BUHwiuajly1z--ZYYMD7X7i_zEApENppTWKxIYXLNWZLwB7ureLJX3nNmnz0BOJlMQftEq7gRG0lVPfvx8_YGDim4Ibcp6Yf9TbFRDSPpelI3x499H2y4igUVIT4d79-2dqV7tkGgevssNkXAzznrGowaVYhb3Q3Q_V3qKYSL_OCVph2UFVOM3eN3qZUiIo9b1BfOFFdsv8jkDRaVrSVIzezqPekkI1m2Z5K-iBs1ZElZa60VtDOjsC0bFQ0YrATZWsWcYAgAxnO6VvGgPF9VEcqe3Bk5KSZwHP-ai1Ky4DdEBSssyD0kMIDPvpWkWce7MztfmqzNLMXzZybEDThd1awmilKAJI3kJCbCI-z34iFjJ-V6jdMMfY107YCB68-lRe1TGcgsloFM_GU1cp035CoH4JZAEPfKRtBN9qX6veig39w7X86SpUJaFL7GAOAF4G_y25lhIuBjS66cuVpFk_lU8hKwC8h0O14cacRR2j92uju5lr0GLUKXrmM2LLpFlLQn5vx59nyq8yreub0HsP4o0Eo-UHzWMfWxtTWuj1WnmT8DyyCnsixzDpsxHu-gzJE1ZFSY4def_OyetdJHLi_8sf9hyLZdSTzlrUwXJfFlkleadGETS95TMZNVG-Qe3cO_Qcfy8PIkckXn5tlj0Jl0qf0SRZGKoK5NH9x4OrzgUnAp2e8EVaMrS61yqpk5jAg2bW5V9lMMBBWw5_xNLd8xY3x6vFCZXdFkpvK0NFbshroulZmmlJKa5PjU-eRj8BiaCsl60_mZmgDRgcOELVitiDqPfuois5PT_v38rSZaQbe5oZHQ3RUUFni_tnKQ0DUuiSrQitqWeb0hcTl9FBhx4bXAHReZYo5ClYTcAVRpFZzjQTM6qexKPw9Yeh9btBgF09CSQcAMqUjI5QxbV0j9hobr-ZDKVlqOodYPX9iSbTWF3Rve7WiLqnNnXcy9cg9H1XcHbU8O8vrJ1oBQJrvLtFF_hsUPoToktOuGMkySu1XogKVSqpdZVUOxxCJtWeIMthYC5t6mXBTG2YMM7izWECXMkSmPDB8DuJQEZFHAP98GOwOB4jg5jXLRP-LIpYu4zkKCdpCZmvBfAfFAIFusDqI9ESqlZuvFjN626uUpu_W1QmucceHr8xB0raisYqeJ3m-PrDUq1vXyVFevPKylDrCTZrCSd1ZB-0EH3VE7esgm4Gd1g3GIQ0gtNzMdjQBm4hWpd4qvnw&cid=CAASEuRosEPWV2aCNx0sugiDGYopMQ&rfl=2%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Frame ID: 9B9C92DE149D3B7BFA395F3C6ADA1C95
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5C2CC1D0A39897C33CE33C7D9E873668
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D23C7C2E23D6E3FA0D4CE5090449C77D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6322940812012159067/index.html
Frame ID: 3CB3BF5C99E1A778B647EED4D54DAC45
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E4DD12C609469780132310A89E5E0529
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/1338021503599923470/index.html
Frame ID: 27EBB87232D3461B3313CF36BCA2A212
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D26B552CEEE0CAF3F4CD0409A019BE54
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 755B4015927943DCC58802379539DA68
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3A2A3CF242C923ED9022349A2345E882
Requests: 9 HTTP requests in this frame

Frame: https://hal900027.redintelligence.net/request_content.php?s=59150400009604200757585011881027&a=d115444c
Frame ID: 35C5303EA80D31835A1789FC249F92A6
Requests: 4 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 38D226460DC8F8A14664B1CA7A5F2DCE
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 397A57C54D8571C16934593C3A78EDF3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B5FA360B8F08F44699F4E9D9E1EFA0E1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AC8F16BB531D92281028DF36D01311C2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HawtCelebs – Latest Celebrities Pictures

Page URL History Show full URLs

  1. http://www.hawtcelebs.com/ HTTP 301
    https://www.hawtcelebs.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

358
Requests

91 %
HTTPS

44 %
IPv6

53
Domains

89
Subdomains

71
IPs

10
Countries

5483 kB
Transfer

11225 kB
Size

55
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.hawtcelebs.com/ HTTP 301
    https://www.hawtcelebs.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.55315703 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.55315703 HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=3237488638937098937;cb=0.55315703
Request Chain 86
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.55315703 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.55315703&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUVENjg4NUQtQjdFMy00MDlBLUEyRkEtMjhEN0MyRDk1NENG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D5ED6885D-B7E3-409A-A2FA-28D7C2D954CF;cb=0.55315703 HTTP 302
  • https://udmserve.net/udm/fetch.pix?pmid=5ED6885D-B7E3-409A-A2FA-28D7C2D954CF;cb=0.55315703
Request Chain 99
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFTM5hW2ZkBx5AHvC7cn2Lg&google_cver=1
Request Chain 100
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhhDb11T4iqGo90.2PC2xQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOKUJAlrgDkK3Ez0uAmR7DM&google_cver=1&google_hm=2
Request Chain 101
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAAo4Sqqresv7oKAV-G228E&google_cver=1
Request Chain 102
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIzNzQ4ODYzODkzNzA5ODkzNw%3D%3D
Request Chain 119
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIYz1FJRv3VDuWsgyyY24Dg&google_cver=1
Request Chain 120
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhhDb11T4iqGo90.2PC2xQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOKUJAlrgDkK3Ez0uAmR7DM&google_cver=1&google_hm=2
Request Chain 121
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPQ9ovor2dZaehnTgPVDNTk&google_cver=1
Request Chain 122
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIzNzQ4ODYzODkzNzA5ODkzNw%3D%3D
Request Chain 135
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOLqr71RKg_vdnygS1cotfM&google_cver=1
Request Chain 137
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEE2AvvnerkJYjXRaOIq6hZI&google_cver=1
Request Chain 169
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOKUJAlrgDkK3Ez0uAmR7DM&google_cver=1
Request Chain 170
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhhDb11T4iqGo90.2PC2xQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOKUJAlrgDkK3Ez0uAmR7DM&google_cver=1&google_hm=2
Request Chain 171
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPQ9ovor2dZaehnTgPVDNTk&google_cver=1
Request Chain 172
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIzNzQ4ODYzODkzNzA5ODkzNw%3D%3D
Request Chain 185
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOLqr71RKg_vdnygS1cotfM&google_cver=1
Request Chain 187
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEE2AvvnerkJYjXRaOIq6hZI&google_cver=1
Request Chain 203
  • https://hal900027.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=25497c379c&subid=&uid=b1bac9c3e55f0f9c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChC7hb0MYYrm-I4Hu3wOf8KDwCd2t6KhgqNy3x7kK8C4QASCVm8ohYJXqjoKcB8gBCakCVm4sPcnIsj6oAwGqBO8BT9BfQxZj9AsPLFzRIG6kIYFPYCClE5deBKBaBcWBNSaMyHbU6GrnVlsxEfw_My3l6A9DPoFxVt4jeonLjHmhFSMvpCkbiaHModyDDgj8QD9Ilqra_qpO-yUhogv9G_TK8IbZd643gMUCyjZoH9aG6IhUPHgRdHH8Rr2-P-Ma-lq7BknuNKlmgTytfto3GEqB-vbRgcxMV8srEbcBOXAsubxkdepw02Nhjn3VDouTVZrk9yzZAJAjwWNFuOjNqHScY32r0dBNA3UO8akMtHynZtXz2LuI5By_vfPU6NTF5QS4ilZzgcezqH-u_P6xN8DABM6Ou7GWAuAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA5gLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRotu0-NxBjPVcV8oSzVR8rZrKLTA%26sig%3DAOD64_09Zdr7eyjcGC9GtksUu6QhHCgX0Q%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-Dn03Ka2P2tfEiyzKMqd-C4XZ5VNii4wrieATPYZThawjolaH5LXhvRSgarWHGHEqGQS32xD33_VXM8Se4Tr2q0_zZ1lkcD2VRDQOv4q8fITvf8gfma6VtHh7ECwot6iypS6I_bEKyLjmtEUsBjNIEIw0iQwA%26cry%3D1%26dbm_d%3DAKAmf-C8lzo9G9xT9_sNxjNBZC9-tQv5MQ4YpdR9Fncn5SD3YnIm5RqoEJWQQ-I6cIJBDnXcPIVZo2ph8xNEcxVrksK8QS6sr1JhGLRe8w0FFmhguc7Kfp9L7LqMzXjJnK3cej6IfNbgadNshcMxErLqhCgstlizdFtdwNWlMib_gIuPfTCuwFUQ07HQvnX2LDsx0xdQS2MkPnCsXljYNFa_mq16Tfp6mduYTs60nZiLf4oBhTzGvp-TL9v0MdRSZSfH4G-i6h6vD07UDODwTNmEam0D5bsX4xzH6ax1fu_CGeNMJLKNnfEVxxA6Cin8_VLiFa6hu9fBH5Vvqg7w--WlWSp6Um33gdej_Ccn2Yn0V4lJkdOR_7HdPUwN-NZIbjXC2MixR2LDTyFwzfi0IQXccoLjH-J6ZICBjVH4T9M-gr6mnMAl4GAGZGHffICSFMGhlfOgxNGV%26adurl%3D&documentReferer=https%3A%2F%2Fc79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fc79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.hawtcelebs.com&random=4963609132300&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900027.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=25497c379c&subid=&uid=b1bac9c3e55f0f9c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChC7hb0MYYrm-I4Hu3wOf8KDwCd2t6KhgqNy3x7kK8C4QASCVm8ohYJXqjoKcB8gBCakCVm4sPcnIsj6oAwGqBO8BT9BfQxZj9AsPLFzRIG6kIYFPYCClE5deBKBaBcWBNSaMyHbU6GrnVlsxEfw_My3l6A9DPoFxVt4jeonLjHmhFSMvpCkbiaHModyDDgj8QD9Ilqra_qpO-yUhogv9G_TK8IbZd643gMUCyjZoH9aG6IhUPHgRdHH8Rr2-P-Ma-lq7BknuNKlmgTytfto3GEqB-vbRgcxMV8srEbcBOXAsubxkdepw02Nhjn3VDouTVZrk9yzZAJAjwWNFuOjNqHScY32r0dBNA3UO8akMtHynZtXz2LuI5By_vfPU6NTF5QS4ilZzgcezqH-u_P6xN8DABM6Ou7GWAuAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA5gLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRotu0-NxBjPVcV8oSzVR8rZrKLTA%26sig%3DAOD64_09Zdr7eyjcGC9GtksUu6QhHCgX0Q%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-Dn03Ka2P2tfEiyzKMqd-C4XZ5VNii4wrieATPYZThawjolaH5LXhvRSgarWHGHEqGQS32xD33_VXM8Se4Tr2q0_zZ1lkcD2VRDQOv4q8fITvf8gfma6VtHh7ECwot6iypS6I_bEKyLjmtEUsBjNIEIw0iQwA%26cry%3D1%26dbm_d%3DAKAmf-C8lzo9G9xT9_sNxjNBZC9-tQv5MQ4YpdR9Fncn5SD3YnIm5RqoEJWQQ-I6cIJBDnXcPIVZo2ph8xNEcxVrksK8QS6sr1JhGLRe8w0FFmhguc7Kfp9L7LqMzXjJnK3cej6IfNbgadNshcMxErLqhCgstlizdFtdwNWlMib_gIuPfTCuwFUQ07HQvnX2LDsx0xdQS2MkPnCsXljYNFa_mq16Tfp6mduYTs60nZiLf4oBhTzGvp-TL9v0MdRSZSfH4G-i6h6vD07UDODwTNmEam0D5bsX4xzH6ax1fu_CGeNMJLKNnfEVxxA6Cin8_VLiFa6hu9fBH5Vvqg7w--WlWSp6Um33gdej_Ccn2Yn0V4lJkdOR_7HdPUwN-NZIbjXC2MixR2LDTyFwzfi0IQXccoLjH-J6ZICBjVH4T9M-gr6mnMAl4GAGZGHffICSFMGhlfOgxNGV%26adurl%3D&documentReferer=https%3A%2F%2Fc79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fc79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.hawtcelebs.com&random=4963609132300&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 204
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELC5BiHzSX0WhLsThEJhzdI&google_cver=1&google_push=AYg5qPJRgY0fBSCqBmb40Xta3SXiLZYY0AaPhq3FwfOdZtm25oNtBusi-rlLaC7VGfH28GPp2OK42QEvBq6JqBi7r0GcpykIE2Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzI3MjQ3OTU1NzMyNjg5MDcxMg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOVdrquPChWcPeZhOUChgCI&google_cver=1
Request Chain 205
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPaPvQiEStboMHBFta8wZaM&google_cver=1&google_push=AYg5qPIxbL9RT-E0LUr3XeoNxnkPH7sPKsiwt80HbQ1mOERm-_-JJ2WVtejOLzxYUdegusxJVtW9DapC182sTQ8jqW0V-p2FjjmD HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPaPvQiEStboMHBFta8wZaM&google_cver=1&google_push=AYg5qPIxbL9RT-E0LUr3XeoNxnkPH7sPKsiwt80HbQ1mOERm-_-JJ2WVtejOLzxYUdegusxJVtW9DapC182sTQ8jqW0V-p2FjjmD HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N3hCSXdOZ0gxTm5xRXc1&google_gid=CAESEPaPvQiEStboMHBFta8wZaM&google_cver=1&google_push=AYg5qPIxbL9RT-E0LUr3XeoNxnkPH7sPKsiwt80HbQ1mOERm-_-JJ2WVtejOLzxYUdegusxJVtW9DapC182sTQ8jqW0V-p2FjjmD
Request Chain 206
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELRgwKzvs6TEIaTtoMyTRA4&google_cver=1&google_push=AYg5qPK4eqYEanF7rOdN1LyZKHoYbnSfW_fbihnm47lIprwI0xssjjC_Poq4RISQCV8iwNJts8_ZcDMZypKGwj74ZVCvy4EJhlHv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK4eqYEanF7rOdN1LyZKHoYbnSfW_fbihnm47lIprwI0xssjjC_Poq4RISQCV8iwNJts8_ZcDMZypKGwj74ZVCvy4EJhlHv&google_hm=MTg0ODg0MDI2MDc2MTI3NjUzNw%3D%3D
Request Chain 210
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGo6WrDmN1UuAGg-NzZ_lx4&google_cver=1&google_push=AYg5qPIajQoSNIwIb9cl3l7uN6uWb7-hb3RWrcecqIH2VGOQSNrquHcPzJMSdPAiou2Sl1SaNcmlQm8qKmzjDaIwgK-QO0J-iYJ3nw HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGo6WrDmN1UuAGg-NzZ_lx4&google_cver=1&google_push=AYg5qPIajQoSNIwIb9cl3l7uN6uWb7-hb3RWrcecqIH2VGOQSNrquHcPzJMSdPAiou2Sl1SaNcmlQm8qKmzjDaIwgK-QO0J-iYJ3nw&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1iMHdtQUpKRTJ1RkxlcF84RjJ0YU9xMWVxbVhFZHpGNX5B&google_push=AYg5qPIajQoSNIwIb9cl3l7uN6uWb7-hb3RWrcecqIH2VGOQSNrquHcPzJMSdPAiou2Sl1SaNcmlQm8qKmzjDaIwgK-QO0J-iYJ3nw
Request Chain 242
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGjyDXgE8NDuVLGCbqe8A-Q&google_cver=1&google_push=AYg5qPJbxPx_9QjGhLiljO5Ep261vvwxTSFvVhYCJHV63DUdto6zKgBGho5pDzVE_VQ_fZYDC3nXquC_56b35VW4XUAVLkuSmww HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzI3MjQ3OTU1NzMyNjg5MDcxMg==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOVdrquPChWcPeZhOUChgCI&google_cver=1
Request Chain 243
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEETC5-y-L0bHvsIjW86xBTc&google_cver=1&google_push=AYg5qPKBEV6hSfcRzwxS8ueMjaP8ws7YVGm_8tuJCTa7yNY2MktsRtLYo-JECMZRGmSiDzm3EeU1q22fa8X9Isg5yW1E7ArefaE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKBEV6hSfcRzwxS8ueMjaP8ws7YVGm_8tuJCTa7yNY2MktsRtLYo-JECMZRGmSiDzm3EeU1q22fa8X9Isg5yW1E7ArefaE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEETC5-y-L0bHvsIjW86xBTc&google_cver=1&google_push=AYg5qPKBEV6hSfcRzwxS8ueMjaP8ws7YVGm_8tuJCTa7yNY2MktsRtLYo-JECMZRGmSiDzm3EeU1q22fa8X9Isg5yW1E7ArefaE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKBEV6hSfcRzwxS8ueMjaP8ws7YVGm_8tuJCTa7yNY2MktsRtLYo-JECMZRGmSiDzm3EeU1q22fa8X9Isg5yW1E7ArefaE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 244
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENhw7HxOspsHVlSgpwLhhQA&google_cver=1&google_push=AYg5qPLtWJ3WBtYUXhJjIM-iN141rOwNuZcOf9vQ4OX9jAbZsYahbP52cPrk8n-cimWj9fYL2yNcV2KKdKt1Oemn5npGzWOrUrY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENhw7HxOspsHVlSgpwLhhQA&google_push=AYg5qPLtWJ3WBtYUXhJjIM-iN141rOwNuZcOf9vQ4OX9jAbZsYahbP52cPrk8n-cimWj9fYL2yNcV2KKdKt1Oemn5npGzWOrUrY
Request Chain 245
  • https://fksnk.com/cs/google?google_gid=CAESEJcG4ZtkFqG0NKv4ZsN7FuI&google_cver=1&google_push=AYg5qPIbfFTXsKbz_0LplHRyJT4ZR0pW7kOUb9Ju9ayp-it46OXQd4NZnGKwDgVErG-Y1QXvmwRHleGvjkRGL-rJJAAObQApfic HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzA5NEM3N0RGMTQ4N0I1NA==
Request Chain 246
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESENPkFDaJ10fnKVy2hnlGbuI&google_cver=1&google_push=AYg5qPIsADk1nvCfRea6SLClDzFp_LzSLi1I69zp49ptyT8hiArrs-ShfO8lKFmsjx1J6rpXntOA4j79LQoT3vAJq1cwThVrqAs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPIsADk1nvCfRea6SLClDzFp_LzSLi1I69zp49ptyT8hiArrs-ShfO8lKFmsjx1J6rpXntOA4j79LQoT3vAJq1cwThVrqAs&google_hm=QTc1T3IxRGlmd0RXNm84eHV0Yk1jTkE=
Request Chain 247
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESELNwiuXhpxzhEdP5BWVgmT0&google_cver=1&google_push=AYg5qPLSgPlokKTHik5M6HbJISF4uhT3YkFdxFZQ8boYKSzG694j3FMSbYd92GDchH6_Mye2V84wZFocXzyLl9mruZ-EBvcFRbE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=fitiZTs0QlFbLb9Mi4ZA6F_Tx5E&google_push=AYg5qPLSgPlokKTHik5M6HbJISF4uhT3YkFdxFZQ8boYKSzG694j3FMSbYd92GDchH6_Mye2V84wZFocXzyLl9mruZ-EBvcFRbE
Request Chain 255
  • https://fw.adsafeprotected.com/rfw/st/931897/61009656/skeleton.js?adsafe_url=https%3A%2F%2Fwww.hawtcelebs.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:2ba9820c-ddce-1dcd-3320-8da4932c8952,c:5chgUf,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-894b99788-fjbzq,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:grpm1,nbld:0,mtim:324,fm:sYpTTAU+11%7C12%7C131%7C1321%7C133%7C141%7C1421%7C143%7C1511%7C15121%7C1513%7C16*.931897-61009656%7C161%7C1621%7C171%7C172%7C1811%7C18121%7C1813%7C19,idMap:16*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:339,oid:61cc48c2-95e5-11ec-84ec-86e9d077b59c,v:19.8.289,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js
Request Chain 257
  • https://fw.adsafeprotected.com/rfw/st/931897/61009684/skeleton.js?adsafe_url=https%3A%2F%2Fwww.hawtcelebs.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.hawtcelebs.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fc79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fc79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=bd&adsafe_jsinfo=,id:2ab3c509-3cc4-9695-ae7e-362c1d75c34f,c:5chgUx,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-894b99788-8hsz6,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,br:c,abv:na,an:n,oam:0,scm:grpm1,nbld:0,mtim:346,fm:sYpTTAZ+11%7C12%7C131%7C1321%7C133%7C141%7C1421%7C143%7C1511%7C15121%7C1513%7C161%7C1621%7C163%7C171%7C172%7C181*.931897-61009684%7C1811%7C18121%7C1813%7C19,idMap:181*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:352,oid:61cc7011-95e5-11ec-a6e6-020cb9aba01f,v:19.8.289,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js

358 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.hawtcelebs.com/
Redirect Chain
  • http://www.hawtcelebs.com/
  • https://www.hawtcelebs.com/
23 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04cd207f62c5c656bbb1e96c63ecca447e891a9b3112190a5a5e7a553105f67f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9

Response headers

date
Fri, 25 Feb 2022 02:48:14 GMT
content-type
text/html; charset=UTF-8
link
<https://www.hawtcelebs.com/wp-json/>; rel="https://api.w.org/"
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3wLC1doLT23fpD25va9%2F9jRdu2kbsFuOPIMOLBQSMwW5DhF8GJriF8VMbV7q%2BYUXDyBJDgPGypwywjjya0HQTbjvh4dgZkJLmWbFFNFoFRvp%2BYImiV7g1T9ZJKpqNV83mjrHa%2FxmjRgjiIah%2FZKpuM%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6e2d9d105aa89a3c-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date
Fri, 25 Feb 2022 02:48:14 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=3600
Expires
Fri, 25 Feb 2022 03:48:14 GMT
Location
https://www.hawtcelebs.com/
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XnjxmA2Dnf%2FMSL%2BQ6I22FlNFRziPPaD8ucVceeywxI8QKuHznPZPQvDXdV9ltuZ6U6OiATE9YTWW3VKgmjQV2yHu54hBpTg62cbEEQ92rn7xjZ8yoSgmNHzei1eZP2sSR6ZpXexmAnaquoYKWSNBAIk%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
6e2d9d0fea3b695b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
style.css
www.hawtcelebs.com/wp-content/themes/hawtceleb/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hawtcelebs.com/wp-content/themes/hawtceleb/style.css?ver=5.8.3
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af0d6570462dee3c3937e8694b2ee98ea78313219976105080e94680c29769ad

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2662967
cf-polished
status=cannot_optimize
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Aug 2019 09:10:58 GMT
server
cloudflare
etag
W/"5d63a222-3db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jj6%2BC%2Bjdc6Q0nt6tABdYBL9NEHTJ2OBQIhlBJSqhcUkTk3AC9OQfSuzVP8wfdNlhsHyhbnOJfEVowrOEDl3R57i781GMGDnwph7d0jbTCql%2FsvACuIQDoCxb2wDwvW5MoEhpUncpP5D3VJm9THu97Mc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
6e2d9d1579779a3c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%2C700i&ver=5.8.3
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
31bf822302ba5c241966cbdf23c8e904c3fc8c4cf20758032774b8ffe8e1d69a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Feb 2022 02:28:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 25 Feb 2022 02:48:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Feb 2022 02:48:15 GMT
dd-multi-col-cats.css
www.hawtcelebs.com/wp-content/themes/hawtceleb/ 		238 B
485 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hawtcelebs.com/wp-content/themes/hawtceleb/dd-multi-col-cats.css
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a40dcd59c23d9ed6f0fbaeefeb57c78543b487ad93c49f5f74b89dd85b0ea278

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
44350
cf-polished
origSize=313
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 10 Jun 2019 10:27:20 GMT
server
cloudflare
etag
W/"5cfe3088-139"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xnmg%2FyG8U7Jbs%2BTDluDXu%2FcllxoV7hMXq8RGivHCDH9ieumxqFWsMXnIbIdLL32sDfipY7qO0MBAV%2BCAYFutUFq1s92sntqPCbOxOq1rCSYus4ge1GEHGbd5cSHaUanQ9DBTC4yJioPGQJ2To6pJQWo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
6e2d9d15797c9a3c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
up.js
live.demand.supply/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/up.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6743840281f01d5c8c76705f98ef5ca06e815908c79590a2ecf485cd338d6d68

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FRN1XXSY1DMFY9GFMPAY1AVA
date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
cf-cache-status
HIT
age
1027
cf-polished
origSize=3935
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
cf-bgj
minify
server
cloudflare
etag
W/"59de6717fa079a1bdca61971e7fc88e1-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
6e2d9d15deac5c8c-FRA
link
<https://live.demand.supply/impl.v14.0.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v14-0-0/d3d3Lmhhd3RjZWxlYnMuY29tLw==>; rel=preload; as=script
img.fetch
udmserve.net/udm/ 		27 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=6;
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
2609e34941cca67263b05584f2a7113469f415acc3419ef3b9aaa9716847a16b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:15 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Type
application/x-javascript
Expires
0
kate-middleton-at-lego-foundation-playlab-in-copenhagen-02-22-2022-6_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/02/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/02/kate-middleton-at-lego-foundation-playlab-in-copenhagen-02-22-2022-6_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ba684c3a6ccbf316d0ad92784045b47080968a760cd002a2e74617d4d248abe

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
22495
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
53298
last-modified
Thu, 24 Feb 2022 20:28:45 GMT
server
cloudflare
etag
"6217ea7d-d032"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FF2k%2FWt7cTLpkVfenjlmVz6Zpgmz7CDfcZYGLvYtFfaKP9ADh1Bbm5EemI%2BdCiElabjajr7DnTK0pBRmVZLhQv3v6wAdoj%2FippPMKkGqlN12oTSR7bvlKilOIYe9p6R14%2BTIChI6x05tGD%2FGgqEBFu0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6e2d9d15897e9a3c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
luci-levante-for-aureate-jewellery-2022-10_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/02/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/02/luci-levante-for-aureate-jewellery-2022-10_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0268bdf254f22580db4e1006474490a0ed11ed3ed2cdb1766208dd2442e07f97

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
22753
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36588
last-modified
Thu, 24 Feb 2022 20:25:26 GMT
server
cloudflare
etag
"6217e9b6-8eec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZ2KYeAZbpsmKlggYZIxfxYqAeRnv%2FbFepShnuT5XT7snQqh7NSSv6D5NjDrZ5KUbTWxWTtpr2id4dnl%2B%2Bo%2BIpM0%2FxRubFG0SxxlqwH19KEnc%2BbLOBlTvKlhnbUCU%2BmdD1YXLvEZKTyYphgLQerfLJg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6e2d9d1589809a3c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
mandy-moore-at-jimmy-kimmel-live-02-22-2022-3_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/02/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/02/mandy-moore-at-jimmy-kimmel-live-02-22-2022-3_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22059bd6a4ef367203dac63da10273128555834feca1a1df0478ceba110ccbdb

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
22753
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40475
last-modified
Thu, 24 Feb 2022 20:23:39 GMT
server
cloudflare
etag
"6217e94b-9e1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2eO0tZLhE%2BH43MRYN68c759sx%2FwYiJz5gqc1YO6tYoHdi3oR7p9H5QzW5tTVCDCDcK2cx4p3QPSDxskbS7SRYIJqe2yuf3lTS%2BLkb1YOdr%2BZB2QAMbVp3JpKftDr%2B8YrZ3zxbv9mUg5Q1eyLhOksK58%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6e2d9d1589819a3c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
anja-rubik-and-alexandra-agoston-in-elle-magazine-france-february-2022-60_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/02/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/02/anja-rubik-and-alexandra-agoston-in-elle-magazine-france-february-2022-60_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2fb8432db997e3cc839797f5f5a3b6c7d27874c4bbab47720cebc452612b75a

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24413
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80288
last-modified
Thu, 24 Feb 2022 19:59:30 GMT
server
cloudflare
etag
"6217e3a2-139a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4vCvCyI3uOIfPLQFXXGxnXinQDf2iLhWotydxxpySEHAFSJeigdNSJ8FZgfgEEsxuMuqFihFtB%2F0Ce0pJubOaMCUwS0ZXkyb%2F1WcY%2BDhvV%2B975Wc4NB%2FDPS0qO5V66BaNzkZBTz8f4UXgYcsQ%2FnHvI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6e2d9d1589839a3c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
rita-ora-in-fendi-out-and-about-in-milan-02-23-2022-6_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/02/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/02/rita-ora-in-fendi-out-and-about-in-milan-02-23-2022-6_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
192d72042d251a1635bef0af51fe4d9a83be4344e68828894d3da538143af358

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
31573
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43044
last-modified
Thu, 24 Feb 2022 17:57:23 GMT
server
cloudflare
etag
"6217c703-a824"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51Dx4%2BXrx6BM7H300BVPIyQksPrPTgfkr36ZB8cuOlSQOAOHVVhKcYRNZRjhCGabT5YXC2eLTwCFKzgc1eED0PaSFwIbvNeFUAJjfl2AIH6nyITk%2Fm1%2FDCNEGvIqjI7XlBXcBboGSDhE0JDGinAym40%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6e2d9d1589849a3c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
rita-ora-out-in-milan-02-23-2022-6_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/02/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/02/rita-ora-out-in-milan-02-23-2022-6_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f58a4cb0962b0485bd2fc3d4f9d8435fc2ec7c1dfd2cd9e8953c17fce0e6d65b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
31573
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68444
last-modified
Thu, 24 Feb 2022 17:56:25 GMT
server
cloudflare
etag
"6217c6c9-10b5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttD0u7aWeOIjRDfz40COXCAk7K0oEy2Pi%2FmoGd8%2BXqOTDOp0SOALyBEpuZa3mSQzHXiSZTjFek41JFogIk%2FJDiB%2FuIC6G2YKDzprztGiRDJ7A04sj%2BucNuF4R3bV%2Bo1S5u5e4IDdvr0ZodXznhr5jHc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6e2d9d1589859a3c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
doona-bae-for-w-magazine-korea-february-march-2022-8_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/02/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/02/doona-bae-for-w-magazine-korea-february-march-2022-8_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4af3eb81151bd55414c67ecc463dc62bf30ca07d457c4b278c5769f111cd8212

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33463
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
59794
last-modified
Thu, 24 Feb 2022 17:24:29 GMT
server
cloudflare
etag
"6217bf4d-e992"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZXN8DAZSTqIDYFBzNPI0IGtTTVL2T9GMP0TmTKiqDC0e3%2B3gQ%2Fw6liglBHJL8jgtY266BoQFJkXUAIqNgY2%2BqkWM%2B4O2nDrBmqXabPtTUELx1lY089KdvAizYZXVTx1W%2B7qMQQyUAEpD7qh9koCsjY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6e2d9d1589869a3c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
taylor-swift-the-story-of-taylor-swift-1st-edition-2022-129_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/02/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/02/taylor-swift-the-story-of-taylor-swift-1st-edition-2022-129_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
510fb058fcdad3f92be54dba28f7aab43763c46965dc12688d3687884bf01ad1

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33463
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
90593
last-modified
Thu, 24 Feb 2022 17:24:06 GMT
server
cloudflare
etag
"6217bf36-161e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWUzYVoHyqDalR0JrAKNGlJrROQHXMuuRhpaG9C3tc%2BLdxFF%2FF%2B1ZfcuIxlRUbyWvvSq6YK7fAXUhTtEHMjI0N7XtmOoyP82Zft8lXudY5gy1w7vlUnoz8LVOiQJN9Q4d9%2BAnhy7RA7VgyUjfmrHsgw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6e2d9d1589889a3c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
kendall-jenner-for-i-d-magazine-the-out-of-body-issue-spring-2022-11_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/02/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/02/kendall-jenner-for-i-d-magazine-the-out-of-body-issue-spring-2022-11_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed32d7e02ff9ac490a517398da4808e389f81e47f62d316b8655ea23f306fc99

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33897
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
40769
last-modified
Thu, 24 Feb 2022 17:17:36 GMT
server
cloudflare
etag
"6217bdb0-9f41"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHWeWkScfdegNglAO66GgazFknh9Ccnh%2BlcKpGEOmPlHpjgKjfa5v%2FLck8%2FKo3DpoNj1EpzpqxlagnQB5KThfogc0im0Te8%2BXEgLOOlZzyefp6kaiw6qRn4bp1IHf3l6SL6puczE6PxKK1IjaayUMCc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6e2d9d1599a29a3c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
hunter-schafer-for-i-d-magazine-tthe-out-of-body-issue-spring-2022-12_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/02/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/02/hunter-schafer-for-i-d-magazine-tthe-out-of-body-issue-spring-2022-12_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d706d25e236ad9a2a39f53eaf7308ca57eccd735cb47713211f497b699bb0f9

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
31573
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32556
last-modified
Thu, 24 Feb 2022 17:16:56 GMT
server
cloudflare
etag
"6217bd88-7f2c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g5T3%2BJRuaoKtNMVY43cucr98rg0hlATKSgYG4lONRbpSOEkaFlvQD1VqbQbJybB8iU9FKowObHwS2WFRJ9rvn%2FNLQBi4Ng7%2BrEcYu1sB6hn%2FsItL%2BnIfvX3LArfQ8awzVhmplsGosqpw9zwY49NG%2Bns%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6e2d9d1599a49a3c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
rocket-loader.min.js
www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Feb 2022 13:46:32 GMT
server
cloudflare
etag
W/"620d0038-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bg8yRwgNJ2J3Ji%2Fk6afNwtZ3iLJAEaCOKmE%2BKkVp8%2B9u5XStIGdA9OGS1Em7VrTmOvEv1gllUF13b0zxZA%2BG0AED8I4D0hYGzriuGFwfkl1Inq9Q1pvK0pSB3YL10UP5C02XJhOsH2NXy6OfULNX%2By8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6e2d9d1599a69a3c-FRA
vary
Accept-Encoding
expires
Sun, 27 Feb 2022 02:48:14 GMT
icon.ttf
www.hawtcelebs.com/wp-content/themes/hawtceleb/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.hawtcelebs.com/wp-content/themes/hawtceleb/fonts/icon.ttf?zf3xc5
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/wp-content/themes/hawtceleb/style.css?ver=5.8.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bee4c3ddceefb6558b86e3d6bbe40326f6d67e1b0b535eb6949d570e7630d82d

Request headers

Referer
https://www.hawtcelebs.com/wp-content/themes/hawtceleb/style.css?ver=5.8.3
Origin
https://www.hawtcelebs.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2595
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14224
last-modified
Mon, 10 Jun 2019 08:38:45 GMT
server
cloudflare
etag
"5cfe1715-3790"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qykLrVTcvoLTfYOn2Hut3nRizGJL0YBiK%2F0QMsrEjJ3URDCzlb%2B8NmEHrgHxZxRmLQuGlVBUXYBWA8gMT%2BdG6oHwVePwEBVpJxVHXPMk1aWh0PVzdvd%2FT%2FOCWvXiBDheLE2c4thi78iK2st%2FZn1DwRk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
6e2d9d1618bd90c1-FRA
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%2C700i&ver=5.8.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.hawtcelebs.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 11:55:47 GMT
x-content-type-options
nosniff
age
226348
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Feb 2023 11:55:47 GMT
c.js
waust.at/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://waust.at/c.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2305
last-modified
Mon, 03 May 2021 17:48:47 GMT
server
cloudflare
etag
W/"6090377f-2f8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MsOlMP2S%2FHArVYFKrY8bFnK%2FFoDonKPq3DO5YDrrFkS3t7awTTHwRDBjH3YsPGKj%2FBR%2FVOd0Bu7jLkmXZAMj3Wp2OcrqeAsQyByaVShkuqo6hjO%2B9ikVnhwAKr21XoNA4enpglIY"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
6e2d9d169c2e92b7-FRA
expires
Sat, 26 Feb 2022 02:09:50 GMT
outbrain.js
widgets.outbrain.com/ 		197 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
791491576d54ff82f5e9864d01865fa77d4d49e6a96631b698d369a91bdde7d1

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
gzip
last-modified
Thu, 24 Feb 2022 19:23:09 GMT
etag
"16-FRz2tE08McRbxNyDL+equ0vFEPY"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah-stg
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
44e4f8f47200e0cdc3b2337dddb41aca
timing-allow-origin
*, *
content-length
69336
inpageLoader.js
bid.underdog.media/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/inpageLoader.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0372c58d2c88c2c3829721f2efa381e47d42bd26588518d8b3b511e3054ea07

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 19:15:36 GMT
via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jan 2022 18:16:12 GMT
server
AmazonS3
age
27176
etag
"b049a7622877bb27cb55c1121cb9e23c"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
1337
x-amz-cf-id
gPwgGM2ZsEkryGMOT2w85ilb5z4yWXxuoFUKleRfxiZE3PDTSJGgBw==
/
services.vlitag.com/adv1/ 		937 B
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/adv1/?q=036e05035cbef88431e89138f2969605
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
def3e951dc3a97e6d1d3e52b737f0f77b46a7a715f0648e27e44326e5a76a82b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 25 Feb 2022 02:48:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
6e2d9d169efb9a09-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex, nofollow, noarchive, nosnippet
expires
on, 01 Jan 1970 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-10995097-8
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d608e388eb92365b06bc7383622c408c8c78782d629f0869cb8464537a8ee94d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37474
x-xss-protection
0
last-modified
Fri, 25 Feb 2022 00:13:24 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 25 Feb 2022 02:48:15 GMT
jquery.js
www.hawtcelebs.com/wp-content/themes/hawtceleb/js/ 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hawtcelebs.com/wp-content/themes/hawtceleb/js/jquery.js?ver=1.0.0
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2662863
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 10 Jun 2019 11:28:48 GMT
server
cloudflare
etag
W/"5cfe3ef0-17a62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2F2%2FxWH6pOaNTA57g0VkMFOFyV6Di%2B3bPsdmLKRR87os5m8xJz3iKiH01aiJlMB9WByhFHt6AjVXqRO9VIcUn81k08eOOueN9GfgLAljreSk0bGcWj%2BMWVJhr9pSDqBk1XFHjfLBeUXnvOXSB5b6tY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
6e2d9d1648dc90c1-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
impl.v14.0.0.js
live.demand.supply/ 		78 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/impl.v14.0.0.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47a00c205ac23427984e572961850c21efd9d16502680c3876904f4a9840e61d

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FKEFKNZGD9ZVC0KK5CB35266
date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
cf-cache-status
HIT
age
2186358
cf-polished
origSize=79681
cf-ray
6e2d9d167c175cb0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"ce85a984a9876904f1c4ef475c2ab350-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
d3d3Lmhhd3RjZWxlYnMuY29tLw==
live.demand.supply/p4/v14-0-0/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v14-0-0/d3d3Lmhhd3RjZWxlYnMuY29tLw==
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e31aa0ee8ca4361c0674619afabed0e76686039c28ee7ed4c9df9da684a3269

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6e2d9d167c195cb0-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?e=ll&d=132&cs=c&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:48:15 GMT
cf-cache-status
HIT
age
2511933
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9d167f5a5c8c-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		153 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d13386635299e038737676bd7313d59a59742582e890ee3806e03f7df1be28d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53878
x-xss-protection
0
server
cafe
etag
10916578388318012444
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 25 Feb 2022 02:48:15 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
bf9550738787ac8f8b372c78c259e02c7f157206459135894923c7290850a2bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27415
x-xss-protection
0
server
sffe
etag
"1142 / 24 of 1000 / last-modified: 1645743901"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 25 Feb 2022 02:48:15 GMT
ds.2.html
live.demand.supply/ 		413 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FMYJJHB15R2JWEZTPD1Q87S3
date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
timing-allow-origin
*
age
422815
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
6e2d9d167f585c8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hawtcelebs.com_responsive_h_archive-3
api.demand.supply/v14-0-0/a/ 		314 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-0-0/a/hawtcelebs.com_responsive_h_archive-3?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54bd9e1ff75e928d885b41f680efd1ebf427f1ab716ef054b3dab9741b8e8d99

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
etag
W/"13a-jVPJYgW8F+eeh3Fq3ySerDEMONw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6e2d9d176c6d920d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hawtcelebs.com_native_multi_native_home_7
api.demand.supply/v14-0-0/a/ 		318 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-0-0/a/hawtcelebs.com_native_multi_native_home_7?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c95abcc3b3b083dba8c06e98b890c137477b47fc38da3f2146f712877f4af29

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
etag
W/"13e-feadtAWlK9OrD1wE9gw6RZGtpR8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6e2d9d176c73920d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hawtcelebs.com_native_multi_native_under_related
api.demand.supply/v14-0-0/a/ 		318 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-0-0/a/hawtcelebs.com_native_multi_native_under_related?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
463d7ba54dcd6fb08d1cafa7e420401aeeeb269950986521c3605e0ec6dfc318

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
etag
W/"13e-ad0cOvAkCyT7VtMi6MgOWTD4rjA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6e2d9d176c76920d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hawtcelebs.com_300x250_desno300x250
api.demand.supply/v14-0-0/a/ 		310 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-0-0/a/hawtcelebs.com_300x250_desno300x250?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ea8618309c215bd7f95d8c07891c60bcc36fe0b4262a4a1f323ae3ab8ecffbb

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1758
etag
W/"136-tsVmVDwt8N/Ic0FlpryveD3zMx8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6e2d9d176c79920d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hawtcelebs.com_300x600_hawt600
api.demand.supply/v14-0-0/a/ 		318 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-0-0/a/hawtcelebs.com_300x600_hawt600?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f404bc24d3c7e2e7d810748a74672c6ebfbb16c07ea6df813ebd0240a74f1026

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1758
etag
W/"13e-so3yfs/b92Qsn3um/lRp1x9mp3Y"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6e2d9d176c7c920d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hawtcelebs.com_160x600_hawt160
api.demand.supply/v14-0-0/a/ 		310 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-0-0/a/hawtcelebs.com_160x600_hawt160?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c68383395f4281743e04802b24c0499e6fc64c619594031ec21325ec37fce1e1

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1758
etag
W/"136-oYCDrCvNPVBOrBlQO+tyDqPqIiU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6e2d9d176c7e920d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hawtcelebs.com_responsive_h_hawtfuterreshor
api.demand.supply/v14-0-0/a/ 		305 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-0-0/a/hawtcelebs.com_responsive_h_hawtfuterreshor?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8516 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f64fc7b1420b65cc4820a5fa115d93ffdfe6eb471cc27811806df52dcc52afc2

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1758
etag
W/"131-olaW3NL8KqzAB8oxHNHtDAFhxEw"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
6e2d9d176c7f920d-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pubads_impl_2022021701.js
securepubads.g.doubleclick.net/gpt/ 		363 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
80df80639eff50b28f33ab6354c5f7448973e4f47c47fe0c3813c7dea361a7c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 17:11:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34604
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124510
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 09:34:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 24 Feb 2023 17:11:31 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		401 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.hawtcelebs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
2612f99fcc82f68d2c0db67b389ad59c7e25d28e5c7865118724bb0da519f1b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
179
x-xss-protection
0
expires
Fri, 25 Feb 2022 02:48:15 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/ Frame CA2B 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Thu, 24 Feb 2022 04:51:53 GMT
expires
Thu, 10 Mar 2022 04:51:53 GMT
cache-control
public, max-age=1209600
etag
4044455266028820542
content-type
text/html; charset=UTF-8
age
78982
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
hawtcelebs.com_300x600_hawt600
live.demand.supply/cp/ 		27 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/hawtcelebs.com_300x600_hawt600?mlos=wi&mlbr=ch&mlla=en&mlbs=39&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d693011b73bd4873129478bd4739611deeb73fc078e1b419671ca79bed7f43c4

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
6e2d9d17a8875c8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27
hawtcelebs.com_160x600_hawt160
live.demand.supply/cp/ 		27 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/hawtcelebs.com_160x600_hawt160?mlos=wi&mlbr=ch&mlla=en&mlbs=39&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d693011b73bd4873129478bd4739611deeb73fc078e1b419671ca79bed7f43c4

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
6e2d9d17a88d5c8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27
hawtcelebs.com_300x250_desno300x250
live.demand.supply/cp/ 		27 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/hawtcelebs.com_300x250_desno300x250?mlos=wi&mlbr=ch&mlla=en&mlbs=39&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d693011b73bd4873129478bd4739611deeb73fc078e1b419671ca79bed7f43c4

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
6e2d9d17a8935c8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27
hawtcelebs.com_responsive_h_hawtfuterreshor
live.demand.supply/cp/ 		27 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/hawtcelebs.com_responsive_h_hawtfuterreshor?mlos=wi&mlbr=ch&mlla=en&mlbs=39&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa5443e4bb2284d9622d9d514ea9bf6f0501a78351eaf654718afa3f55ca3aa

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
6e2d9d17c8a95c8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.hawtcelebs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.hawtcelebs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		639 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3444597273946705&correlator=1590792348619655&output=ldjh&impl=fif&eid=31063378%2C31065007%2C31060033%2C44758226&vrg=2022021701&ptt=17&sc=1&sfv=1-0-38&ecs=20220225&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C05d68e4b-c539-4fe7-b7a0-36adfe74d624&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=ti%3Dd0168911-350f-48b7-9612-942e5463832a%26interstitials-bid%3D10%26bid-p%3Dgoogle%26bsc%3D39&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1645757295370&lmt=1645757295&dlt=1645757294934&idt=413&frm=20&biw=1600&bih=1200&oid=2&adks=3396334874&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=519396531.1645757295&ga_sid=1645757295&ga_hid=667320807&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ed414136267bbd6ae5e05c28ba7bcb89a0a23df2990924254b25a0ace882c60f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
346
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7724 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 25 Feb 2022 02:48:15 GMT
expires
Sat, 25 Feb 2023 02:48:15 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pubads_impl_page_level_ads_2022021701.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022021701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
24a5dd0b54c65548d322ceb3ba5e3e6715024a9bad53e499a0e4471c1674b516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 11:34:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54807
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13446
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 09:34:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 24 Feb 2023 11:34:48 GMT
hawtcelebs.com_native_multi_native_under_related
live.demand.supply/cp/ 		27 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/hawtcelebs.com_native_multi_native_under_related?mlos=wi&mlbr=ch&mlla=en&mlbs=39&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1231401973912d7f10a4de728b49f0cbde4d80729a1f6db64cc6567eb16ed4a3

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
6e2d9d1849515c8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27
hawtcelebs.com_responsive_h_archive-3
live.demand.supply/cp/ 		27 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/hawtcelebs.com_responsive_h_archive-3?mlos=wi&mlbr=ch&mlla=en&mlbs=39&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
becd423da9f3528d52e150e09c4b32047f2fe870e8705e45c019cc6109dd48bc

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
6e2d9d1849595c8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27
hawtcelebs.com_native_multi_native_home_7
live.demand.supply/cp/ 		27 B
255 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/hawtcelebs.com_native_multi_native_home_7?mlos=wi&mlbr=ch&mlla=en&mlbs=39&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1231401973912d7f10a4de728b49f0cbde4d80729a1f6db64cc6567eb16ed4a3

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
6e2d9d18696e5c8c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_300x600_hawt600&pdc=-1.3995912551879883&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:48:15 GMT
cf-cache-status
HIT
age
2511933
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9d1879725c8c-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3444597273946705&correlator=3678731154326788&output=ldjh&impl=fif&eid=31063378%2C31065007%2C31060033%2C44758226&vrg=2022021701&ptt=17&sc=1&sfv=1-0-38&ecs=20220225&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C120e6fb9-b7ae-46f4-9a5a-75588a0f4977&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&prev_scp=ti%3Dd0168911-350f-48b7-9612-942e5463832a%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D39&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1645757295426&lmt=1645757295&dlt=1645757294934&idt=413&frm=20&biw=1600&bih=1200&oid=2&adxs=1029&adys=760&adks=3161547873&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=519396531.1645757295&ga_sid=1645757295&ga_hid=667320807&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ea57eb2b36d4e651ef36f9304a5aa51d012cf5dd8ef15ac54d501f331ba4c5a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8747
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_300x250_desno300x250&pdc=-1.3995912551879883&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:48:15 GMT
cf-cache-status
HIT
age
2511933
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9d18f9fd5c8c-FRA
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.hawtcelebs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.hawtcelebs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3444597273946705&correlator=195015053914492&output=ldjh&impl=fif&eid=31063378%2C31065007%2C31060033%2C44758226&vrg=2022021701&ptt=17&sc=1&sfv=1-0-38&ecs=20220225&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C126ee8cb-be4a-44dd-bbca-61a2ab6e88e3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=ti%3Dd0168911-350f-48b7-9612-942e5463832a%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D39&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1645757295515&lmt=1645757295&dlt=1645757294934&idt=413&frm=20&biw=1600&bih=1200&oid=2&adxs=1029&adys=380&adks=3757809261&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=519396531.1645757295&ga_sid=1645757295&ga_hid=667320807&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
0cfc8c9f300b392973df6b339e8ff094d943c98ef82dedaf1364b702097eabfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8636
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_responsive_h_hawtfuterreshor&pdc=-0.6997956275939942&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:48:15 GMT
cf-cache-status
HIT
age
2511933
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9d191a155c8c-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3444597273946705&correlator=4352908488181286&output=ldjh&impl=fif&eid=31063378%2C31065007%2C31060033%2C44758226&vrg=2022021701&ptt=17&sc=1&sfv=1-0-38&ecs=20220225&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2Ccf81cb99-3273-478f-ad79-a5404a44db5c&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x100&prev_scp=ti%3Dd0168911-350f-48b7-9612-942e5463832a%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D39&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1645757295530&lmt=1645757295&dlt=1645757294934&idt=413&frm=20&biw=1600&bih=1200&oid=2&adxs=252&adys=10142&adks=841703197&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&scr_x=0&scr_y=0&psz=1097x0&msz=1097x0&ga_vid=519396531.1645757295&ga_sid=1645757295&ga_hid=667320807&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
096f13be32221731ae6e8f3f6d4badb74b9c1eab3c9eeb7d60bc81d548f61e0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9566
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_160x600_hawt160&pdc=-1.3995912551879883&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:48:15 GMT
cf-cache-status
HIT
age
2511933
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9d194a3f5c8c-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3444597273946705&correlator=2545154805065104&output=ldjh&impl=fif&eid=31063378%2C31065007%2C31060033%2C44758226&vrg=2022021701&ptt=17&sc=1&sfv=1-0-38&ecs=20220225&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2Cf9c1d796-ef8b-48c5-a212-9c5e01c1d981&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&prev_scp=ti%3Dd0168911-350f-48b7-9612-942e5463832a%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D39&eri=1&cookie_enabled=1&bc=31&abxe=1&dt=1645757295563&lmt=1645757295&dlt=1645757294934&idt=413&frm=20&biw=1600&bih=1200&oid=2&adxs=272&adys=400&adks=308638017&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&ga_vid=519396531.1645757295&ga_sid=1645757295&ga_hid=667320807&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
1d9d0ead1b679662c919689dbc802d67f0eca75116481219d9bf17badfdda27b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8480
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_auto_interstitial_desktop&e=nai&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:48:15 GMT
cf-cache-status
HIT
age
2511933
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9d19bacd5c8c-FRA
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.hawtcelebs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.hawtcelebs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		38 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3444597273946705&correlator=4298708804044264&output=ldjh&impl=fif&eid=31063378%2C31065007%2C31060033%2C44758226&vrg=2022021701&ptt=17&sc=1&sfv=1-0-38&ecs=20220225&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C542ffbc7-3cd8-4f42-9269-0fd2787d1ee3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=ti%3Dd0168911-350f-48b7-9612-942e5463832a%26interstitials-bid%3D1%26bid-p%3Dgoogle%26bsc%3D39&eri=1&cookie=ID%3D978a7c8f3414ca3f-22ddf6be4dcd004e%3AT%3D1645757295%3AS%3DALNI_MZXefHQZdVPn8Q2rYjP3RmD_zv4yA&bc=31&abxe=1&dt=1645757295629&lmt=1645757295&dlt=1645757294934&idt=413&frm=20&biw=1600&bih=1200&oid=2&adks=4148235607&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=519396531.1645757295&ga_sid=1645757295&ga_hid=667320807&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
43e333609c454bc9b4e46cd8883821b2b283c5a5a434792330515e1419a0244d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15397
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_native_multi_native_under_related&pdc=-1.7494890689849854&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:48:15 GMT
cf-cache-status
HIT
age
2511933
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9d19cadc5c8c-FRA
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_responsive_h_archive-3&pdc=-0.5248467206954955&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:48:15 GMT
cf-cache-status
HIT
age
2511933
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9d19daf95c8c-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3444597273946705&correlator=4280454163456867&output=ldjh&impl=fif&eid=31063378%2C31065007%2C31060033%2C44758226&vrg=2022021701&ptt=17&sc=1&sfv=1-0-38&ecs=20220225&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2Cdda8959f-b928-4a81-81d6-a0d270562003&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=530x100&prev_scp=ti%3Dd0168911-350f-48b7-9612-942e5463832a%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D39&eri=1&cookie=ID%3D978a7c8f3414ca3f-22ddf6be4dcd004e%3AT%3D1645757295%3AS%3DALNI_MZXefHQZdVPn8Q2rYjP3RmD_zv4yA&bc=31&abxe=1&dt=1645757295646&lmt=1645757295&dlt=1645757294934&idt=413&frm=20&biw=1600&bih=1200&oid=2&adxs=452&adys=5200&adks=923548117&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&scr_x=0&scr_y=0&psz=537x0&msz=537x0&ga_vid=519396531.1645757295&ga_sid=1645757295&ga_hid=667320807&ga_fc=false&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
1cd12d608cf6655515704c8e3595c9e0bed98eb8a4850696f7522b84f1073ee2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11768
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_native_multi_native_home_7&pdc=-1.7494890689849854&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:48:15 GMT
cf-cache-status
HIT
age
2511933
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9d19eb425c8c-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3444597273946705&correlator=621971309250532&output=ldjh&impl=fif&eid=31063378%2C31065007%2C31060033%2C44758226&vrg=2022021701&ptt=17&sc=1&sfv=1-0-38&ecs=20220225&iu_parts=44890869%3A3968751%2Cnative-multi%2C2eecba1f-fa02-4c76-a614-35bbbacff028&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&prev_scp=ti%3Dd0168911-350f-48b7-9612-942e5463832a%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D39%26format%3Dmulti-native&eri=1&cookie=ID%3D978a7c8f3414ca3f-22ddf6be4dcd004e%3AT%3D1645757295%3AS%3DALNI_MZXefHQZdVPn8Q2rYjP3RmD_zv4yA&bc=31&abxe=1&dt=1645757295660&lmt=1645757295&dlt=1645757294934&idt=413&frm=20&biw=1600&bih=1200&oid=2&adxs=432&adys=7048&adks=3255218841&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&scr_x=0&scr_y=0&psz=577x0&msz=577x0&ga_vid=519396531.1645757295&ga_sid=1645757295&ga_hid=667320807&ga_fc=false&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
0416c19f69c2c2c67be8f9a781054c58c7e87a6fd39d4e46b2a2cb48f8c36503
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9685
x-xss-protection
0
google-lineitem-id
5924406464
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138381471506
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8E3E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 25 Feb 2022 02:48:15 GMT
expires
Sat, 25 Feb 2023 02:48:15 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=hawtcelebs.com_300x600_hawt600&sy=6bde81e9-ebda-47cd-b516-58374855cb8d&ts=39&cd=2&pud=132&pus=c&pue=1058&pid=80&pis=c&pie=1138&ppd=191&pps=a&ppe=1249&pad=139&pas=c&pae=1198&pcl=1046&ttc=1268&tti=1686&ttif=0&lca=1249&lcak=ppe&lct=1249&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=300x600&mlbw=4g&mlcs=NaN&mltp=d0168911-350f-48b7-9612-942e5463832a&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:48:15 GMT
cf-cache-status
HIT
age
2511933
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9d1a3c0b5c8c-FRA
pixel
googleads.g.doubleclick.net/xbbe/ Frame C79C 		624 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGOTWzcIBMAE&v=APEucNU7MCMmJCp4AjyCAe2kWvEWZGpx1iu4Q1R-KmU7E5SMV6LSIFgtpm6q65N53Q8LwADG885Huh0aqOFeBdQFg2fSGc4GSqHAIZj8H6W0eV-T1n-aRNQTDdGHJ0lhQKYBcC_lr_0HdPH7vYllWj7OPh-k9C1n3jtplatGyH5083H1IW5_Vq1RICtF7VYLIqeHiYwgpBDWCKJeyS4F8GA9QJlJbKigBA
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 25 Feb 2022 02:48:15 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 25 Feb 2022 02:48:15 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 8E3E 		74 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKKR1MrExCANLLia35-cnQ8WWxFZlTC-yYxTUCMcAi0aggGLsVTS3kHY1IlZWupuYpKXjvq444cVO4PDJF3zke1soAUTSKpJa5n_ALuUPaNvP9-F_dqtiL3_I3odVl6v1-EqDbr8tDwEwjB6jKa40YSPJAftoy9GKP8ONp91jEI7eBOjA&cry=1&dbm_d=AKAmf-BgT_0B6GfpoNqD-jsq6DZZRc1TBAKWqz6qQ7yGtyulMQ2dFKv70iuwbPf0hhBNKP6A3P6Oz1lJe8IS0I0lRjkyyK7IUMOeD5qvHwLah3UM8SzeddKNNZeOQkseAQLkO7861I4zz6Ytr7aPpIT6uyQSXSCKocvPIcAWoeCf_mfdLVycPvB5E__Ak_pB910f96A4e3gFqnyX1yCry2bxK8OmlyXySCvFneP4eUg7oEfzAf7JnM0sueifV-UmwRhtBG9zNnAj5NHDh-C3tL0b0Itc99qa0ef7wx3p7NqDKT1jPjrHgqzCoxEx9_HrZ9-5x8A8p49Bn5GJxW0DsQ5ix4awMgcdmQfPpXIJAIDtCOxwU67iaxxqI7lrfkd4bG5XO-AkJ9h8ojbahCSUObH0G0B-LeWQ91snJyxTjO9gzH3zcQCuIAiwV3-oYCvgOn9TzzTmKJL65skF8sbNUCHjzeb87k9HIsyu_BuHmGYUYCHiiXKcJKMuqJ_MnZl-hpAT5hY7O_AmIM5-uAvmQM5-DdD0qJ-PJBRi7EyS4YSMPR4ZGWaYzJaXgY-8opTDljMsqeROHx4yf6kWVFqYpYMU3ImHarxCDq6-PXuuD7EoylQf_EFlR7Fk-kZz2da49SI_wX-SDMoHqs60vfJ6PVaUOUiv19MvE3qFix37EKXQ8HYu0K_282ZCiztKRsFcWBG2pB671QDrbgGVImx9oT9T7t_wxs4p0IPsZ_m6JLwvTpf_Z7iYx2F5D97fiXBTrehT8C5mxaCTK9V0xYj5XSYGTOfhZlYXUyQhJJqlvU5ttfGmw8kmnd5nz6VqjMiIk7wmRZ1RAwfkBHjI5eZaaSM8dKJ81gTUotnINUzOktPnd0sgasZLeqESSBpa4FUgkwKYNeGeIVRqUgtI0jj5gNIFitXJ_jq8e1qTlVF2Eoz-N-ljgNzPlfwf33s_TccA8P1v4QUBKW8_jANSxCDED9Nn2YuQhMDESirtFnlFNLbB46aQ-cewVTjuvGnpNHLZ-Ho78K0JmxNMe56bckt1kqYWmkafy8ppSVBeU8knU07MX-mctsSmWeFzGwrf2cTT4hIWRsYq3lhhh1jaxQoptLN0E2uDvUIqhvzVNs9WhyfZwiUCM2xIsD3kR45xnB-KeDbGc7i6Qu3m_uNHPx4pV_FzYHBPhTz_5t84nXrCyzzlUr29_PiMTOV09R1V51yD3whAyFZbip6ftYX_z0ETUYiNQxxbQhRXDIpsvp06_1ckAevRKpC3QK43s6FX5qbCXlvTJbvy4cCD1JmmxvTT6NbbPJy8dhFM7LkPfoYgzBV9c3EACbuxumnxl5C-OimD7qSHyPeg5vvMpqBWZ_AwTo5B-K4TRlnUmq2bl-T41_Yln0Xqr3Hw4vV24Nl4R2N71-ApbLZflPQdJ4RuIfqYkbETqfhNmRPqu2rjNc10muN9UUB7nmk3ttIsBVtUS55tiObiaVaRivGiQ8QTgyHK3KPWQZwKT93Bw-nmq9fOIIb95whcWVO5PeTYBiOsQ3tjBTVGvp-gGnWyN9TnXwHkrOHTnAL43snt965GO1Z9l1bBTmTlzJagjLUKcLokI8aow268jmYRQLJSKQkk6t73JMLtKn_x0qB9hEU7sV5XzT9St-oN3pH5ld5Aa9YblYSbxkAv5yvkb26gjeyvI8jaG39htITFnoFUdEyyrfHcj2Tmkm84tQbG89V8e11b-4E44JCv9iFeCpEZvk8JsLyKny_4sLjfuwC3p8vH2DI3VInQaUV2D8KLVAVmwDDlMLqVbJKHwhdgsaZzpGA7X0pbU_huHbVHXJybM4G8VX1TqsBlSP7MFbzB44UVzu_QFa8qsa2djN1worpiXiyzLnkLIIVaL8lq3s4EaXhm_yOvyA1XnF4urYQz2IHvF-8J83jyPu8xELsJZEjnwX58Q4v2wy22MiKPB86O1DKbLNT2ZrZ0O-DvqSGanlnHG3XHkE7KNcYvyYMHbtU_UPMqCzm-p_KHhuOcq6yHiMSucVnuFwEmobs9mXg7oFCLLYK3CVKWVu8bHvEbPhH8gMGOUIGDF0LQwF0MaBVdR5DNNQbhoX7dQOjEvOYA4pdFImPhs9k0PUjgWJ_TNLfgXYpRVTJos5z1Fnh5VdOIx6txOVVyPMnvbC_zijHdXM9a5eCU5mHJz0QFDRpncihq9Na84tEyrfwQQjyWFBc4xLqXZ3nA89XdVX8PeDN2hnnBIj3bCfmaffX7oAvsWo51nUS6m95AgvaZuv88nthZ7qyyLWqnxNWRt_yaX1KVouW67JnvSNsvIZlKzVPAZ1AI-Sj4aCGPJ8gkA-ufCewnLCWcVtxXh7xXdzTQA7Ull6Qe4Y0KU5PtlzUh2X9nSUwRnYgDRe2yGh059SKee2T7FhphYC4v-tZICww2sRvk68RzTpi9zqNzsAQqt8wZMc_FF5pUfqUVd_cYgx6OR91CBCstmFlYc-u7AKyr0U0P79NfFHXjRBzSYr7aG7oE6EgQFij7dBPOHldQgBZ3wIO-GGFewcwCy2R0dTZI2LuF1_gSg0WhGiIA2poscomtFH6TST3_E5xoVltCt5hRIDrody30Hq4biXEcS5fDZPS7UHyolWKR3MjviooK9e_C9CiukE9vRlpvI6neM8Rr0u2xwwK90Clrl1TEEuFbeCJ_yDnO9OGdP3lCh67z4vmhX9i1UL5VcuADeqOqREzIrp-gOwkE8oPdI-X7hxER273fWkhBn6af2GvYxsI-hbfh7tngdE2Ov-6WvwJsI7DQwxfoxC95SFCxtHdtExza7wKNH5mjQv0cMWlTXo-OVSkkkV4Z5Zn4xxtv0gGU-yrr0QumcCwPrAckgikzp-jfFqCAaTWcuxAJlTIr_zrTq3uB2KfdNvH-53Kb7h_Nm5LuTCTAx0fD1qQHGB-DnBGm3IRH1icaLvpKuYAt3sBhYnnUS9Ge5a7PO3WX76YZho-mFyLEwglZlSz0hq2BpMkl0KUduYQCeZROY0AVrn0kMtVA4eFH31o62XJx6yBRLNdMJpPHqBCLsASfY1AReTZUzKP04wRTWxsZQjbU-NOeSZWHaXURXyks2P_N9XeoxbMhmveEMzXCJ1YxfvrGaedkd7sMLkp1s3Bf93oh-YaS975GBK1qvvIVo6qbypM3FE-gjuLZh7U9spM8T8AvbBw2AssNyVYqrj0mTUzT3G6pWHl2u-bDgxerD3LjKGCfP1obcxuJlMYrYhPsimuHNrxEAvRlclpjfBPfwzsX1bxuII4jqY-UxIsY77JCyZOIq5lKYtCYMpA0ldwpRpO_SgnNJc-6F4izDwWOfL_mLm-qcefbyyhb6ILBwpzq0fKZ5ypyR7dfnr2zLaC-_I-JOmPJDk-8Dnh-X8grBd8x_3Gj8quQGtbsD7h7jq2Gan0o4BkB3n-lW4LrrGBeV9wJ7VAA5gw9hZ7CC9u-RM8fmwnsr-UOkDs9s8xT2_4x2AHWvC15YupBghfeNJ18O6iMUZRry_8nIzxO-v0CAELQruMpbRR9j3yU&cid=CAASFeRoJ43zZvyk0zFoWs4itKodC7t--g&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
313ed1d0ef5ef70fdbbae75e67aeed30c5893ec98ecb91151b60c5ab7838e8a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32444
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E3E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CucZgvQS251VjXFRMobY6WH5ENe6y1SkazJaRXzhvQZXiMnOUpMMP__xkiE3mKHY02eHbN7BIdd45Xvq5Uhi6E8ti86FWcOFks9P4Yd0fqea2I7Lo
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ai.aspx
m.exactag.com/ Frame 8E3E 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=300&extProvApi=roller-dv360&extPu=ROM&extLi=55226348&extCr=408120164&rnd=1645757295479537
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection
close
X-ET-Monitoring
1
Content-Length
43
Pragma
no-cache
X-ET-Code
0
Last-Modified
Fr, 25 Feb 2022 02:48:15 GMT
Server
Microsoft-IIS/8.5
Date
Fri, 25 Feb 2022 02:48:15 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
713
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 8E3E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:26:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1283
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:26:52 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 8E3E 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:36:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
705
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6434
x-xss-protection
0
server
cafe
etag
16791967082338318403
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:36:30 GMT
l
www.google.com/ads/measurement/ Frame 8E3E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRM3gC01bebHyPc5-EhelqqBtyTfCu0wPYnOMFo4O0eR1KWvlBFkF-IQaAzp6a9KGo4raTyDPa87tCcIH_NR3gu6Rt0LA
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8E3E 		124 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38829
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645619776399499"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 25 Feb 2022 02:48:15 GMT
container.html
c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8600 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 25 Feb 2022 02:48:15 GMT
expires
Sat, 25 Feb 2023 02:48:15 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=hawtcelebs.com_300x250_desno300x250&sy=6bde81e9-ebda-47cd-b516-58374855cb8d&ts=39&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=300x250&mlbw=4g&mlcs=NaN&mltp=d0168911-350f-48b7-9612-942e5463832a&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:48:15 GMT
cf-cache-status
HIT
age
2511933
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9d1abd4c5c8c-FRA
udm-r3_Tue_2_22_13_17_31_2022.js
bid.underdog.media/ 		565 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=6;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5b571d25d3df8cf39b61b15c3a1d5f897fad2bbe0d2ada8e44bd7807f62cca6a

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 21:38:43 GMT
content-encoding
gzip
last-modified
Tue, 22 Feb 2022 21:17:34 GMT
server
AmazonS3
age
191373
etag
"19a3c3261fe7318334c3d113cba49d11"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
173662
x-amz-cf-id
ipDMySZTkxnLOutKwSdilxgi17ClufT3dSC5SBS5tkYlfWLZjKbAxg==
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=6;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
gzip
etag
"yoD6mq4JTyPdtDBolW+GUg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Fri, 04 Mar 2022 02:48:15 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.55315703
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.55315703
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=3237488638937098937;cb=0.55315703
43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;apnid=3237488638937098937;cb=0.55315703
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:48:15 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:15 GMT
X-Proxy-Origin
95.211.199.145; 95.211.199.145; 730.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
417dfe2c-ad35-404a-8ef1-bf83729889d8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://udmserve.net/udm/fetch.pix?dt=1;apnid=3237488638937098937;cb=0.55315703
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NUVENjg4NUQtQjdFMy00MDlBLUEyRkEtMjhEN0MyRDk1NENG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D5ED6885D-B7E3-409A-A2FA-28D7C2D954CF;cb=0.55315703
  • https://udmserve.net/udm/fetch.pix?pmid=5ED6885D-B7E3-409A-A2FA-28D7C2D954CF;cb=0.55315703
43 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?pmid=5ED6885D-B7E3-409A-A2FA-28D7C2D954CF;cb=0.55315703
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
HTTP/1.1
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:48:16 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://udmserve.net/udm/fetch.pix?pmid=5ED6885D-B7E3-409A-A2FA-28D7C2D954CF;cb=0.55315703
date
Fri, 25 Feb 2022 02:48:14 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
services
sync.technoratimedia.com/ 		0
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=54&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsncr%3D[USER_ID]%3Bcb%3D0.55315703
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:16 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
914635961
access-control-allow-origin
https://www.hawtcelebs.com/
access-control-allow-credentials
true
container.html
c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3B9A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 25 Feb 2022 02:48:15 GMT
expires
Sat, 25 Feb 2023 02:48:15 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=hawtcelebs.com_responsive_h_hawtfuterreshor&sy=6bde81e9-ebda-47cd-b516-58374855cb8d&ts=39&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=1024x100&mlbw=4g&mlcs=NaN&mltp=d0168911-350f-48b7-9612-942e5463832a&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:48:15 GMT
cf-cache-status
HIT
age
2511933
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9d1aedb55c8c-FRA
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5748 		624 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGP6GzsIBMAE&v=APEucNUnRg5LhDQKRdNaCT9Qc2NZpP9vXHxvSbLMVt-ZQ__QoTiBPshVn2FdTYslq1ukX7Weq8P3nd1wGiJeaJqeEglOeH3ZP2GerdySVcf3yL7xcrzhkgRjtjVYHw7JNbvPhKSngj0uers2BITplFDOCRg7pBKrahvXbsQ0QP_GRKbDJr64XpGRQf_Wq9CyOl1apgmVon5qnPrHlJ7jK7LIX7mQstynFw
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 25 Feb 2022 02:48:15 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 25 Feb 2022 02:48:15 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 8600 		74 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZBGuF3ICdYvssm4GvsRQK2jMXHDf2gGjKFbcT913wDGR0uc5SgAy-O77dYN68g-u-6_N4VD8uwksFgVh9BRiPCnYUgLxghiNHpDanJyb81h-VIz0LyTv0tvCmfXiVBreE3yn6zTplbOmz_wBJsO_AyS2KXGoc4-h5WuJnm8tSQH0L2Qw&cry=1&dbm_d=AKAmf-C7mkAVGkVmK5BZnRizaFkuaYVGDlI_oubQ4J7PUPN71Ls5JkASXD6SSQbOB0Iyd9aIQH-Dc_ExRe8Hy24JcpEFDpF2_IwuPTaY3da8s7uwz0zLVH_ss1Id1C-MKtt5OGGc9BfQ4C_Q9a5S55LdrDVBKjNpLgrhjV8yKI1FlwclJy321ZnyXWfi6QgW_p7J4HZVW6ndj0j6T2mZWYEmEjninR_Iglhj8PyzLImNELltwuu5pig7Td1VAz-_Av-4vo3zvZl6S0BdvH6yGI89f2McsxXZeoKD_eyzWtPabMzq4mS8be5Fc4BI7i5gtaT-23NgbSuUtsRfL2iNCJ0wS_U0F89JMtyUJLCX3DadBqjvuU3gT3raQyg_G2IFvotHTtTVWwPWCdMKwdaVcJE2xRnp0C_Nf_IUaE6mSlq7d7zYyh9fgN2_vMPnxgR67zkTO1pEKZ7K6fy6bLcFYCe_2zisSzOf1eGZVhJi7KUL7Ut9pxvyuTZvTNc1nraaoZJNw5i707nwWEhvNT7RQfJKkYuFiNhMVy1EHJPC-OuDaEN5o2NIwPQV0_lF2r9ZCu09OnrYsVRwWeUNpIrwfj5Ii0PpwAROXbjxaVo71JUMJdecTkMu9W-t055j7ZwRvLL4jpg4xEYAQ9QDx22hexngamS899O2bahbYpzf973eGDVSYpNFQEOxfWCaBvTXiX05c4xwJM0yev0AERfi9o-ffsHIAHRxviSPP7ndgBq7xnEtXfRbAOk2d5qrxP9M3vVk5igiaotrzCGhid3f6899-FSxhdAWyHF3pzB3cHbyAuJV3ELqjtzWdh82KGmkh43PnVeH4qlwLJFX50TUCrewAK5DKrA3j_fnuXFlcfAEwDWYQZ4y-2K1xBmdqpn0yVw_tQL8g9A9PKGWMD0FvVLCdUn611SX_0Qe08RQd1Er4rqbHg6K9oMH8O8xxgQgtLI5RgnvDJcyh1MSEd8qkTWFDyKMSGWyTjcbRDMzMNyKeiplZFuDb-78ZpxUGn6Vnqk9zLA-Mn8DE6vgZPocuvF7nUtSIjWtKe1-E1wF-uxFwhjkGu6hq3h7WtsB02iZRqvVojqgsKTq9q_nPvN2-johJHuMz2NOXH1VtA_ssRF3WnV-kN7igJh4a-q3XaSmDT4eIhfDGyNzLYW3or3XNDWsQnhCVckfav60aL9DeYuZc-1Q06_MT1FahgPnEESEBOFx1XAQANXz-jD8IP8B9ZHT-aqET3a_fk271S-ph1dF8y5pjp5mJVvao-Rn32JcxMULyvT5hl2Uis7Q4itO_fvVxIfKM29xsTNT2z6X52bhlBjHU9mhndLqZcPytOt3sj-9l9V2f9ZT3tlL6s3H1QUQilUONzr-pq25EJq0_nnVR0VYM3kPS57vOs__T_8SQTWwdQF6Tch50E1RykxfKS_CRzi-jkEfAUGGsroFWYPnWqx2gYGcvf68Hfn7_bMa3hLRK4W9Cx89NhwTBqiU8A26YjryCxwZpmhHvgK9BIK3HG0bnw4BO1bL0tj0wcsSuEJSrWPGTNRis3WJgXr2_eMulGI8VV7_yRsIr22ehICRLsOHMTD1uarnvmqP6WUmkzHYo5Xwu8UqpLnca_UXSUlza97dr73FBy31IXxQZ6oJCWLgbtWa080thyeLFrwB5hXq0vURFZ2K2gB88clFcRwvWv8PtRz6gdZMK0PyTG56NLlh760VTwowUoosWQmOaW3WzMF3y5eTYsUFKpPSbVO-AxeXyBq8wD4KuQOymrzgKMNypRSaE7p-uQIvNJYsOqa-5h-hxozYitToP-IxJJQSOarRxrfdLCZnVucWN3BXnI-qxJkh63u5sEECLWnrJRXErdE9S3u-IE0lvqFlM26M0yUekXxAlP7yi_fH6GaZu1mdbNUjACy3l8KPwXh1JxICFgvvEh-lqtNiVVQ25u8-ycEjiLJPhgDKgRU_3h4emIgmcgUF84ATSOCPoKTzsF5UJkASzfj8WLXPKPsrHWvC2kA2I7PEuVZ86xuEIngQjZvTUfPstYeo8WZ7JiDwMOcWjB8rXA0ejpaXniUYbbYCYHww8CpcWbpqZ-Y931L7eam2ci__4XmGtsBwbmv1-Thaxf5e6OkIU7xLyda8q4KIjMCd3QNqdoSJcX3XTpZVQsY5kTCugoKAgPXD52eLHPNRCs8nX8Upb-UZMBMmZtSK18iISuK9sr1rN3Cc6MQJQJ9Mgrsk2KRJHP8ZxwLf0zQ91vv7Ze2eedhVSJQ7gyMD36rTlgIrATA9HvX-EOp97Za5tEMDhAy7Rb2WOV4vaa6traP-_mTbntYBfMpcC4J_U7U8SzCxDP7jOFIdDvu_fZhRx8KGKFphEEscPMbx0OyDx3mCknnLV8woCOJ7poF3MW8OhFKApXEfwvmSu57ECDbQilV_LZZW80GMJKfHkYZDEI89ujzXiYcGDD3ec5W69dClW5aXv_X8e-iFTZ-IvlP26bMFS6KzFwpH97nLzMKIxGliOgP5TpW4Lf2I64vh3xtlQygb7llqc-o85J_mEPM2Dw6rZJyptRegJDK-1nF7pttf_f3aGATj69hcfeEO2GXE4INhqk_yXvF1ova5xg-2VDr5afya2T-2PrNvP16a_jN6FcEp6io2-oezgS-KZyDb_lErh_xZ-OuAGQjaSfR6Hlc7mADS0CJnM5Km7d8WXvstr7vni7jfpeJZifh1kP8qdkrCjK4t-xBksUIbU8mmT4axpeSoD_dfhgcIYGQ4rG1XV2TEAuoToAKif1cL4LdGJ4ZMF0EILwT9f9SWkX4EbQhjtW-3dgTvOtoDyL28z32JLZ74kDQBM-cgM8TC_R5vZsN9gJ7wRLgUnz__zaZqeExPQrM3n3nwWEIg4IOP9Ys8AFZZXQNGbVigO1DN3S1nLzt4p7zd_XqOZdHMhIAmOXKbcN09ct5R-n_NLcIdLWBHTuLndqSO_9t3ydKO5kelgmc2D6uV9F4DaX_DUZijBCE13XGDjIVJtNl9tGt3MGI4v4Mb853BY074rXy2_azpDgVP8R__BLt4RWbp284jRw9rYiMBPWdUDvkIufI5-HGl1GI4JZG0OEiavdjhMnax4HDPiM21ryPoqJz36IxT2JseDgdffCVFBNExmkftppqPC-YH1ZFvcb0TwM5J7AbsZ2jLOmFKlngYBPBhXyde7wAmZCloUxvhWRazZ5cFUyYV5rbNRNI1O1IfKSK41uvtkWuM87tyqXxSvatCcYkMcDI4eNmGtR1xCyGCV5XN-TESTvcdFQ_sh6YA3p7f-2tseaGIIWAPXNwpA4urzBHhhU80bMSEQi4qWwMkxkVvaWeoEqZxCgMfUcd4NoW5OYF1v0OToxV3Hw0lD9E_RUn2ONtjHrlSjIOdqWFBHXrJmfbaSTOEVPNKP8Ds7D1JghqLW-u_rcSS9XsSOv4SYJsGrQJF7Toov1lvgrgckOc6hcx-_uxbfE8SVqM78WQT585_szT30mOiF8cHt4Ni3N9Bnq4fp5wVN2NV4i5aFib16BY0VkB2i3dkmlV-9aW4sMAo4V-AP51BgPb23n2cBc1WEBEaNig&cid=CAASFeRocikCbhNyQMotuH0soZYZ7StcZQ&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c59699c3a2d074893c749ab16e8acaa40bc89391db9cbd30e12b16cf01242e5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32448
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8600 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D8nPPBIfpN4Rbt46QwhotMKKSMrascHlbrMbTG_olhruDrRmaS4gqlBufMf5eJ449rNRNzkS7SYFu4AvFD_eb4MaNeKZzV9WGnbhghcomCX0dXnLU
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ai.aspx
m.exactag.com/ Frame 8600 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=300&extProvApi=roller-dv360&extPu=ROM&extLi=55226348&extCr=408126334&rnd=1645757295562871
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.202.235.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection
close
X-ET-Monitoring
1
Content-Length
43
Pragma
no-cache
X-ET-Code
0
Last-Modified
Fr, 25 Feb 2022 02:48:15 GMT
Server
Microsoft-IIS/8.5
Date
Fri, 25 Feb 2022 02:48:15 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
713
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 8600 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:26:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1283
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:26:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8600 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38829
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645619776399499"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 25 Feb 2022 02:48:15 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 8600 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:36:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
705
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6434
x-xss-protection
0
server
cafe
etag
16791967082338318403
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:36:30 GMT
container.html
c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C4F6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 25 Feb 2022 02:48:15 GMT
expires
Sat, 25 Feb 2023 02:48:15 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=hawtcelebs.com_160x600_hawt160&sy=6bde81e9-ebda-47cd-b516-58374855cb8d&ts=39&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=160x600&mlbw=4g&mlcs=NaN&mltp=d0168911-350f-48b7-9612-942e5463832a&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:48:15 GMT
cf-cache-status
HIT
age
2511933
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9d1b1e2f5c8c-FRA
rum
dsum-sec.casalemedia.com/ Frame C79C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFTM5hW2ZkBx5AHvC7cn2Lg&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFTM5hW2ZkBx5AHvC7cn2Lg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGOTWzcIBMAE&v=APEucNU7MCMmJCp4AjyCAe2kWvEWZGpx1iu4Q1R-KmU7E5SMV6LSIFgtpm6q65N53Q8LwADG885Huh0aqOFeBdQFg2fSGc4GSqHAIZj8H6W0eV-T1n-aRNQTDdGHJ0lhQKYBcC_lr_0HdPH7vYllWj7OPh-k9C1n3jtplatGyH5083H1IW5_Vq1RICtF7VYLIqeHiYwgpBDWCKJeyS4F8GA9QJlJbKigBA
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:48:16 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFTM5hW2ZkBx5AHvC7cn2Lg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C79C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhhDb11T4iqGo90.2PC2xQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOKUJAlrgDkK3Ez0uAmR7DM&google_cver=1&google_hm=2
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOKUJAlrgDkK3Ez0uAmR7DM&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGOTWzcIBMAE&v=APEucNU7MCMmJCp4AjyCAe2kWvEWZGpx1iu4Q1R-KmU7E5SMV6LSIFgtpm6q65N53Q8LwADG885Huh0aqOFeBdQFg2fSGc4GSqHAIZj8H6W0eV-T1n-aRNQTDdGHJ0lhQKYBcC_lr_0HdPH7vYllWj7OPh-k9C1n3jtplatGyH5083H1IW5_Vq1RICtF7VYLIqeHiYwgpBDWCKJeyS4F8GA9QJlJbKigBA
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:48:16 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOKUJAlrgDkK3Ez0uAmR7DM&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C79C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAAo4Sqqresv7oKAV-G228E&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEAAo4Sqqresv7oKAV-G228E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGOTWzcIBMAE&v=APEucNU7MCMmJCp4AjyCAe2kWvEWZGpx1iu4Q1R-KmU7E5SMV6LSIFgtpm6q65N53Q8LwADG885Huh0aqOFeBdQFg2fSGc4GSqHAIZj8H6W0eV-T1n-aRNQTDdGHJ0lhQKYBcC_lr_0HdPH7vYllWj7OPh-k9C1n3jtplatGyH5083H1IW5_Vq1RICtF7VYLIqeHiYwgpBDWCKJeyS4F8GA9QJlJbKigBA
Protocol
HTTP/1.1
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:15 GMT
X-Proxy-Origin
95.211.199.145; 95.211.199.145; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b508fae0-c9e4-4bed-9b44-1ad561544b21
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEAAo4Sqqresv7oKAV-G228E&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C79C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIzNzQ4ODYzODkzNzA5ODkzNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIzNzQ4ODYzODkzNzA5ODkzNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGOTWzcIBMAE&v=APEucNU7MCMmJCp4AjyCAe2kWvEWZGpx1iu4Q1R-KmU7E5SMV6LSIFgtpm6q65N53Q8LwADG885Huh0aqOFeBdQFg2fSGc4GSqHAIZj8H6W0eV-T1n-aRNQTDdGHJ0lhQKYBcC_lr_0HdPH7vYllWj7OPh-k9C1n3jtplatGyH5083H1IW5_Vq1RICtF7VYLIqeHiYwgpBDWCKJeyS4F8GA9QJlJbKigBA
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:15 GMT
X-Proxy-Origin
95.211.199.145; 95.211.199.145; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
defa142f-335e-4dcd-bc7b-99b01e77fbc3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIzNzQ4ODYzODkzNzA5ODkzNw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame AA62 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNWLXAlM0_JJrXCcoYlUwqsBoVXDY9vJMscGkN2SX3i1NXIOy4HzyAUl82t_7nXs0j_tNkSP1rmh-iLxPF-7qw3g59BN_oR8QrT-vacG0eFPkFoKGVL0n09JRHru4-6kE_n31z0fe46xSkkdTsqhG-fuuBRnP3Ja0vgkn2VMIxUpk15Od4_r87aGkrocg8UUFJMZdSyVAmKuBi3eCANU-ML-MG48AA
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 25 Feb 2022 02:48:15 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 33F2 		26 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C2ns3TZnDXFqh9_eYK_BdYkcf6tFU-fBtW3Zw1cgmV4mpbvbm4On66K10fPuxA30an9hCrN82XnoMAKbcUmOzBmWO1kPeKgqNoEliflgZq0GlGSwxqi9TGZyqkl6b8xmjBckVdHB5d7sV1H1Bs4s-9wl8DqQ&cry=1&dbm_d=AKAmf-CiyKYT8FK5y6MTes4h5CKAoXJkXNGZOu9szE0mPoV2OmHzLU4un9g1kL3xEo03OZ-moPhjjImNRvzKtTi-lDZG_S83D-SrNarDKu1-XAde0BCPVfsV-JNmdOR4Gr13v5ha1H8facGExKQ4DvhWKj32FNNNzYpVTP21Vher2k4CSzV3kWBcuOcLEIBI2iv4R-_65qabkrAQEWLgh9l7AOTWVCm7oQwCT2TyZ-EP8UQ6eEbcF2tYk_OjGYS_64ySa2w1oV5M6JnhwWjMdFVa609WogHmJr7i35SJcn4NfrgY_ydNdoU9HECpRyeUWmewZwJYjkAHu2SJ-Xj8x-3BX_8TfVQ1oF4Ffe2KntcIucJl39xjkfPPuFFOiPZC8AkMWG_ZYxDi9laCSDP-JSOnXSParahYGJDGldk0yuS8O-vchFK8gbQ9IOgpmO4Dep7GpK3v4h2_1aqlrk3WFeF0OOQRIYxts6B6cSSc5jTGVnI_TBBqo0sNbUfR6WVgeyQkPHxMzwvLEWQT1kwc1pesp9AXtN4m-sOWLiQVH4JCbodnCv8JKwL_WfcU7RqjGRrfz9zPDUMlGYsR5QMTb6JW9vmVuGBzrHs8nW2tHhubI-xQiVB8gG50nW83AhMdpxHQYpCcbg_JpLwz3eiUFVREPShAcX8oGQhDGh_cYC3cG64FkuM9abEAePNsXGUimGNU5OVjsG67nocEPm4DP7vOKXPWsErIqU39oy-iUaLEt0BQzVlpmTV0Gv5lUX57qoUvQKTghEWaFfs4s9rtu1frE3DItw-2TE5rYTbWo1j3KgvxxltfuoXIFQ6FdS_0hR5Uvbx_iu2zjCJoPwVPDC0w4nXmAZ-owjXT8WhB0Qyj9Agoyhntr0UPx5I01H8FRrkXx5we0Ew1lCtS3bNTT35Y-FAAbbLKvcEgnMjw3z6hlVlHAKXQnNsRqQQPGq7PppSY5tVzKyymhWr2qVoa70DxjzjPO9FU_kICR226QLBatfgXFzjv0vQaHsK8VQz48k1F_CtD3rcvF_X48AbNlpmQDLjis3L79nQV88MQxSJJAyFxMBjEgkbza2rQ0jtsHEsAn7O4OMrwIC0Y5wXPeTbd1EhXZRB1rgBwpgYyTotiu7RczO2oDed3jGMjjYUZ03JQQpSOhrVC2bKE7ooaYxL17I_gEDaqP9oJPSLjB_9_6_NkxkNar2zLM8kX_3bIw26ZAtMhqsOnpWi9LWuUCJLMR1aqgdGnY4fiKNHzlK8qdLIjBzHiKbKQb_vJh-D8FNppc3Anpx06olYE_nRu58S0-_62Hci31KGSlr7XctsY2NC65wQzcdU-ATU1jpgr0sjwJpVh7p-QKysFTo-svlxxHdHb8CA-viCqsUlhAr4puHmBoxOw_2dFDNcMRGu-_u5ax-qx5OUoErRNyARc9CgBkXfYl2-EzPgobjSEh2XXXhFwhpwQfYDT6TkhPlyCNxvR3jPAbIynBuWJXUsA1j17G5AVAOG9Q8ojiAiPFxKsu8XOLIQ9lGwnd_kYs0TD5Mq6gLoPb0ya4hS_mz2MIRVSpfsy-rDUukzanFSa3fMX6t03G3tj2JXawYm55NrHGlJvWNX22CyflgVdz8Jl8x66CRODBoiLrns2g-HbNewHA5CtRCsB69KAI2UlBcFIg3A1To2xYWTec6oez-ZmX1l6_VgKmVOoMY-LaB80gCgTajFSHt1SDWbm8r06MLGOWc3Kaj5cJv_qrHzbmMYZh9iH5pBT10O0sw0KQsORlWx4zDhrSrQzEL1eMqSKXz35VuwFKs5-5WzX7NUz-qJs2Xm3m2g_CHxtTS0tkQpm2vKF2XrNQvywf3KmnrnK4J7q_wcrYjBDUCz7gIeopey9XFq-kLAJlfHElIuDT0FSS0xH5ZVwgb0zrEqLb42LMjJABWe2SIKywOuqRO02RD2NQWqifS3H2rv-erfjawWDcp7CRH9knqGxzpdaP3e70JIvaoj4v80_COzDHhe0KbMmCD9NzFJKLGIOBy07UdGbh8WuFJZCoyr7L74g7SleBX1nsQ92o_lFpNEYUXzu6LhDyUTUJM3rMCYP50ktCo7Xn8Osyiz7qGBMfmZPMOfC-IX8N8DJin_sV-3qWVRZ75YTcw1jXqeosGCl7aLXuGnV31DJyl5ufxxpwoKyBNPyVEcG7A7QCNLNCY31PAjhkoGrxKEIgaZVHQXkemPTNgLV0sMnLMK6DtYqjNkysxyklS5pb58ciSAiiVtFd08Q1f0XccZh2r3OElnwdVxsm2rElWtzdUIfRIXuJQafISus8GSoHZZl15ETSAr42zZlHntLN9cmi7oW6u804Ki8fbTLk98nx8P7K9RZFMusm2qGGMpeq6AfN9Fcc2d4cxO3L8Y-1G_huX8UAc9iWNEXUkQWv5VtQPOAel-bCCdIEwfhAENUVkn1OBSmMQ1C4XxXTQ2YfC3NtAVyjJ4fa1e1SQTiBQ0UloISd5L5F1GnjYmxYSnWShghpSvKBpJc9uZUKeokwxsJqLc6Xlr-LtASzVpiq5TPcYUts3ycb26UszKtgraHaWALATjxnwV2y87xPdmNwBRjUNY_KhboKeiY5It-0_m_V0s4hHT7sI5k-xu2xScvfQeLLCqx2DbDzSTiK3xBU-GCgnZ0BFWNi0bPqnWzpEE9REqvzMOYrbpWkUfFm07-qYqvWEbVg9Jfn0MA83Cw6bNknn57hZUT3BjfYTR0x2wRBHWPVgBiNGSMQ7p9-zrovxZAuofLoGLX700Qm7cQyTZz7xKstErlkXc9bBXzhmYuSmxfFA5ebQlD0ss_auGfT-xyamt7fkgiAxaHGVerADfZ9BPFLQnDayBYfvs33D21GEvxxctf4GOaaPP_RVSdtGZ-csoqTezEvHSrwmOgnV59oMWyu222B_HrLFEWF68XN0gfuJcCKQ3nD5D_4_k9kbjVagbtXMAhGyfy3mnoOq_eGIYtKjx8LC9JIKQYMFBW0_e1XB_Q3X5jgjcxtU6DGVe2b2HJ42N3Chvlr0tixs70tW_zEnuLSIE3r_JeoZoG44xdx-Ty5Io0qtBl8eoh1-mA5TkY6sor1kVUFAMLjL4vfF6feGJqIVXcjq5KJ-7RqnJSJnPYdR8FmIEIN-fitySyDpmzs-bfEyM4g-pEWqNgQhQWK4QkarxOZX9mdxVYF-ChFzLlqtp_Jfg09oipBW58JiHcOueqlrJg7OuwZjHuAM0DaME-BsHIfrqb8TRLNtPyczRja6c&cid=CAASFeRotu0-NxBjPVcV8oSzVR8rZrKLTA&rfl=2%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
787169fdb7e7dc589aaddbb0bdc446a0d505ec4cf2e358e9017297a448bdc08d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16044
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 33F2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:26:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1283
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:26:52 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 33F2 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:25:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1358
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6434
x-xss-protection
0
server
cafe
etag
16791967082338318403
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:25:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 33F2 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38829
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645619776399499"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 25 Feb 2022 02:48:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 33F2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bnpmr0sD1GtEKWVe-jFTPT0cGL8TfKuQSF0RXZxJKMQfFo1j_pp_1hjW4WwuhjMvqTNHIB4_muostGefDlRUUa9hDvsnZnEws9PIyR0XlRR84qWBc
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bcv1.js
bid.underdog.media/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/bcv1.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d72cab1ad4ff376552c86bfef25bb887ce2bc1308713cfd26c5b40560179b923

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:37:28 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 02:30:03 GMT
server
AmazonS3
age
648
etag
"28b28ceef964174f56b0dddf4d950656"
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
cache-control
max-age=1800
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
5942
x-amz-cf-id
SvQRdMeN1hP18GlKS1USXow_eALtaxlarzJIi66tnuYF0R8DROQrIw==
container.html
c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D7D0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 25 Feb 2022 02:48:15 GMT
expires
Sat, 25 Feb 2023 02:48:15 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=hawtcelebs.com_responsive_h_archive-3&sy=6bde81e9-ebda-47cd-b516-58374855cb8d&ts=39&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=530x100&mlbw=4g&mlcs=NaN&mltp=d0168911-350f-48b7-9612-942e5463832a&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:48:15 GMT
cf-cache-status
HIT
age
2511933
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9d1bbf885c8c-FRA
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 8E3E 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
Origin
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 14:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44802
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 25 Feb 2022 14:21:34 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/ Frame 8E3E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKKR1MrExCANLLia35-cnQ8WWxFZlTC-yYxTUCMcAi0aggGLsVTS3kHY1IlZWupuYpKXjvq444cVO4PDJF3zke1soAUTSKpJa5n_ALuUPaNvP9-F_dqtiL3_I3odVl6v1-EqDbr8tDwEwjB6jKa40YSPJAftoy9GKP8ONp91jEI7eBOjA&cry=1&dbm_d=AKAmf-BgT_0B6GfpoNqD-jsq6DZZRc1TBAKWqz6qQ7yGtyulMQ2dFKv70iuwbPf0hhBNKP6A3P6Oz1lJe8IS0I0lRjkyyK7IUMOeD5qvHwLah3UM8SzeddKNNZeOQkseAQLkO7861I4zz6Ytr7aPpIT6uyQSXSCKocvPIcAWoeCf_mfdLVycPvB5E__Ak_pB910f96A4e3gFqnyX1yCry2bxK8OmlyXySCvFneP4eUg7oEfzAf7JnM0sueifV-UmwRhtBG9zNnAj5NHDh-C3tL0b0Itc99qa0ef7wx3p7NqDKT1jPjrHgqzCoxEx9_HrZ9-5x8A8p49Bn5GJxW0DsQ5ix4awMgcdmQfPpXIJAIDtCOxwU67iaxxqI7lrfkd4bG5XO-AkJ9h8ojbahCSUObH0G0B-LeWQ91snJyxTjO9gzH3zcQCuIAiwV3-oYCvgOn9TzzTmKJL65skF8sbNUCHjzeb87k9HIsyu_BuHmGYUYCHiiXKcJKMuqJ_MnZl-hpAT5hY7O_AmIM5-uAvmQM5-DdD0qJ-PJBRi7EyS4YSMPR4ZGWaYzJaXgY-8opTDljMsqeROHx4yf6kWVFqYpYMU3ImHarxCDq6-PXuuD7EoylQf_EFlR7Fk-kZz2da49SI_wX-SDMoHqs60vfJ6PVaUOUiv19MvE3qFix37EKXQ8HYu0K_282ZCiztKRsFcWBG2pB671QDrbgGVImx9oT9T7t_wxs4p0IPsZ_m6JLwvTpf_Z7iYx2F5D97fiXBTrehT8C5mxaCTK9V0xYj5XSYGTOfhZlYXUyQhJJqlvU5ttfGmw8kmnd5nz6VqjMiIk7wmRZ1RAwfkBHjI5eZaaSM8dKJ81gTUotnINUzOktPnd0sgasZLeqESSBpa4FUgkwKYNeGeIVRqUgtI0jj5gNIFitXJ_jq8e1qTlVF2Eoz-N-ljgNzPlfwf33s_TccA8P1v4QUBKW8_jANSxCDED9Nn2YuQhMDESirtFnlFNLbB46aQ-cewVTjuvGnpNHLZ-Ho78K0JmxNMe56bckt1kqYWmkafy8ppSVBeU8knU07MX-mctsSmWeFzGwrf2cTT4hIWRsYq3lhhh1jaxQoptLN0E2uDvUIqhvzVNs9WhyfZwiUCM2xIsD3kR45xnB-KeDbGc7i6Qu3m_uNHPx4pV_FzYHBPhTz_5t84nXrCyzzlUr29_PiMTOV09R1V51yD3whAyFZbip6ftYX_z0ETUYiNQxxbQhRXDIpsvp06_1ckAevRKpC3QK43s6FX5qbCXlvTJbvy4cCD1JmmxvTT6NbbPJy8dhFM7LkPfoYgzBV9c3EACbuxumnxl5C-OimD7qSHyPeg5vvMpqBWZ_AwTo5B-K4TRlnUmq2bl-T41_Yln0Xqr3Hw4vV24Nl4R2N71-ApbLZflPQdJ4RuIfqYkbETqfhNmRPqu2rjNc10muN9UUB7nmk3ttIsBVtUS55tiObiaVaRivGiQ8QTgyHK3KPWQZwKT93Bw-nmq9fOIIb95whcWVO5PeTYBiOsQ3tjBTVGvp-gGnWyN9TnXwHkrOHTnAL43snt965GO1Z9l1bBTmTlzJagjLUKcLokI8aow268jmYRQLJSKQkk6t73JMLtKn_x0qB9hEU7sV5XzT9St-oN3pH5ld5Aa9YblYSbxkAv5yvkb26gjeyvI8jaG39htITFnoFUdEyyrfHcj2Tmkm84tQbG89V8e11b-4E44JCv9iFeCpEZvk8JsLyKny_4sLjfuwC3p8vH2DI3VInQaUV2D8KLVAVmwDDlMLqVbJKHwhdgsaZzpGA7X0pbU_huHbVHXJybM4G8VX1TqsBlSP7MFbzB44UVzu_QFa8qsa2djN1worpiXiyzLnkLIIVaL8lq3s4EaXhm_yOvyA1XnF4urYQz2IHvF-8J83jyPu8xELsJZEjnwX58Q4v2wy22MiKPB86O1DKbLNT2ZrZ0O-DvqSGanlnHG3XHkE7KNcYvyYMHbtU_UPMqCzm-p_KHhuOcq6yHiMSucVnuFwEmobs9mXg7oFCLLYK3CVKWVu8bHvEbPhH8gMGOUIGDF0LQwF0MaBVdR5DNNQbhoX7dQOjEvOYA4pdFImPhs9k0PUjgWJ_TNLfgXYpRVTJos5z1Fnh5VdOIx6txOVVyPMnvbC_zijHdXM9a5eCU5mHJz0QFDRpncihq9Na84tEyrfwQQjyWFBc4xLqXZ3nA89XdVX8PeDN2hnnBIj3bCfmaffX7oAvsWo51nUS6m95AgvaZuv88nthZ7qyyLWqnxNWRt_yaX1KVouW67JnvSNsvIZlKzVPAZ1AI-Sj4aCGPJ8gkA-ufCewnLCWcVtxXh7xXdzTQA7Ull6Qe4Y0KU5PtlzUh2X9nSUwRnYgDRe2yGh059SKee2T7FhphYC4v-tZICww2sRvk68RzTpi9zqNzsAQqt8wZMc_FF5pUfqUVd_cYgx6OR91CBCstmFlYc-u7AKyr0U0P79NfFHXjRBzSYr7aG7oE6EgQFij7dBPOHldQgBZ3wIO-GGFewcwCy2R0dTZI2LuF1_gSg0WhGiIA2poscomtFH6TST3_E5xoVltCt5hRIDrody30Hq4biXEcS5fDZPS7UHyolWKR3MjviooK9e_C9CiukE9vRlpvI6neM8Rr0u2xwwK90Clrl1TEEuFbeCJ_yDnO9OGdP3lCh67z4vmhX9i1UL5VcuADeqOqREzIrp-gOwkE8oPdI-X7hxER273fWkhBn6af2GvYxsI-hbfh7tngdE2Ov-6WvwJsI7DQwxfoxC95SFCxtHdtExza7wKNH5mjQv0cMWlTXo-OVSkkkV4Z5Zn4xxtv0gGU-yrr0QumcCwPrAckgikzp-jfFqCAaTWcuxAJlTIr_zrTq3uB2KfdNvH-53Kb7h_Nm5LuTCTAx0fD1qQHGB-DnBGm3IRH1icaLvpKuYAt3sBhYnnUS9Ge5a7PO3WX76YZho-mFyLEwglZlSz0hq2BpMkl0KUduYQCeZROY0AVrn0kMtVA4eFH31o62XJx6yBRLNdMJpPHqBCLsASfY1AReTZUzKP04wRTWxsZQjbU-NOeSZWHaXURXyks2P_N9XeoxbMhmveEMzXCJ1YxfvrGaedkd7sMLkp1s3Bf93oh-YaS975GBK1qvvIVo6qbypM3FE-gjuLZh7U9spM8T8AvbBw2AssNyVYqrj0mTUzT3G6pWHl2u-bDgxerD3LjKGCfP1obcxuJlMYrYhPsimuHNrxEAvRlclpjfBPfwzsX1bxuII4jqY-UxIsY77JCyZOIq5lKYtCYMpA0ldwpRpO_SgnNJc-6F4izDwWOfL_mLm-qcefbyyhb6ILBwpzq0fKZ5ypyR7dfnr2zLaC-_I-JOmPJDk-8Dnh-X8grBd8x_3Gj8quQGtbsD7h7jq2Gan0o4BkB3n-lW4LrrGBeV9wJ7VAA5gw9hZ7CC9u-RM8fmwnsr-UOkDs9s8xT2_4x2AHWvC15YupBghfeNJ18O6iMUZRry_8nIzxO-v0CAELQruMpbRR9j3yU&cid=CAASFeRoJ43zZvyk0zFoWs4itKodC7t--g&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:21:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1598
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:21:37 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/ Frame 8E3E 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKKR1MrExCANLLia35-cnQ8WWxFZlTC-yYxTUCMcAi0aggGLsVTS3kHY1IlZWupuYpKXjvq444cVO4PDJF3zke1soAUTSKpJa5n_ALuUPaNvP9-F_dqtiL3_I3odVl6v1-EqDbr8tDwEwjB6jKa40YSPJAftoy9GKP8ONp91jEI7eBOjA&cry=1&dbm_d=AKAmf-BgT_0B6GfpoNqD-jsq6DZZRc1TBAKWqz6qQ7yGtyulMQ2dFKv70iuwbPf0hhBNKP6A3P6Oz1lJe8IS0I0lRjkyyK7IUMOeD5qvHwLah3UM8SzeddKNNZeOQkseAQLkO7861I4zz6Ytr7aPpIT6uyQSXSCKocvPIcAWoeCf_mfdLVycPvB5E__Ak_pB910f96A4e3gFqnyX1yCry2bxK8OmlyXySCvFneP4eUg7oEfzAf7JnM0sueifV-UmwRhtBG9zNnAj5NHDh-C3tL0b0Itc99qa0ef7wx3p7NqDKT1jPjrHgqzCoxEx9_HrZ9-5x8A8p49Bn5GJxW0DsQ5ix4awMgcdmQfPpXIJAIDtCOxwU67iaxxqI7lrfkd4bG5XO-AkJ9h8ojbahCSUObH0G0B-LeWQ91snJyxTjO9gzH3zcQCuIAiwV3-oYCvgOn9TzzTmKJL65skF8sbNUCHjzeb87k9HIsyu_BuHmGYUYCHiiXKcJKMuqJ_MnZl-hpAT5hY7O_AmIM5-uAvmQM5-DdD0qJ-PJBRi7EyS4YSMPR4ZGWaYzJaXgY-8opTDljMsqeROHx4yf6kWVFqYpYMU3ImHarxCDq6-PXuuD7EoylQf_EFlR7Fk-kZz2da49SI_wX-SDMoHqs60vfJ6PVaUOUiv19MvE3qFix37EKXQ8HYu0K_282ZCiztKRsFcWBG2pB671QDrbgGVImx9oT9T7t_wxs4p0IPsZ_m6JLwvTpf_Z7iYx2F5D97fiXBTrehT8C5mxaCTK9V0xYj5XSYGTOfhZlYXUyQhJJqlvU5ttfGmw8kmnd5nz6VqjMiIk7wmRZ1RAwfkBHjI5eZaaSM8dKJ81gTUotnINUzOktPnd0sgasZLeqESSBpa4FUgkwKYNeGeIVRqUgtI0jj5gNIFitXJ_jq8e1qTlVF2Eoz-N-ljgNzPlfwf33s_TccA8P1v4QUBKW8_jANSxCDED9Nn2YuQhMDESirtFnlFNLbB46aQ-cewVTjuvGnpNHLZ-Ho78K0JmxNMe56bckt1kqYWmkafy8ppSVBeU8knU07MX-mctsSmWeFzGwrf2cTT4hIWRsYq3lhhh1jaxQoptLN0E2uDvUIqhvzVNs9WhyfZwiUCM2xIsD3kR45xnB-KeDbGc7i6Qu3m_uNHPx4pV_FzYHBPhTz_5t84nXrCyzzlUr29_PiMTOV09R1V51yD3whAyFZbip6ftYX_z0ETUYiNQxxbQhRXDIpsvp06_1ckAevRKpC3QK43s6FX5qbCXlvTJbvy4cCD1JmmxvTT6NbbPJy8dhFM7LkPfoYgzBV9c3EACbuxumnxl5C-OimD7qSHyPeg5vvMpqBWZ_AwTo5B-K4TRlnUmq2bl-T41_Yln0Xqr3Hw4vV24Nl4R2N71-ApbLZflPQdJ4RuIfqYkbETqfhNmRPqu2rjNc10muN9UUB7nmk3ttIsBVtUS55tiObiaVaRivGiQ8QTgyHK3KPWQZwKT93Bw-nmq9fOIIb95whcWVO5PeTYBiOsQ3tjBTVGvp-gGnWyN9TnXwHkrOHTnAL43snt965GO1Z9l1bBTmTlzJagjLUKcLokI8aow268jmYRQLJSKQkk6t73JMLtKn_x0qB9hEU7sV5XzT9St-oN3pH5ld5Aa9YblYSbxkAv5yvkb26gjeyvI8jaG39htITFnoFUdEyyrfHcj2Tmkm84tQbG89V8e11b-4E44JCv9iFeCpEZvk8JsLyKny_4sLjfuwC3p8vH2DI3VInQaUV2D8KLVAVmwDDlMLqVbJKHwhdgsaZzpGA7X0pbU_huHbVHXJybM4G8VX1TqsBlSP7MFbzB44UVzu_QFa8qsa2djN1worpiXiyzLnkLIIVaL8lq3s4EaXhm_yOvyA1XnF4urYQz2IHvF-8J83jyPu8xELsJZEjnwX58Q4v2wy22MiKPB86O1DKbLNT2ZrZ0O-DvqSGanlnHG3XHkE7KNcYvyYMHbtU_UPMqCzm-p_KHhuOcq6yHiMSucVnuFwEmobs9mXg7oFCLLYK3CVKWVu8bHvEbPhH8gMGOUIGDF0LQwF0MaBVdR5DNNQbhoX7dQOjEvOYA4pdFImPhs9k0PUjgWJ_TNLfgXYpRVTJos5z1Fnh5VdOIx6txOVVyPMnvbC_zijHdXM9a5eCU5mHJz0QFDRpncihq9Na84tEyrfwQQjyWFBc4xLqXZ3nA89XdVX8PeDN2hnnBIj3bCfmaffX7oAvsWo51nUS6m95AgvaZuv88nthZ7qyyLWqnxNWRt_yaX1KVouW67JnvSNsvIZlKzVPAZ1AI-Sj4aCGPJ8gkA-ufCewnLCWcVtxXh7xXdzTQA7Ull6Qe4Y0KU5PtlzUh2X9nSUwRnYgDRe2yGh059SKee2T7FhphYC4v-tZICww2sRvk68RzTpi9zqNzsAQqt8wZMc_FF5pUfqUVd_cYgx6OR91CBCstmFlYc-u7AKyr0U0P79NfFHXjRBzSYr7aG7oE6EgQFij7dBPOHldQgBZ3wIO-GGFewcwCy2R0dTZI2LuF1_gSg0WhGiIA2poscomtFH6TST3_E5xoVltCt5hRIDrody30Hq4biXEcS5fDZPS7UHyolWKR3MjviooK9e_C9CiukE9vRlpvI6neM8Rr0u2xwwK90Clrl1TEEuFbeCJ_yDnO9OGdP3lCh67z4vmhX9i1UL5VcuADeqOqREzIrp-gOwkE8oPdI-X7hxER273fWkhBn6af2GvYxsI-hbfh7tngdE2Ov-6WvwJsI7DQwxfoxC95SFCxtHdtExza7wKNH5mjQv0cMWlTXo-OVSkkkV4Z5Zn4xxtv0gGU-yrr0QumcCwPrAckgikzp-jfFqCAaTWcuxAJlTIr_zrTq3uB2KfdNvH-53Kb7h_Nm5LuTCTAx0fD1qQHGB-DnBGm3IRH1icaLvpKuYAt3sBhYnnUS9Ge5a7PO3WX76YZho-mFyLEwglZlSz0hq2BpMkl0KUduYQCeZROY0AVrn0kMtVA4eFH31o62XJx6yBRLNdMJpPHqBCLsASfY1AReTZUzKP04wRTWxsZQjbU-NOeSZWHaXURXyks2P_N9XeoxbMhmveEMzXCJ1YxfvrGaedkd7sMLkp1s3Bf93oh-YaS975GBK1qvvIVo6qbypM3FE-gjuLZh7U9spM8T8AvbBw2AssNyVYqrj0mTUzT3G6pWHl2u-bDgxerD3LjKGCfP1obcxuJlMYrYhPsimuHNrxEAvRlclpjfBPfwzsX1bxuII4jqY-UxIsY77JCyZOIq5lKYtCYMpA0ldwpRpO_SgnNJc-6F4izDwWOfL_mLm-qcefbyyhb6ILBwpzq0fKZ5ypyR7dfnr2zLaC-_I-JOmPJDk-8Dnh-X8grBd8x_3Gj8quQGtbsD7h7jq2Gan0o4BkB3n-lW4LrrGBeV9wJ7VAA5gw9hZ7CC9u-RM8fmwnsr-UOkDs9s8xT2_4x2AHWvC15YupBghfeNJ18O6iMUZRry_8nIzxO-v0CAELQruMpbRR9j3yU&cid=CAASFeRoJ43zZvyk0zFoWs4itKodC7t--g&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87b3beae1d08bf029d04938bc1d76c7870d450fd75609a85dfafd761cd472047
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:41:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
395
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9647
x-xss-protection
0
server
cafe
etag
6462939580093197770
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:41:40 GMT
container.html
c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0933 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 25 Feb 2022 02:48:15 GMT
expires
Sat, 25 Feb 2023 02:48:15 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=7.35&b=2&r=hawtcelebs.com_auto_interstitial_desktop&sy=6bde81e9-ebda-47cd-b516-58374855cb8d&ts=39&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=1&mlsi=undefinedxundefined&mlbw=4g&mlcs=NaN&mltp=d0168911-350f-48b7-9612-942e5463832a&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:48:15 GMT
cf-cache-status
HIT
age
2511933
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9d1bdfa85c8c-FRA
rules-p-effSsmMYCbAck.js
rules.quantcount.com/ 		3 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 14:13:35 GMT
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
age
45282
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 21:04:20 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
oqtYhZpP94ChbHCW2Wo_DLIKDOitpbMknwgdL4MWGr0aReHVCTbJrg==
rules-p-Pz67dCqdsHfxh.js
rules.quantcount.com/ 		147 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57b7f2b2bcdd983268775ebc6ee71d208510b285d79dd058f2717248079c59d1

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:29:36 GMT
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
age
1124
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
147
last-modified
Tue, 27 Apr 2021 19:10:31 GMT
server
AmazonS3
etag
"f7c84b69d3abe411fbfc06992543fbe2"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
PJgTKn2RkMsmxgcKP7ygLV8HkYSduIiBCx8-sY6F6I1SPblvoqV5rQ==
rum
dsum-sec.casalemedia.com/ Frame 5748
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIYz1FJRv3VDuWsgyyY24Dg&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIYz1FJRv3VDuWsgyyY24Dg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGP6GzsIBMAE&v=APEucNUnRg5LhDQKRdNaCT9Qc2NZpP9vXHxvSbLMVt-ZQ__QoTiBPshVn2FdTYslq1ukX7Weq8P3nd1wGiJeaJqeEglOeH3ZP2GerdySVcf3yL7xcrzhkgRjtjVYHw7JNbvPhKSngj0uers2BITplFDOCRg7pBKrahvXbsQ0QP_GRKbDJr64XpGRQf_Wq9CyOl1apgmVon5qnPrHlJ7jK7LIX7mQstynFw
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:48:16 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIYz1FJRv3VDuWsgyyY24Dg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5748
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhhDb11T4iqGo90.2PC2xQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOKUJAlrgDkK3Ez0uAmR7DM&google_cver=1&google_hm=2
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOKUJAlrgDkK3Ez0uAmR7DM&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGP6GzsIBMAE&v=APEucNUnRg5LhDQKRdNaCT9Qc2NZpP9vXHxvSbLMVt-ZQ__QoTiBPshVn2FdTYslq1ukX7Weq8P3nd1wGiJeaJqeEglOeH3ZP2GerdySVcf3yL7xcrzhkgRjtjVYHw7JNbvPhKSngj0uers2BITplFDOCRg7pBKrahvXbsQ0QP_GRKbDJr64XpGRQf_Wq9CyOl1apgmVon5qnPrHlJ7jK7LIX7mQstynFw
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:48:16 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOKUJAlrgDkK3Ez0uAmR7DM&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5748
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPQ9ovor2dZaehnTgPVDNTk&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPQ9ovor2dZaehnTgPVDNTk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGP6GzsIBMAE&v=APEucNUnRg5LhDQKRdNaCT9Qc2NZpP9vXHxvSbLMVt-ZQ__QoTiBPshVn2FdTYslq1ukX7Weq8P3nd1wGiJeaJqeEglOeH3ZP2GerdySVcf3yL7xcrzhkgRjtjVYHw7JNbvPhKSngj0uers2BITplFDOCRg7pBKrahvXbsQ0QP_GRKbDJr64XpGRQf_Wq9CyOl1apgmVon5qnPrHlJ7jK7LIX7mQstynFw
Protocol
HTTP/1.1
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:16 GMT
X-Proxy-Origin
95.211.199.145; 95.211.199.145; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f9135369-32ca-464d-9045-aa2e67c20cca
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPQ9ovor2dZaehnTgPVDNTk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5748
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIzNzQ4ODYzODkzNzA5ODkzNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIzNzQ4ODYzODkzNzA5ODkzNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_cnJQCEOXw25gCGP6GzsIBMAE&v=APEucNUnRg5LhDQKRdNaCT9Qc2NZpP9vXHxvSbLMVt-ZQ__QoTiBPshVn2FdTYslq1ukX7Weq8P3nd1wGiJeaJqeEglOeH3ZP2GerdySVcf3yL7xcrzhkgRjtjVYHw7JNbvPhKSngj0uers2BITplFDOCRg7pBKrahvXbsQ0QP_GRKbDJr64XpGRQf_Wq9CyOl1apgmVon5qnPrHlJ7jK7LIX7mQstynFw
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:16 GMT
X-Proxy-Origin
95.211.199.145; 95.211.199.145; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
6f213af4-76da-446e-b341-e860bb4cd91c
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIzNzQ4ODYzODkzNzA5ODkzNw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 8600 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
Origin
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 14:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44802
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 25 Feb 2022 14:21:34 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/ Frame 8600 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZBGuF3ICdYvssm4GvsRQK2jMXHDf2gGjKFbcT913wDGR0uc5SgAy-O77dYN68g-u-6_N4VD8uwksFgVh9BRiPCnYUgLxghiNHpDanJyb81h-VIz0LyTv0tvCmfXiVBreE3yn6zTplbOmz_wBJsO_AyS2KXGoc4-h5WuJnm8tSQH0L2Qw&cry=1&dbm_d=AKAmf-C7mkAVGkVmK5BZnRizaFkuaYVGDlI_oubQ4J7PUPN71Ls5JkASXD6SSQbOB0Iyd9aIQH-Dc_ExRe8Hy24JcpEFDpF2_IwuPTaY3da8s7uwz0zLVH_ss1Id1C-MKtt5OGGc9BfQ4C_Q9a5S55LdrDVBKjNpLgrhjV8yKI1FlwclJy321ZnyXWfi6QgW_p7J4HZVW6ndj0j6T2mZWYEmEjninR_Iglhj8PyzLImNELltwuu5pig7Td1VAz-_Av-4vo3zvZl6S0BdvH6yGI89f2McsxXZeoKD_eyzWtPabMzq4mS8be5Fc4BI7i5gtaT-23NgbSuUtsRfL2iNCJ0wS_U0F89JMtyUJLCX3DadBqjvuU3gT3raQyg_G2IFvotHTtTVWwPWCdMKwdaVcJE2xRnp0C_Nf_IUaE6mSlq7d7zYyh9fgN2_vMPnxgR67zkTO1pEKZ7K6fy6bLcFYCe_2zisSzOf1eGZVhJi7KUL7Ut9pxvyuTZvTNc1nraaoZJNw5i707nwWEhvNT7RQfJKkYuFiNhMVy1EHJPC-OuDaEN5o2NIwPQV0_lF2r9ZCu09OnrYsVRwWeUNpIrwfj5Ii0PpwAROXbjxaVo71JUMJdecTkMu9W-t055j7ZwRvLL4jpg4xEYAQ9QDx22hexngamS899O2bahbYpzf973eGDVSYpNFQEOxfWCaBvTXiX05c4xwJM0yev0AERfi9o-ffsHIAHRxviSPP7ndgBq7xnEtXfRbAOk2d5qrxP9M3vVk5igiaotrzCGhid3f6899-FSxhdAWyHF3pzB3cHbyAuJV3ELqjtzWdh82KGmkh43PnVeH4qlwLJFX50TUCrewAK5DKrA3j_fnuXFlcfAEwDWYQZ4y-2K1xBmdqpn0yVw_tQL8g9A9PKGWMD0FvVLCdUn611SX_0Qe08RQd1Er4rqbHg6K9oMH8O8xxgQgtLI5RgnvDJcyh1MSEd8qkTWFDyKMSGWyTjcbRDMzMNyKeiplZFuDb-78ZpxUGn6Vnqk9zLA-Mn8DE6vgZPocuvF7nUtSIjWtKe1-E1wF-uxFwhjkGu6hq3h7WtsB02iZRqvVojqgsKTq9q_nPvN2-johJHuMz2NOXH1VtA_ssRF3WnV-kN7igJh4a-q3XaSmDT4eIhfDGyNzLYW3or3XNDWsQnhCVckfav60aL9DeYuZc-1Q06_MT1FahgPnEESEBOFx1XAQANXz-jD8IP8B9ZHT-aqET3a_fk271S-ph1dF8y5pjp5mJVvao-Rn32JcxMULyvT5hl2Uis7Q4itO_fvVxIfKM29xsTNT2z6X52bhlBjHU9mhndLqZcPytOt3sj-9l9V2f9ZT3tlL6s3H1QUQilUONzr-pq25EJq0_nnVR0VYM3kPS57vOs__T_8SQTWwdQF6Tch50E1RykxfKS_CRzi-jkEfAUGGsroFWYPnWqx2gYGcvf68Hfn7_bMa3hLRK4W9Cx89NhwTBqiU8A26YjryCxwZpmhHvgK9BIK3HG0bnw4BO1bL0tj0wcsSuEJSrWPGTNRis3WJgXr2_eMulGI8VV7_yRsIr22ehICRLsOHMTD1uarnvmqP6WUmkzHYo5Xwu8UqpLnca_UXSUlza97dr73FBy31IXxQZ6oJCWLgbtWa080thyeLFrwB5hXq0vURFZ2K2gB88clFcRwvWv8PtRz6gdZMK0PyTG56NLlh760VTwowUoosWQmOaW3WzMF3y5eTYsUFKpPSbVO-AxeXyBq8wD4KuQOymrzgKMNypRSaE7p-uQIvNJYsOqa-5h-hxozYitToP-IxJJQSOarRxrfdLCZnVucWN3BXnI-qxJkh63u5sEECLWnrJRXErdE9S3u-IE0lvqFlM26M0yUekXxAlP7yi_fH6GaZu1mdbNUjACy3l8KPwXh1JxICFgvvEh-lqtNiVVQ25u8-ycEjiLJPhgDKgRU_3h4emIgmcgUF84ATSOCPoKTzsF5UJkASzfj8WLXPKPsrHWvC2kA2I7PEuVZ86xuEIngQjZvTUfPstYeo8WZ7JiDwMOcWjB8rXA0ejpaXniUYbbYCYHww8CpcWbpqZ-Y931L7eam2ci__4XmGtsBwbmv1-Thaxf5e6OkIU7xLyda8q4KIjMCd3QNqdoSJcX3XTpZVQsY5kTCugoKAgPXD52eLHPNRCs8nX8Upb-UZMBMmZtSK18iISuK9sr1rN3Cc6MQJQJ9Mgrsk2KRJHP8ZxwLf0zQ91vv7Ze2eedhVSJQ7gyMD36rTlgIrATA9HvX-EOp97Za5tEMDhAy7Rb2WOV4vaa6traP-_mTbntYBfMpcC4J_U7U8SzCxDP7jOFIdDvu_fZhRx8KGKFphEEscPMbx0OyDx3mCknnLV8woCOJ7poF3MW8OhFKApXEfwvmSu57ECDbQilV_LZZW80GMJKfHkYZDEI89ujzXiYcGDD3ec5W69dClW5aXv_X8e-iFTZ-IvlP26bMFS6KzFwpH97nLzMKIxGliOgP5TpW4Lf2I64vh3xtlQygb7llqc-o85J_mEPM2Dw6rZJyptRegJDK-1nF7pttf_f3aGATj69hcfeEO2GXE4INhqk_yXvF1ova5xg-2VDr5afya2T-2PrNvP16a_jN6FcEp6io2-oezgS-KZyDb_lErh_xZ-OuAGQjaSfR6Hlc7mADS0CJnM5Km7d8WXvstr7vni7jfpeJZifh1kP8qdkrCjK4t-xBksUIbU8mmT4axpeSoD_dfhgcIYGQ4rG1XV2TEAuoToAKif1cL4LdGJ4ZMF0EILwT9f9SWkX4EbQhjtW-3dgTvOtoDyL28z32JLZ74kDQBM-cgM8TC_R5vZsN9gJ7wRLgUnz__zaZqeExPQrM3n3nwWEIg4IOP9Ys8AFZZXQNGbVigO1DN3S1nLzt4p7zd_XqOZdHMhIAmOXKbcN09ct5R-n_NLcIdLWBHTuLndqSO_9t3ydKO5kelgmc2D6uV9F4DaX_DUZijBCE13XGDjIVJtNl9tGt3MGI4v4Mb853BY074rXy2_azpDgVP8R__BLt4RWbp284jRw9rYiMBPWdUDvkIufI5-HGl1GI4JZG0OEiavdjhMnax4HDPiM21ryPoqJz36IxT2JseDgdffCVFBNExmkftppqPC-YH1ZFvcb0TwM5J7AbsZ2jLOmFKlngYBPBhXyde7wAmZCloUxvhWRazZ5cFUyYV5rbNRNI1O1IfKSK41uvtkWuM87tyqXxSvatCcYkMcDI4eNmGtR1xCyGCV5XN-TESTvcdFQ_sh6YA3p7f-2tseaGIIWAPXNwpA4urzBHhhU80bMSEQi4qWwMkxkVvaWeoEqZxCgMfUcd4NoW5OYF1v0OToxV3Hw0lD9E_RUn2ONtjHrlSjIOdqWFBHXrJmfbaSTOEVPNKP8Ds7D1JghqLW-u_rcSS9XsSOv4SYJsGrQJF7Toov1lvgrgckOc6hcx-_uxbfE8SVqM78WQT585_szT30mOiF8cHt4Ni3N9Bnq4fp5wVN2NV4i5aFib16BY0VkB2i3dkmlV-9aW4sMAo4V-AP51BgPb23n2cBc1WEBEaNig&cid=CAASFeRocikCbhNyQMotuH0soZYZ7StcZQ&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:21:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1598
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:21:37 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/ Frame 8600 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CZBGuF3ICdYvssm4GvsRQK2jMXHDf2gGjKFbcT913wDGR0uc5SgAy-O77dYN68g-u-6_N4VD8uwksFgVh9BRiPCnYUgLxghiNHpDanJyb81h-VIz0LyTv0tvCmfXiVBreE3yn6zTplbOmz_wBJsO_AyS2KXGoc4-h5WuJnm8tSQH0L2Qw&cry=1&dbm_d=AKAmf-C7mkAVGkVmK5BZnRizaFkuaYVGDlI_oubQ4J7PUPN71Ls5JkASXD6SSQbOB0Iyd9aIQH-Dc_ExRe8Hy24JcpEFDpF2_IwuPTaY3da8s7uwz0zLVH_ss1Id1C-MKtt5OGGc9BfQ4C_Q9a5S55LdrDVBKjNpLgrhjV8yKI1FlwclJy321ZnyXWfi6QgW_p7J4HZVW6ndj0j6T2mZWYEmEjninR_Iglhj8PyzLImNELltwuu5pig7Td1VAz-_Av-4vo3zvZl6S0BdvH6yGI89f2McsxXZeoKD_eyzWtPabMzq4mS8be5Fc4BI7i5gtaT-23NgbSuUtsRfL2iNCJ0wS_U0F89JMtyUJLCX3DadBqjvuU3gT3raQyg_G2IFvotHTtTVWwPWCdMKwdaVcJE2xRnp0C_Nf_IUaE6mSlq7d7zYyh9fgN2_vMPnxgR67zkTO1pEKZ7K6fy6bLcFYCe_2zisSzOf1eGZVhJi7KUL7Ut9pxvyuTZvTNc1nraaoZJNw5i707nwWEhvNT7RQfJKkYuFiNhMVy1EHJPC-OuDaEN5o2NIwPQV0_lF2r9ZCu09OnrYsVRwWeUNpIrwfj5Ii0PpwAROXbjxaVo71JUMJdecTkMu9W-t055j7ZwRvLL4jpg4xEYAQ9QDx22hexngamS899O2bahbYpzf973eGDVSYpNFQEOxfWCaBvTXiX05c4xwJM0yev0AERfi9o-ffsHIAHRxviSPP7ndgBq7xnEtXfRbAOk2d5qrxP9M3vVk5igiaotrzCGhid3f6899-FSxhdAWyHF3pzB3cHbyAuJV3ELqjtzWdh82KGmkh43PnVeH4qlwLJFX50TUCrewAK5DKrA3j_fnuXFlcfAEwDWYQZ4y-2K1xBmdqpn0yVw_tQL8g9A9PKGWMD0FvVLCdUn611SX_0Qe08RQd1Er4rqbHg6K9oMH8O8xxgQgtLI5RgnvDJcyh1MSEd8qkTWFDyKMSGWyTjcbRDMzMNyKeiplZFuDb-78ZpxUGn6Vnqk9zLA-Mn8DE6vgZPocuvF7nUtSIjWtKe1-E1wF-uxFwhjkGu6hq3h7WtsB02iZRqvVojqgsKTq9q_nPvN2-johJHuMz2NOXH1VtA_ssRF3WnV-kN7igJh4a-q3XaSmDT4eIhfDGyNzLYW3or3XNDWsQnhCVckfav60aL9DeYuZc-1Q06_MT1FahgPnEESEBOFx1XAQANXz-jD8IP8B9ZHT-aqET3a_fk271S-ph1dF8y5pjp5mJVvao-Rn32JcxMULyvT5hl2Uis7Q4itO_fvVxIfKM29xsTNT2z6X52bhlBjHU9mhndLqZcPytOt3sj-9l9V2f9ZT3tlL6s3H1QUQilUONzr-pq25EJq0_nnVR0VYM3kPS57vOs__T_8SQTWwdQF6Tch50E1RykxfKS_CRzi-jkEfAUGGsroFWYPnWqx2gYGcvf68Hfn7_bMa3hLRK4W9Cx89NhwTBqiU8A26YjryCxwZpmhHvgK9BIK3HG0bnw4BO1bL0tj0wcsSuEJSrWPGTNRis3WJgXr2_eMulGI8VV7_yRsIr22ehICRLsOHMTD1uarnvmqP6WUmkzHYo5Xwu8UqpLnca_UXSUlza97dr73FBy31IXxQZ6oJCWLgbtWa080thyeLFrwB5hXq0vURFZ2K2gB88clFcRwvWv8PtRz6gdZMK0PyTG56NLlh760VTwowUoosWQmOaW3WzMF3y5eTYsUFKpPSbVO-AxeXyBq8wD4KuQOymrzgKMNypRSaE7p-uQIvNJYsOqa-5h-hxozYitToP-IxJJQSOarRxrfdLCZnVucWN3BXnI-qxJkh63u5sEECLWnrJRXErdE9S3u-IE0lvqFlM26M0yUekXxAlP7yi_fH6GaZu1mdbNUjACy3l8KPwXh1JxICFgvvEh-lqtNiVVQ25u8-ycEjiLJPhgDKgRU_3h4emIgmcgUF84ATSOCPoKTzsF5UJkASzfj8WLXPKPsrHWvC2kA2I7PEuVZ86xuEIngQjZvTUfPstYeo8WZ7JiDwMOcWjB8rXA0ejpaXniUYbbYCYHww8CpcWbpqZ-Y931L7eam2ci__4XmGtsBwbmv1-Thaxf5e6OkIU7xLyda8q4KIjMCd3QNqdoSJcX3XTpZVQsY5kTCugoKAgPXD52eLHPNRCs8nX8Upb-UZMBMmZtSK18iISuK9sr1rN3Cc6MQJQJ9Mgrsk2KRJHP8ZxwLf0zQ91vv7Ze2eedhVSJQ7gyMD36rTlgIrATA9HvX-EOp97Za5tEMDhAy7Rb2WOV4vaa6traP-_mTbntYBfMpcC4J_U7U8SzCxDP7jOFIdDvu_fZhRx8KGKFphEEscPMbx0OyDx3mCknnLV8woCOJ7poF3MW8OhFKApXEfwvmSu57ECDbQilV_LZZW80GMJKfHkYZDEI89ujzXiYcGDD3ec5W69dClW5aXv_X8e-iFTZ-IvlP26bMFS6KzFwpH97nLzMKIxGliOgP5TpW4Lf2I64vh3xtlQygb7llqc-o85J_mEPM2Dw6rZJyptRegJDK-1nF7pttf_f3aGATj69hcfeEO2GXE4INhqk_yXvF1ova5xg-2VDr5afya2T-2PrNvP16a_jN6FcEp6io2-oezgS-KZyDb_lErh_xZ-OuAGQjaSfR6Hlc7mADS0CJnM5Km7d8WXvstr7vni7jfpeJZifh1kP8qdkrCjK4t-xBksUIbU8mmT4axpeSoD_dfhgcIYGQ4rG1XV2TEAuoToAKif1cL4LdGJ4ZMF0EILwT9f9SWkX4EbQhjtW-3dgTvOtoDyL28z32JLZ74kDQBM-cgM8TC_R5vZsN9gJ7wRLgUnz__zaZqeExPQrM3n3nwWEIg4IOP9Ys8AFZZXQNGbVigO1DN3S1nLzt4p7zd_XqOZdHMhIAmOXKbcN09ct5R-n_NLcIdLWBHTuLndqSO_9t3ydKO5kelgmc2D6uV9F4DaX_DUZijBCE13XGDjIVJtNl9tGt3MGI4v4Mb853BY074rXy2_azpDgVP8R__BLt4RWbp284jRw9rYiMBPWdUDvkIufI5-HGl1GI4JZG0OEiavdjhMnax4HDPiM21ryPoqJz36IxT2JseDgdffCVFBNExmkftppqPC-YH1ZFvcb0TwM5J7AbsZ2jLOmFKlngYBPBhXyde7wAmZCloUxvhWRazZ5cFUyYV5rbNRNI1O1IfKSK41uvtkWuM87tyqXxSvatCcYkMcDI4eNmGtR1xCyGCV5XN-TESTvcdFQ_sh6YA3p7f-2tseaGIIWAPXNwpA4urzBHhhU80bMSEQi4qWwMkxkVvaWeoEqZxCgMfUcd4NoW5OYF1v0OToxV3Hw0lD9E_RUn2ONtjHrlSjIOdqWFBHXrJmfbaSTOEVPNKP8Ds7D1JghqLW-u_rcSS9XsSOv4SYJsGrQJF7Toov1lvgrgckOc6hcx-_uxbfE8SVqM78WQT585_szT30mOiF8cHt4Ni3N9Bnq4fp5wVN2NV4i5aFib16BY0VkB2i3dkmlV-9aW4sMAo4V-AP51BgPb23n2cBc1WEBEaNig&cid=CAASFeRocikCbhNyQMotuH0soZYZ7StcZQ&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87b3beae1d08bf029d04938bc1d76c7870d450fd75609a85dfafd761cd472047
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:41:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
395
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9647
x-xss-protection
0
server
cafe
etag
6462939580093197770
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:41:40 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 78D8 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDtqwEQio_TsQIYnfqnwgEwAQ&v=APEucNVgC4crAAeHyVjXVwTIhQHy7LO8hKLmL55N3gPV2EMb0Cz1JCUpL-hh7CyI4VXirsHxnPYsoU0R2zUHw84mdXtFwYgeZQVGXnYm_LMCQ1s4CvsdoxCJDyl-YmeQ8WL3eCOXlXUxyYKlVdukUJNKbXdy3psc6WTnkoOdVvAAT4BZSqb94N6LKVR6eFJDQsswByT-TsLwOgF6q957VPCuWRHGqPAU1g
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 25 Feb 2022 02:48:16 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame C4F6 		68 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bj7Mw9s-v6RrpcvNLLi31d7o-69gTKDnBTEu9NFRBSHVxhG13d0cd7pr5rVFQdbeGYG-krOPCh9SnZZJLuMT4Zf-aHI_UKrgtgsWU3Vh-oj7Iwt1MQLiM0Ls7qseUX73wt4IRvTTf5YZnV9Ow67S-aRpUA8w&dbm_d=AKAmf-CIvcMbMcENq8H2cAaRk8pqdoaURYPDAXZeClT1ahsGHuBPlJ406GFUleStE1irEzMNGCuqFS63ADsHrcWNZ0fr08E2nS3pAEZd84SzAONjtAUU8WLs9l1QU6Zfnzh__tp0v0Gkgjd90MD7IisNqL-S0quaRo0sZtV28kBAQInXuStIwSJzF88L8mua0Td3NK_1sb9iybL8elfNK8cgmnLpxbhmKG_LTVv40tjKKzFj5NKVr6o3CqyK3qJwLn_AMmdRQCSKrWIB3pMOnVpd3kiXTWaNPOcIMyGBvrFg5ta7RO3IZuycY2KX_UVFafJrs56496CjVb36dYoOc64wvQ395tFUJKQ8IfCwhsTv25Y-c8euokGbzwOcyPJNWMDBiVYqUzDRepU7Pr4ShJV2v0G2gX0L2qNtoRzCjh2BrvPRZI4c-baARwaH9FBDco8zI54qbhXxg_deeZwlzl18RIUHZ5pfJGaUuTGlEZmuWP9h0SO03ViobrR1OkncehQCPoZvsKXp3FVoF3WyXTBa6_442Mnqb_M3iZu79LaoGOChNIMevvmynE08LpIqYLle97e3YFBG3tgqDlaomSPvdOpA7ov1L-UiP8kEAo8eIp06mkVoI2P53QO1LeIH0iXMB0BXRBOM-owMbTAjfuTVPq7ldRcPYtqK616QwcymCvmDI2U63wR7gdafGz7MOzgGA0x28OjMfKkjgluRIfRc2p7SgCRF3oCm4SzsZ2JIDfJHFEKHh4HPm1r0d9oH946XFwhKQ_eipiv9fp_pc6h8RYhq-7MF84dWPYcz7sbOnjqPxv-4LiOnOcYCLpJ2MhjqfChotwZxyNgZcNiUtxQQzT1aSKOtnrfAIPjfLEmJjf2ZXsXbcARBwf37O7mm6p4ZQoUPt4RXXN0KwRrKDM36D1RIs6mVdmcPOuGh2_Tag5haBwKf86Prgoi7HDHMrSZaNfwzjfJhQe6BAcx7SyMui8881iKwNc9V42859L68NmlTDIeLHB831OKM3WfKPqUtX4ovAiVEn9sD3mUYuCnsA4pYjbANXgqsQbub00MSGdYbIzNSDx8Q7Vzu4C2WKxEBhTxm93djN1DqXxxEzexYD7qmisItcXV8rF8Hw2FCt7kiZZin0irXgg4LbyJyolMzkuWPI2KkBRhlM7eeILBF00NkVaNC-U83X6vreQZ5SzOuvRSb4v9JVXR-mVjAPykSyAgvcWUwy1ZV6QEouWlVqAFsyqn1kMaVTr8bHInTvwfvTD_1xhw7bZWBd4ovYc66CDYi0NiQpMtvX4dK2EW3dfU4IKvL_9lvAA-_ABDiOKoc3voxWJ0sN9MvPtKf6VzDfvtIZfD9pt7sAChFnchyUEXYwmzxlM3jflAoyhFTyrO03N8e9F25joD0WWlYUZJB5BpbJwQrM3vuNvvzaL9nY36_NkKIlZyQpFrVVMsaRVScaWUL8VtW1fxPFK2naHLopWDXDO0_kTMXsQqlfJ6OyqdIOESFlCR8CJnGvmw99_dliMTooTY2gwWrrAGEuLyooGyhDlyhcbM80OKFOpaCYiMLLm5lNL8Q4PjbjKT0zIXkMFWES7kWEf3mLd8XX1qyTAUUlWXnX6cx4YMVI8o7yCyN3CouwolNv3_0wNsnp7FJQTTXJuGszEF1laaAXvAi8vEOHBDOy2ykhPiWpRN-AxqGZO_PHjX087YCLI0BRpN6SeeHId1wdHL4dOkN6RXs1ba5_KTtHOOUU4VwQYAJw8pSHsZ7qHXwW8Mu77K3z6a5p1N7V0AdU6c5Ilxv6J_KvlRuyG3DuCbef7jpfhDe2-KFTt6ZTsBJBy_MhcXW29Ok1HGU7YkmLJLMDdAqSi04B846uxfTCjx9olhcuqJnlp9hStkBCbo1M6C9ovi_WABGpTdAwKqDumvcuLF_6HhVYHTJRnAeKwlWpzfM9ZPHYRiSQoN0ReTXcbByFg3_PRiNjmfxq9M9dCKb3vPNhRSU84brBx7kb7Hnad04d1b4-CSnkGQliN6kvw7HVgYaDCMdX_syyxt4Ntt36b61f8uskViEXC3xFxLFbXi8S6zlVqQ8sNxrrHZjwA13bzqXpYMggh5CtMmToMZpSg07x0ir7WD2uqHjyAfolyrwhC_4LXKDD2bCsjP3lXJrUsaClRGqadl9kTLeSXIWQ2sMo44U9uR2uqSMbT42EgQ6JRa92XlMN0T1gHCT2YVv1ErrkexpWrc4YxiBKKpzj0DGdowqGPk5UCl7t5BAU7nt5WZBwNkkO16K6JLyMYe419EcYJJdd6hAowcF1I0QFvc5QKoteMPW7bUlWG3VQb3vOl49kmEDNfEkU_VWJE4f0IvN7WPX8aS7cPqBd2YAAc3jhTRqpRn6GEo911moNOJHR4WdjZCuzJ8W0xAAJUGZJJj-Xrg1R4BBGoQKaNy36B7u-fxNNyNDBx2tHZ5ubb1c8PCOob8zm3PPWbDa2Y7277HY2FJ_nT9Wb5ekFRNC5y_NfwF9YeYo3LdNxEcmuEbt0_JPqEoeRpA5nGD9zvTCJcCQt6kI9Kzy_YsCirFaTHIt3qcV8FLFLmdqvPDBfUb3LkOV-P8eh3EbXr5NB40T8Ujl6oA8KhEoxR-6j4my0UkDghIbmO5kKDQciVpd1bKLMDbv49YVj8vxnKCrhJ8JJR7XnVTn4tnEe8cKm7IZH7z6svyuqV_Ausxpk5b7LvLsFv1GkoFaw7Y5JsqnSe_oSafO8_SHwlTlURUVBglMRtDYAhWixSmlBN22aVizlpIwULeo4mekr6r1m8r05ppjiFqd-BXozJeflP56yGv62xyFmB0Yy3WSBkwnVvSYZlCSXuqGKnKAFr3Jc_7_u43MZAYryAWdMROLg_GkQ8NGhNRmUT2G8-1i3o_UzgPIvcb21CxW1pD5UhCloaL5Nr7wXGGAE9OPAv0LiA08PCCrtlJ_8Cy17eIqw9RLeGJybVlQBT5UsvYOrWh5IuxtqRMWz8D7H_tpzXrJqEtqaw_d1l54js6fMppKeCZySvbJQ_xb6rubj5MahnKN98TjVeI3sd-ZREv6riZQApiZXQ1wLOpL7vci41rMg1-f3k_CDipPgPGHLdoCF8koGm5L5dPq8UNIuGo8VPpAKbN-f1aW8QFbnr-Xt_S8_1CSvXoIQprWa1KTMCX9wYIR-_K6I1Fc7hBCCARLple8aYE56F6qqRajVcfRXYXzh_OFd6wHc6x9vpygmwoyKvMLL_8aeWn_lR5NpndvIRq6Sq2MZu_zCtyZ5R-JZVprjvaV_rgbVyyH-REEwyAfaG2KRw&cid=CAASFeRoa4pYmBZ46IOXJmLtNfiB-Nu1AQ&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
adad15714faddc1c3cccf094517d3ed81a6f5680b159169cf74cbad346c95978
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29992
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C4F6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A-C2osDpy2SJgbL8AdPC9qWoGl_mHZ_CkUwOpy8GQ5vE02TUQaBmYRWNQmo3xvVjcnm41qKS-887o4blqaC5_lTtNvvJrZ1xy7DG_FUjPtblT-bho
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame C4F6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:26:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:26:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C4F6 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38829
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645619776399499"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 25 Feb 2022 02:48:16 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame C4F6 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:25:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1359
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6434
x-xss-protection
0
server
cafe
etag
16791967082338318403
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:25:37 GMT
l
www.google.com/ads/measurement/ Frame C4F6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRPbuDI6VUh-pvcWAu0ChsjqKKnDxASaXeJQTEsmTl0sUcq8-lheGIfENTlwlVsP05hmgTgoQgQQpngxqnzgTCc1s4UPg
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/ Frame 33F2 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C2ns3TZnDXFqh9_eYK_BdYkcf6tFU-fBtW3Zw1cgmV4mpbvbm4On66K10fPuxA30an9hCrN82XnoMAKbcUmOzBmWO1kPeKgqNoEliflgZq0GlGSwxqi9TGZyqkl6b8xmjBckVdHB5d7sV1H1Bs4s-9wl8DqQ&cry=1&dbm_d=AKAmf-CiyKYT8FK5y6MTes4h5CKAoXJkXNGZOu9szE0mPoV2OmHzLU4un9g1kL3xEo03OZ-moPhjjImNRvzKtTi-lDZG_S83D-SrNarDKu1-XAde0BCPVfsV-JNmdOR4Gr13v5ha1H8facGExKQ4DvhWKj32FNNNzYpVTP21Vher2k4CSzV3kWBcuOcLEIBI2iv4R-_65qabkrAQEWLgh9l7AOTWVCm7oQwCT2TyZ-EP8UQ6eEbcF2tYk_OjGYS_64ySa2w1oV5M6JnhwWjMdFVa609WogHmJr7i35SJcn4NfrgY_ydNdoU9HECpRyeUWmewZwJYjkAHu2SJ-Xj8x-3BX_8TfVQ1oF4Ffe2KntcIucJl39xjkfPPuFFOiPZC8AkMWG_ZYxDi9laCSDP-JSOnXSParahYGJDGldk0yuS8O-vchFK8gbQ9IOgpmO4Dep7GpK3v4h2_1aqlrk3WFeF0OOQRIYxts6B6cSSc5jTGVnI_TBBqo0sNbUfR6WVgeyQkPHxMzwvLEWQT1kwc1pesp9AXtN4m-sOWLiQVH4JCbodnCv8JKwL_WfcU7RqjGRrfz9zPDUMlGYsR5QMTb6JW9vmVuGBzrHs8nW2tHhubI-xQiVB8gG50nW83AhMdpxHQYpCcbg_JpLwz3eiUFVREPShAcX8oGQhDGh_cYC3cG64FkuM9abEAePNsXGUimGNU5OVjsG67nocEPm4DP7vOKXPWsErIqU39oy-iUaLEt0BQzVlpmTV0Gv5lUX57qoUvQKTghEWaFfs4s9rtu1frE3DItw-2TE5rYTbWo1j3KgvxxltfuoXIFQ6FdS_0hR5Uvbx_iu2zjCJoPwVPDC0w4nXmAZ-owjXT8WhB0Qyj9Agoyhntr0UPx5I01H8FRrkXx5we0Ew1lCtS3bNTT35Y-FAAbbLKvcEgnMjw3z6hlVlHAKXQnNsRqQQPGq7PppSY5tVzKyymhWr2qVoa70DxjzjPO9FU_kICR226QLBatfgXFzjv0vQaHsK8VQz48k1F_CtD3rcvF_X48AbNlpmQDLjis3L79nQV88MQxSJJAyFxMBjEgkbza2rQ0jtsHEsAn7O4OMrwIC0Y5wXPeTbd1EhXZRB1rgBwpgYyTotiu7RczO2oDed3jGMjjYUZ03JQQpSOhrVC2bKE7ooaYxL17I_gEDaqP9oJPSLjB_9_6_NkxkNar2zLM8kX_3bIw26ZAtMhqsOnpWi9LWuUCJLMR1aqgdGnY4fiKNHzlK8qdLIjBzHiKbKQb_vJh-D8FNppc3Anpx06olYE_nRu58S0-_62Hci31KGSlr7XctsY2NC65wQzcdU-ATU1jpgr0sjwJpVh7p-QKysFTo-svlxxHdHb8CA-viCqsUlhAr4puHmBoxOw_2dFDNcMRGu-_u5ax-qx5OUoErRNyARc9CgBkXfYl2-EzPgobjSEh2XXXhFwhpwQfYDT6TkhPlyCNxvR3jPAbIynBuWJXUsA1j17G5AVAOG9Q8ojiAiPFxKsu8XOLIQ9lGwnd_kYs0TD5Mq6gLoPb0ya4hS_mz2MIRVSpfsy-rDUukzanFSa3fMX6t03G3tj2JXawYm55NrHGlJvWNX22CyflgVdz8Jl8x66CRODBoiLrns2g-HbNewHA5CtRCsB69KAI2UlBcFIg3A1To2xYWTec6oez-ZmX1l6_VgKmVOoMY-LaB80gCgTajFSHt1SDWbm8r06MLGOWc3Kaj5cJv_qrHzbmMYZh9iH5pBT10O0sw0KQsORlWx4zDhrSrQzEL1eMqSKXz35VuwFKs5-5WzX7NUz-qJs2Xm3m2g_CHxtTS0tkQpm2vKF2XrNQvywf3KmnrnK4J7q_wcrYjBDUCz7gIeopey9XFq-kLAJlfHElIuDT0FSS0xH5ZVwgb0zrEqLb42LMjJABWe2SIKywOuqRO02RD2NQWqifS3H2rv-erfjawWDcp7CRH9knqGxzpdaP3e70JIvaoj4v80_COzDHhe0KbMmCD9NzFJKLGIOBy07UdGbh8WuFJZCoyr7L74g7SleBX1nsQ92o_lFpNEYUXzu6LhDyUTUJM3rMCYP50ktCo7Xn8Osyiz7qGBMfmZPMOfC-IX8N8DJin_sV-3qWVRZ75YTcw1jXqeosGCl7aLXuGnV31DJyl5ufxxpwoKyBNPyVEcG7A7QCNLNCY31PAjhkoGrxKEIgaZVHQXkemPTNgLV0sMnLMK6DtYqjNkysxyklS5pb58ciSAiiVtFd08Q1f0XccZh2r3OElnwdVxsm2rElWtzdUIfRIXuJQafISus8GSoHZZl15ETSAr42zZlHntLN9cmi7oW6u804Ki8fbTLk98nx8P7K9RZFMusm2qGGMpeq6AfN9Fcc2d4cxO3L8Y-1G_huX8UAc9iWNEXUkQWv5VtQPOAel-bCCdIEwfhAENUVkn1OBSmMQ1C4XxXTQ2YfC3NtAVyjJ4fa1e1SQTiBQ0UloISd5L5F1GnjYmxYSnWShghpSvKBpJc9uZUKeokwxsJqLc6Xlr-LtASzVpiq5TPcYUts3ycb26UszKtgraHaWALATjxnwV2y87xPdmNwBRjUNY_KhboKeiY5It-0_m_V0s4hHT7sI5k-xu2xScvfQeLLCqx2DbDzSTiK3xBU-GCgnZ0BFWNi0bPqnWzpEE9REqvzMOYrbpWkUfFm07-qYqvWEbVg9Jfn0MA83Cw6bNknn57hZUT3BjfYTR0x2wRBHWPVgBiNGSMQ7p9-zrovxZAuofLoGLX700Qm7cQyTZz7xKstErlkXc9bBXzhmYuSmxfFA5ebQlD0ss_auGfT-xyamt7fkgiAxaHGVerADfZ9BPFLQnDayBYfvs33D21GEvxxctf4GOaaPP_RVSdtGZ-csoqTezEvHSrwmOgnV59oMWyu222B_HrLFEWF68XN0gfuJcCKQ3nD5D_4_k9kbjVagbtXMAhGyfy3mnoOq_eGIYtKjx8LC9JIKQYMFBW0_e1XB_Q3X5jgjcxtU6DGVe2b2HJ42N3Chvlr0tixs70tW_zEnuLSIE3r_JeoZoG44xdx-Ty5Io0qtBl8eoh1-mA5TkY6sor1kVUFAMLjL4vfF6feGJqIVXcjq5KJ-7RqnJSJnPYdR8FmIEIN-fitySyDpmzs-bfEyM4g-pEWqNgQhQWK4QkarxOZX9mdxVYF-ChFzLlqtp_Jfg09oipBW58JiHcOueqlrJg7OuwZjHuAM0DaME-BsHIfrqb8TRLNtPyczRja6c&cid=CAASFeRotu0-NxBjPVcV8oSzVR8rZrKLTA&rfl=2%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87b3beae1d08bf029d04938bc1d76c7870d450fd75609a85dfafd761cd472047
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:41:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
396
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9647
x-xss-protection
0
server
cafe
etag
6462939580093197770
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:41:40 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 33F2 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C2ns3TZnDXFqh9_eYK_BdYkcf6tFU-fBtW3Zw1cgmV4mpbvbm4On66K10fPuxA30an9hCrN82XnoMAKbcUmOzBmWO1kPeKgqNoEliflgZq0GlGSwxqi9TGZyqkl6b8xmjBckVdHB5d7sV1H1Bs4s-9wl8DqQ&cry=1&dbm_d=AKAmf-CiyKYT8FK5y6MTes4h5CKAoXJkXNGZOu9szE0mPoV2OmHzLU4un9g1kL3xEo03OZ-moPhjjImNRvzKtTi-lDZG_S83D-SrNarDKu1-XAde0BCPVfsV-JNmdOR4Gr13v5ha1H8facGExKQ4DvhWKj32FNNNzYpVTP21Vher2k4CSzV3kWBcuOcLEIBI2iv4R-_65qabkrAQEWLgh9l7AOTWVCm7oQwCT2TyZ-EP8UQ6eEbcF2tYk_OjGYS_64ySa2w1oV5M6JnhwWjMdFVa609WogHmJr7i35SJcn4NfrgY_ydNdoU9HECpRyeUWmewZwJYjkAHu2SJ-Xj8x-3BX_8TfVQ1oF4Ffe2KntcIucJl39xjkfPPuFFOiPZC8AkMWG_ZYxDi9laCSDP-JSOnXSParahYGJDGldk0yuS8O-vchFK8gbQ9IOgpmO4Dep7GpK3v4h2_1aqlrk3WFeF0OOQRIYxts6B6cSSc5jTGVnI_TBBqo0sNbUfR6WVgeyQkPHxMzwvLEWQT1kwc1pesp9AXtN4m-sOWLiQVH4JCbodnCv8JKwL_WfcU7RqjGRrfz9zPDUMlGYsR5QMTb6JW9vmVuGBzrHs8nW2tHhubI-xQiVB8gG50nW83AhMdpxHQYpCcbg_JpLwz3eiUFVREPShAcX8oGQhDGh_cYC3cG64FkuM9abEAePNsXGUimGNU5OVjsG67nocEPm4DP7vOKXPWsErIqU39oy-iUaLEt0BQzVlpmTV0Gv5lUX57qoUvQKTghEWaFfs4s9rtu1frE3DItw-2TE5rYTbWo1j3KgvxxltfuoXIFQ6FdS_0hR5Uvbx_iu2zjCJoPwVPDC0w4nXmAZ-owjXT8WhB0Qyj9Agoyhntr0UPx5I01H8FRrkXx5we0Ew1lCtS3bNTT35Y-FAAbbLKvcEgnMjw3z6hlVlHAKXQnNsRqQQPGq7PppSY5tVzKyymhWr2qVoa70DxjzjPO9FU_kICR226QLBatfgXFzjv0vQaHsK8VQz48k1F_CtD3rcvF_X48AbNlpmQDLjis3L79nQV88MQxSJJAyFxMBjEgkbza2rQ0jtsHEsAn7O4OMrwIC0Y5wXPeTbd1EhXZRB1rgBwpgYyTotiu7RczO2oDed3jGMjjYUZ03JQQpSOhrVC2bKE7ooaYxL17I_gEDaqP9oJPSLjB_9_6_NkxkNar2zLM8kX_3bIw26ZAtMhqsOnpWi9LWuUCJLMR1aqgdGnY4fiKNHzlK8qdLIjBzHiKbKQb_vJh-D8FNppc3Anpx06olYE_nRu58S0-_62Hci31KGSlr7XctsY2NC65wQzcdU-ATU1jpgr0sjwJpVh7p-QKysFTo-svlxxHdHb8CA-viCqsUlhAr4puHmBoxOw_2dFDNcMRGu-_u5ax-qx5OUoErRNyARc9CgBkXfYl2-EzPgobjSEh2XXXhFwhpwQfYDT6TkhPlyCNxvR3jPAbIynBuWJXUsA1j17G5AVAOG9Q8ojiAiPFxKsu8XOLIQ9lGwnd_kYs0TD5Mq6gLoPb0ya4hS_mz2MIRVSpfsy-rDUukzanFSa3fMX6t03G3tj2JXawYm55NrHGlJvWNX22CyflgVdz8Jl8x66CRODBoiLrns2g-HbNewHA5CtRCsB69KAI2UlBcFIg3A1To2xYWTec6oez-ZmX1l6_VgKmVOoMY-LaB80gCgTajFSHt1SDWbm8r06MLGOWc3Kaj5cJv_qrHzbmMYZh9iH5pBT10O0sw0KQsORlWx4zDhrSrQzEL1eMqSKXz35VuwFKs5-5WzX7NUz-qJs2Xm3m2g_CHxtTS0tkQpm2vKF2XrNQvywf3KmnrnK4J7q_wcrYjBDUCz7gIeopey9XFq-kLAJlfHElIuDT0FSS0xH5ZVwgb0zrEqLb42LMjJABWe2SIKywOuqRO02RD2NQWqifS3H2rv-erfjawWDcp7CRH9knqGxzpdaP3e70JIvaoj4v80_COzDHhe0KbMmCD9NzFJKLGIOBy07UdGbh8WuFJZCoyr7L74g7SleBX1nsQ92o_lFpNEYUXzu6LhDyUTUJM3rMCYP50ktCo7Xn8Osyiz7qGBMfmZPMOfC-IX8N8DJin_sV-3qWVRZ75YTcw1jXqeosGCl7aLXuGnV31DJyl5ufxxpwoKyBNPyVEcG7A7QCNLNCY31PAjhkoGrxKEIgaZVHQXkemPTNgLV0sMnLMK6DtYqjNkysxyklS5pb58ciSAiiVtFd08Q1f0XccZh2r3OElnwdVxsm2rElWtzdUIfRIXuJQafISus8GSoHZZl15ETSAr42zZlHntLN9cmi7oW6u804Ki8fbTLk98nx8P7K9RZFMusm2qGGMpeq6AfN9Fcc2d4cxO3L8Y-1G_huX8UAc9iWNEXUkQWv5VtQPOAel-bCCdIEwfhAENUVkn1OBSmMQ1C4XxXTQ2YfC3NtAVyjJ4fa1e1SQTiBQ0UloISd5L5F1GnjYmxYSnWShghpSvKBpJc9uZUKeokwxsJqLc6Xlr-LtASzVpiq5TPcYUts3ycb26UszKtgraHaWALATjxnwV2y87xPdmNwBRjUNY_KhboKeiY5It-0_m_V0s4hHT7sI5k-xu2xScvfQeLLCqx2DbDzSTiK3xBU-GCgnZ0BFWNi0bPqnWzpEE9REqvzMOYrbpWkUfFm07-qYqvWEbVg9Jfn0MA83Cw6bNknn57hZUT3BjfYTR0x2wRBHWPVgBiNGSMQ7p9-zrovxZAuofLoGLX700Qm7cQyTZz7xKstErlkXc9bBXzhmYuSmxfFA5ebQlD0ss_auGfT-xyamt7fkgiAxaHGVerADfZ9BPFLQnDayBYfvs33D21GEvxxctf4GOaaPP_RVSdtGZ-csoqTezEvHSrwmOgnV59oMWyu222B_HrLFEWF68XN0gfuJcCKQ3nD5D_4_k9kbjVagbtXMAhGyfy3mnoOq_eGIYtKjx8LC9JIKQYMFBW0_e1XB_Q3X5jgjcxtU6DGVe2b2HJ42N3Chvlr0tixs70tW_zEnuLSIE3r_JeoZoG44xdx-Ty5Io0qtBl8eoh1-mA5TkY6sor1kVUFAMLjL4vfF6feGJqIVXcjq5KJ-7RqnJSJnPYdR8FmIEIN-fitySyDpmzs-bfEyM4g-pEWqNgQhQWK4QkarxOZX9mdxVYF-ChFzLlqtp_Jfg09oipBW58JiHcOueqlrJg7OuwZjHuAM0DaME-BsHIfrqb8TRLNtPyczRja6c&cid=CAASFeRotu0-NxBjPVcV8oSzVR8rZrKLTA&rfl=2%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 16:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38075
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Feb 2023 16:13:41 GMT
sd
us-u.openx.net/w/1.0/ Frame AA62
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOLqr71RKg_vdnygS1cotfM&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOLqr71RKg_vdnygS1cotfM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNWLXAlM0_JJrXCcoYlUwqsBoVXDY9vJMscGkN2SX3i1NXIOy4HzyAUl82t_7nXs0j_tNkSP1rmh-iLxPF-7qw3g59BN_oR8QrT-vacG0eFPkFoKGVL0n09JRHru4-6kE_n31z0fe46xSkkdTsqhG-fuuBRnP3Ja0vgkn2VMIxUpk15Od4_r87aGkrocg8UUFJMZdSyVAmKuBi3eCANU-ML-MG48AA
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOLqr71RKg_vdnygS1cotfM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame AA62 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNWLXAlM0_JJrXCcoYlUwqsBoVXDY9vJMscGkN2SX3i1NXIOy4HzyAUl82t_7nXs0j_tNkSP1rmh-iLxPF-7qw3g59BN_oR8QrT-vacG0eFPkFoKGVL0n09JRHru4-6kE_n31z0fe46xSkkdTsqhG-fuuBRnP3Ja0vgkn2VMIxUpk15Od4_r87aGkrocg8UUFJMZdSyVAmKuBi3eCANU-ML-MG48AA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame AA62
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEE2AvvnerkJYjXRaOIq6hZI&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEE2AvvnerkJYjXRaOIq6hZI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNWLXAlM0_JJrXCcoYlUwqsBoVXDY9vJMscGkN2SX3i1NXIOy4HzyAUl82t_7nXs0j_tNkSP1rmh-iLxPF-7qw3g59BN_oR8QrT-vacG0eFPkFoKGVL0n09JRHru4-6kE_n31z0fe46xSkkdTsqhG-fuuBRnP3Ja0vgkn2VMIxUpk15Od4_r87aGkrocg8UUFJMZdSyVAmKuBi3eCANU-ML-MG48AA
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 25 Feb 2022 02:48:16 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEE2AvvnerkJYjXRaOIq6hZI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame AA62 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYoOWpXTAB&v=APEucNWLXAlM0_JJrXCcoYlUwqsBoVXDY9vJMscGkN2SX3i1NXIOy4HzyAUl82t_7nXs0j_tNkSP1rmh-iLxPF-7qw3g59BN_oR8QrT-vacG0eFPkFoKGVL0n09JRHru4-6kE_n31z0fe46xSkkdTsqhG-fuuBRnP3Ja0vgkn2VMIxUpk15Od4_r87aGkrocg8UUFJMZdSyVAmKuBi3eCANU-ML-MG48AA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 25 Feb 2022 02:48:16 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
container.html
c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DC5F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 25 Feb 2022 02:48:15 GMT
expires
Sat, 25 Feb 2023 02:48:15 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=hawtcelebs.com_native_multi_native_home_7&sy=6bde81e9-ebda-47cd-b516-58374855cb8d&ts=39&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=570x600&mlbw=4g&mlcs=NaN&mltp=d0168911-350f-48b7-9612-942e5463832a&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FN1KST5034BXX96TPH6J4N1J
date
Fri, 25 Feb 2022 02:48:16 GMT
cf-cache-status
HIT
age
2511934
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9d1c1fef5c8c-FRA
adview
securepubads.g.doubleclick.net/pagead/ Frame D7D0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CcDA2b0MYYu3AKtaNjuwPiqCf0AzJntKxXIX-l_dwwI23ARABIABgleqOgpwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTSgAdW20uoDyAEJqQIavs0D58ayPuACAKgDAaoEoAJP0CvX8tDN7VGQ0CB3X0XkWiYTLo6f4p_nJZRuNlRyTqROa0BbsjHnScie0QGcbEm2nCIjVN5mjn3QwfSZQVq070l_ZrUlgsrUjyOqmrBOpeqNkrS2hzMG6XSxvyTHf-vDiuihcZqJndxrkgJo2lW7djrY8BnEpQlkOTB4eMSOcGyytYS0stAX-TxvaR4PIbSwENpgbCqfe-9_Kii8bm2Y4ixYijS4648GjcrOc-7czCX7BMMTSKxG7iSgWQiMAnebT1nAA5sM-UPney28U__QIagBr48mbPttg5QJS7TCcwMN845GTPfZeYXd1-nhVVEf83nKcGMzoRIegAxeum9TSB7WGuOIuMyOBiTHrPMlYAduBheQ2WR3F7UvsCsDWmrgBAGABpyDt46vq_-3mgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0zODMxODk0NTU5MDE0NjE0GP35Ew&sigh=OVUFiruzVMk&uach_m=[UACH]&cid=CAQSPACNIrLMBvS8tmBYz7xwLOL8BAYaMI_leCw5E9EqSaHpw9ozI84HcsKpCwTV3b2ztz3Hl9TioKAO09AKtRgB
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
notify
rtb.fr.eu.criteo.com/google/auction/ Frame D7D0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UJClCbr5RJIEZJ2DYgICAAAAehsU7mqCfbIQbkMYYqmwnDNNlNJGofz7ABI&wp=YhhDbwAKoG0Hg4bWAAfQCskRsyKG2fQvDftJeg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:16 GMT
server
Kestrel
server-processing-duration-in-ticks
287894
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 310F 		114 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=YhhDbwAKoG0Hg4bWAAfQCskRsyKG2fQvDftJeg&u=%7C9ELlD9KQb%2Fz0eg9Hwf4869hjPjpA4WHDFzG9Rq1eGnk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOkMar8-yfGc15w0edYqkXr7_ByuHu9tWhBBk4MbA_WwhwoTHvNBiNJmilko35kcnWz7L_GRrqkP-ad9cUcqpR80XxHnd2lxr6mtsnUFif5z6eaQagz6UmFprJdRWmxm832zpl6CnoummdmAGoIIlzzYd9xMuKFYE5oon1mmSgCqkDGpdHcW0NW97tqReK2gtkeOU1vzxruQ-CdEG4HeaUg3P-iFt96p8NBY-TMmFKuwza_yU4uHMxTxjTEQGiTzZh9EuutVNQ9U2DUHMtw8iJjcbao23mHggOpoA-zdIhkLSqrhhJpQy882iXQ4Oug_PEhCOy9DCsLnWgnYRIAjiqbV-IKaIitPaYSzu2fG3lWA2F34A5H1AObtUVewy9so0wT4X2_kvg5D6gxXkvs6IIU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbBT7b0MYYu3AKtaNjuwPiqCf0AzJntKxXIX-l_dwwI23ARABIABgleqOgpwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTSgAdW20uoDyAEJqQIavs0D58ayPuACAKgDAaoEowJP0CvX8tDN7VGQ0CB3X0XkWiYTLo6f4p_nJZRuNlRyTqROa0BbsjHnScie0QGcbEm2nCIjVN5mjn3QwfSZQVq070l_ZrUlgsrUjyOqmrBOpeqNkrS2hzMG6XSxvyTHf-vDiuihcZqJndxrkgJo2lW7djrY8BnEpQlkOTB4eMSOcGyytYS0stAX-TxvaR4PIbSwENpgbCqfe-9_Kii8bm2Y4ixYijS4648GjcrOc-7czCX7BMMTSKxG7iSgWQiMAnebT1nAA5sM-UPney28U__QIagBr48mbPttg5QJS7TCcwMN845GTPfZeYXd1-nhVVEf83nKcGMzoRIewg5_KOjc1A1phvcraPEo_i3TpkUvTh_sst-tf5bICZk3NYGHSdVqkangBAGABpyDt46vq_-3mgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_224EEJ4_nIIq_BbqrBXkX6my1gPQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
3af1c358b938a4f5ce01ab2c79b48180d783e78b335431a9e0551ed6408ddcac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/

Response headers

date
Fri, 25 Feb 2022 02:48:16 GMT
content-type
text/html
server
Kestrel
cache-control
private, max-age=0, no-cache
pragma
no-cache
expires
Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cross-origin-resource-policy
cross-origin
p3p
CP='CUR ADM OUR NOR STA NID'
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=dYOIWYjhpyfn17tedWts5dIYh_lm6pEdVw8KQL-iyVq6VY9EOVyjV0vOcVRD50BCDDnJN3ekbfv13LnP0i4S4mtQe_5g6GN4br_Le3NCVwDyb2Uo-QxG4K5_UZ_vwRTv_xrdW2Cs3q7eMiAMTaHVyWVsYrqBFPQtAuB4E1rTSkCBXyyRVE1k7RSubcRw4FrtOdAuaBB1lM7M2HKNYcOeqXpRkU41GC2drMBBb7b6vPWMgIKVVVkMISyh_RPyQKBYr-79Qw"}], "max_age": 86400}
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks
68710407
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame D7D0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:26:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:26:52 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D085 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 24 Feb 2022 13:26:12 GMT
expires
Fri, 25 Feb 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
48124
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D7D0 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38829
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645619776399499"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 25 Feb 2022 02:48:16 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame D7D0 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:25:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1359
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6434
x-xss-protection
0
server
cafe
etag
16791967082338318403
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:25:37 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame D7D0 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132299
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Feb 2023 14:03:17 GMT
css2
fonts.googleapis.com/ Frame 0933 		4 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Feb 2022 02:21:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 25 Feb 2022 02:48:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Feb 2022 02:48:16 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FA09 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDtqwEQio_TsQIYwIqowgEwAQ&v=APEucNV5qr1d7z2x7VPIgFv_J4KQ5vs7APluIMWzcpU5Z3BTvgrBqM2MMffdA-K96cz2YT7fTOolFMC1E9Yyh-CvHEKpfMvm-Sb-lzkUkGOj9NH6-Qr8R37PNynuZYrB3z1SGhAdVnFgZZzm5hmCDPAotJR9pWUdX_ToOAalZYRy-ynDA1wtbSa8GwGndagFAKa_iBthx9N8CtZDrxP4lCNMjZl0bDGt8Q
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 25 Feb 2022 02:48:16 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 9B9C 		68 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6h_3XWYD0sRME5rCuu381bZ9AFz53teXNo5saDY-RbZpsdzANlutRdDey39-0xdGbzuIC-eROaSsUpdQ5yb7w71mymg&cry=1&dbm_d=AKAmf-ABfEW4A6ZkzbnhosZ_V4JTAJLJiNUZ7VP6mj12GnfdUW6zhfNsWeffW1Qtb_HJzoB9XuJgzxJHLq2u4gm3vMM1McHp2Cf1MOUtH4bz12_yIv3SG_RNYjE6prprAnTXO-vKrbC72gzqtDNfkENaWO0fKGtlubFPMyQvuYpFygp-p6I86UNVRD-h_aT8HTUCSGu_eJuPWGjspUwqCgLWOP3RrRvMshrWoUFsYdKYV-UtKRI7KtzeE3B1AwehhoiJaGsWPYEknyjp6x_oXqZtaIFBSspomio9xSwcHaz90i1FkCVpRZggbOk8rPVU1L0BDulHY8KxpqzCAeTvBg2zRJFNfZgBO0cu3_R0udGXCaBhVpdSzL-dbhsnn8Dc0Ewgm8DctUfORqwVDzEBsiMNLGa3vNwVgzJsiqAiVgCOrH6-v7qN2opVvzjv3VWHMGWEpUqOM5DvvwAgqGvlj-FT2yOGUcEB2ZoD055g4dti1iFPy3AiKYlyWNSuB9jiY0Z6KE-OfBr3kcNz9cVEGP7wOJigveQq-D_IoGdj-joMoGCyqIJohdliguvIbH2TojtY-itQLFTXBrr_q6fS2YXWlU_qjqtwucdIaUP3QprJPrgyyNy7I-6Ej8Ft_-4wsYEv_B005i2BLrltoQPWLM8GsbmawpErWPU9faWEwrLSAY5suiJku-OXtR2cDuewoSS_t8aFe8REmXJcSKqe5oZzUxLwe9ceRb1USB-Sbo6DjO6B9XEBwKm9Y-A6EyhzEMSXLIWHMOI1p1dezQMLHzFBw3dp8W-dS8Q3YnpJmMv7T6PQlJUK-77oa2pDTZBP9yHAtFZlALxX071xuJKYZuA33uBHQ5QjHUz9ryRrMiiQxcHM-mjDaCE9C3568QDD7vboUWAxxnopm6O14XA9QLphYXl_Zs0_2wDHenLirikSrHrCAuuDO2WHP4CxESkbiGnNGWLOgo5CSjVsmDQw1Kr7GJWAGqTZi119U6CGpHI7RB6cGzR52blVDzJzI_JztethTCQISlXwtkHrAU2fO638SeoBtjmbs6C-Hpp5BAfVNVcjOTgvcX9EtcWv_HpYxkQfUzahq9spksJQJn7tM4_udOOHgE6wuto0rX-95CRZZSsvkerzq1MxtkaHMuDMAU1md38upMjuwBiF-PEBkPI2W_kdgX7RbnvYRRo63lEa1Xj7MwW7fWp_wB1-TgMwCbNvYK4OI_YZ3QvGUYfQOi4quR-mLlWDcVK9WD4Ax2Kj6H7yu1_1E0XothbIWTzUdc2ikXJl4KyUVH3HycThOBAcDVhnVoj3Fyu554Zu8OzUzmfj0aJaTtpTU8mWF8_ZSAyEU3atDzMlylNZfzKDm_UyqRZoPfNqqkAPmRYy2fW2QfkkimPt3lcERPvRHIu10BMZinDbCI1ro65qiLefRXUgSu-b4QjA9Oj9t6kVLTv1RH9I561xRXv48CJa3AJXth52bqA8Lj9QKnrMxRTHvhibWrJ661cZ_imkfhI5-iJdFEGi3d89LSmpGn-RJ8u1GtaC5OU73bMuq_pfABWk6A3oOopVnnDOqzv63Pd6oZmASv-O0HfarPxCFWQywPvX5UrZw_QsXtijl7p4IVMEiD-uPhuw0_e6W4th1o4wSVFFR9ambXNqCsEPFq7LmfIBIR4LHQ4wn0iOT2saoMLlLrJDGOne4RE9y-t3NLsVB60toW4GVE9fUa4-7gL5VO067WzSq1k-PFCq2CJuFijYjIf8Lv6tIjwhOLVAEJbYuvnBSLMrzfXw7hvKUlTII6eHpwGFmBtnFgIud5NFxd-Mo0C_yMhQDSEbRa7xay__X_zVdX3c1jeQBBzIJ2oIzQutzxRWiOZPbSlMrghaZRLwElADiGl6m9l2tm6nnuJHreIPPrtXzuxGrBXGqZXXKyGR348lUto5DVoS5qeQgo7zVZs9cd4DQkr7X3cSBzpYrOvMGrixfOLbLWj6XzkXbuoVd4clSo0cPluqWHZ6ZKsuYbVZHUl184x5azjxN97UQTUdw-XnBC2EjDBfd4VCP1IzG5HKvJDadP-jrmEpdIdytye264QmWFcuh0FZn1SklLqc6Agp143T_BJzoPceEQyo9N1lKJgz1CmwGI-wAy3BUHwiuajly1z--ZYYMD7X7i_zEApENppTWKxIYXLNWZLwB7ureLJX3nNmnz0BOJlMQftEq7gRG0lVPfvx8_YGDim4Ibcp6Yf9TbFRDSPpelI3x499H2y4igUVIT4d79-2dqV7tkGgevssNkXAzznrGowaVYhb3Q3Q_V3qKYSL_OCVph2UFVOM3eN3qZUiIo9b1BfOFFdsv8jkDRaVrSVIzezqPekkI1m2Z5K-iBs1ZElZa60VtDOjsC0bFQ0YrATZWsWcYAgAxnO6VvGgPF9VEcqe3Bk5KSZwHP-ai1Ky4DdEBSssyD0kMIDPvpWkWce7MztfmqzNLMXzZybEDThd1awmilKAJI3kJCbCI-z34iFjJ-V6jdMMfY107YCB68-lRe1TGcgsloFM_GU1cp035CoH4JZAEPfKRtBN9qX6veig39w7X86SpUJaFL7GAOAF4G_y25lhIuBjS66cuVpFk_lU8hKwC8h0O14cacRR2j92uju5lr0GLUKXrmM2LLpFlLQn5vx59nyq8yreub0HsP4o0Eo-UHzWMfWxtTWuj1WnmT8DyyCnsixzDpsxHu-gzJE1ZFSY4def_OyetdJHLi_8sf9hyLZdSTzlrUwXJfFlkleadGETS95TMZNVG-Qe3cO_Qcfy8PIkckXn5tlj0Jl0qf0SRZGKoK5NH9x4OrzgUnAp2e8EVaMrS61yqpk5jAg2bW5V9lMMBBWw5_xNLd8xY3x6vFCZXdFkpvK0NFbshroulZmmlJKa5PjU-eRj8BiaCsl60_mZmgDRgcOELVitiDqPfuois5PT_v38rSZaQbe5oZHQ3RUUFni_tnKQ0DUuiSrQitqWeb0hcTl9FBhx4bXAHReZYo5ClYTcAVRpFZzjQTM6qexKPw9Yeh9btBgF09CSQcAMqUjI5QxbV0j9hobr-ZDKVlqOodYPX9iSbTWF3Rve7WiLqnNnXcy9cg9H1XcHbU8O8vrJ1oBQJrvLtFF_hsUPoToktOuGMkySu1XogKVSqpdZVUOxxCJtWeIMthYC5t6mXBTG2YMM7izWECXMkSmPDB8DuJQEZFHAP98GOwOB4jg5jXLRP-LIpYu4zkKCdpCZmvBfAfFAIFusDqI9ESqlZuvFjN626uUpu_W1QmucceHr8xB0raisYqeJ3m-PrDUq1vXyVFevPKylDrCTZrCSd1ZB-0EH3VE7esgm4Gd1g3GIQ0gtNzMdjQBm4hWpd4qvnw&cid=CAASEuRosEPWV2aCNx0sugiDGYopMQ&rfl=2%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db91ff216f2baef1aed095aa025c03b404d2086b2b8c18c1214ca3417467ec28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30133
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 9B9C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:26:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:26:52 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 9B9C 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:25:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1359
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6434
x-xss-protection
0
server
cafe
etag
16791967082338318403
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:25:37 GMT
l
www.google.com/ads/measurement/ Frame 9B9C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSyVkvLSL7pKzqTGL2vNUC51Aq5tNE84EZqfNtG4wMH1XcUZjYwrzcNlrwAMma6-k6r-s5s6X6-TK7-7uPibBn-XNhUDA
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9B9C 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38829
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645619776399499"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 25 Feb 2022 02:48:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B9C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DGIq1NP-JSBuLOlYZ3vhzzs5HkQg_jMwxBT32f4kjrFXrEH4U7zb6ELNIibpsGB890mts4-Du_1zVMm-ngXF2VVZHGOT60t_cJLn-4uZRPcJDFNXM
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
interstitial_ad_frame_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/ Frame 0933 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/interstitial_ad_frame_fy2019.js
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6227515defa43493593661bd5eb5fa369c22843fab1cf4156d137ed5d7b439d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:02:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2759
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8307
x-xss-protection
0
server
cafe
etag
12491010468182217777
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:02:17 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8E3E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 16:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38075
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Feb 2023 16:13:41 GMT
truncated
/ Frame 8E3E 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
51646d08a73320c1db3a30ac5e553a11d60e3de11d81c0fe2a001b6c983acda8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 8600 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 16:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38075
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Feb 2023 16:13:41 GMT
truncated
/ Frame 8600 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
effbe2af24ce6545f073003b4e4af6f5f7b866f6b64378cd59bc31c3eb100596

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
t43ocmuaiycq
hal9000.redintelligence.net/zone/ Frame 33F2 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/t43ocmuaiycq?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChC7hb0MYYrm-I4Hu3wOf8KDwCd2t6KhgqNy3x7kK8C4QASCVm8ohYJXqjoKcB8gBCakCVm4sPcnIsj6oAwGqBO8BT9BfQxZj9AsPLFzRIG6kIYFPYCClE5deBKBaBcWBNSaMyHbU6GrnVlsxEfw_My3l6A9DPoFxVt4jeonLjHmhFSMvpCkbiaHModyDDgj8QD9Ilqra_qpO-yUhogv9G_TK8IbZd643gMUCyjZoH9aG6IhUPHgRdHH8Rr2-P-Ma-lq7BknuNKlmgTytfto3GEqB-vbRgcxMV8srEbcBOXAsubxkdepw02Nhjn3VDouTVZrk9yzZAJAjwWNFuOjNqHScY32r0dBNA3UO8akMtHynZtXz2LuI5By_vfPU6NTF5QS4ilZzgcezqH-u_P6xN8DABM6Ou7GWAuAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA5gLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRotu0-NxBjPVcV8oSzVR8rZrKLTA%26sig%3DAOD64_09Zdr7eyjcGC9GtksUu6QhHCgX0Q%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-Dn03Ka2P2tfEiyzKMqd-C4XZ5VNii4wrieATPYZThawjolaH5LXhvRSgarWHGHEqGQS32xD33_VXM8Se4Tr2q0_zZ1lkcD2VRDQOv4q8fITvf8gfma6VtHh7ECwot6iypS6I_bEKyLjmtEUsBjNIEIw0iQwA%26cry%3D1%26dbm_d%3DAKAmf-C8lzo9G9xT9_sNxjNBZC9-tQv5MQ4YpdR9Fncn5SD3YnIm5RqoEJWQQ-I6cIJBDnXcPIVZo2ph8xNEcxVrksK8QS6sr1JhGLRe8w0FFmhguc7Kfp9L7LqMzXjJnK3cej6IfNbgadNshcMxErLqhCgstlizdFtdwNWlMib_gIuPfTCuwFUQ07HQvnX2LDsx0xdQS2MkPnCsXljYNFa_mq16Tfp6mduYTs60nZiLf4oBhTzGvp-TL9v0MdRSZSfH4G-i6h6vD07UDODwTNmEam0D5bsX4xzH6ax1fu_CGeNMJLKNnfEVxxA6Cin8_VLiFa6hu9fBH5Vvqg7w--WlWSp6Um33gdej_Ccn2Yn0V4lJkdOR_7HdPUwN-NZIbjXC2MixR2LDTyFwzfi0IQXccoLjH-J6ZICBjVH4T9M-gr6mnMAl4GAGZGHffICSFMGhlfOgxNGV%26adurl%3D
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
22e8cf24afa5a067266524cf92e90a091c1c1b03f7d3f9de6e97bb06fe1a03ed

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:48:16 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3942
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5C2C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 22 Feb 2022 08:13:54 GMT
expires
Wed, 22 Feb 2023 08:13:54 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
239662
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
skeleton.js
fw.adsafeprotected.com/rjss/st/931897/61009656/ Frame C4F6 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/931897/61009656/skeleton.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bj7Mw9s-v6RrpcvNLLi31d7o-69gTKDnBTEu9NFRBSHVxhG13d0cd7pr5rVFQdbeGYG-krOPCh9SnZZJLuMT4Zf-aHI_UKrgtgsWU3Vh-oj7Iwt1MQLiM0Ls7qseUX73wt4IRvTTf5YZnV9Ow67S-aRpUA8w&dbm_d=AKAmf-CIvcMbMcENq8H2cAaRk8pqdoaURYPDAXZeClT1ahsGHuBPlJ406GFUleStE1irEzMNGCuqFS63ADsHrcWNZ0fr08E2nS3pAEZd84SzAONjtAUU8WLs9l1QU6Zfnzh__tp0v0Gkgjd90MD7IisNqL-S0quaRo0sZtV28kBAQInXuStIwSJzF88L8mua0Td3NK_1sb9iybL8elfNK8cgmnLpxbhmKG_LTVv40tjKKzFj5NKVr6o3CqyK3qJwLn_AMmdRQCSKrWIB3pMOnVpd3kiXTWaNPOcIMyGBvrFg5ta7RO3IZuycY2KX_UVFafJrs56496CjVb36dYoOc64wvQ395tFUJKQ8IfCwhsTv25Y-c8euokGbzwOcyPJNWMDBiVYqUzDRepU7Pr4ShJV2v0G2gX0L2qNtoRzCjh2BrvPRZI4c-baARwaH9FBDco8zI54qbhXxg_deeZwlzl18RIUHZ5pfJGaUuTGlEZmuWP9h0SO03ViobrR1OkncehQCPoZvsKXp3FVoF3WyXTBa6_442Mnqb_M3iZu79LaoGOChNIMevvmynE08LpIqYLle97e3YFBG3tgqDlaomSPvdOpA7ov1L-UiP8kEAo8eIp06mkVoI2P53QO1LeIH0iXMB0BXRBOM-owMbTAjfuTVPq7ldRcPYtqK616QwcymCvmDI2U63wR7gdafGz7MOzgGA0x28OjMfKkjgluRIfRc2p7SgCRF3oCm4SzsZ2JIDfJHFEKHh4HPm1r0d9oH946XFwhKQ_eipiv9fp_pc6h8RYhq-7MF84dWPYcz7sbOnjqPxv-4LiOnOcYCLpJ2MhjqfChotwZxyNgZcNiUtxQQzT1aSKOtnrfAIPjfLEmJjf2ZXsXbcARBwf37O7mm6p4ZQoUPt4RXXN0KwRrKDM36D1RIs6mVdmcPOuGh2_Tag5haBwKf86Prgoi7HDHMrSZaNfwzjfJhQe6BAcx7SyMui8881iKwNc9V42859L68NmlTDIeLHB831OKM3WfKPqUtX4ovAiVEn9sD3mUYuCnsA4pYjbANXgqsQbub00MSGdYbIzNSDx8Q7Vzu4C2WKxEBhTxm93djN1DqXxxEzexYD7qmisItcXV8rF8Hw2FCt7kiZZin0irXgg4LbyJyolMzkuWPI2KkBRhlM7eeILBF00NkVaNC-U83X6vreQZ5SzOuvRSb4v9JVXR-mVjAPykSyAgvcWUwy1ZV6QEouWlVqAFsyqn1kMaVTr8bHInTvwfvTD_1xhw7bZWBd4ovYc66CDYi0NiQpMtvX4dK2EW3dfU4IKvL_9lvAA-_ABDiOKoc3voxWJ0sN9MvPtKf6VzDfvtIZfD9pt7sAChFnchyUEXYwmzxlM3jflAoyhFTyrO03N8e9F25joD0WWlYUZJB5BpbJwQrM3vuNvvzaL9nY36_NkKIlZyQpFrVVMsaRVScaWUL8VtW1fxPFK2naHLopWDXDO0_kTMXsQqlfJ6OyqdIOESFlCR8CJnGvmw99_dliMTooTY2gwWrrAGEuLyooGyhDlyhcbM80OKFOpaCYiMLLm5lNL8Q4PjbjKT0zIXkMFWES7kWEf3mLd8XX1qyTAUUlWXnX6cx4YMVI8o7yCyN3CouwolNv3_0wNsnp7FJQTTXJuGszEF1laaAXvAi8vEOHBDOy2ykhPiWpRN-AxqGZO_PHjX087YCLI0BRpN6SeeHId1wdHL4dOkN6RXs1ba5_KTtHOOUU4VwQYAJw8pSHsZ7qHXwW8Mu77K3z6a5p1N7V0AdU6c5Ilxv6J_KvlRuyG3DuCbef7jpfhDe2-KFTt6ZTsBJBy_MhcXW29Ok1HGU7YkmLJLMDdAqSi04B846uxfTCjx9olhcuqJnlp9hStkBCbo1M6C9ovi_WABGpTdAwKqDumvcuLF_6HhVYHTJRnAeKwlWpzfM9ZPHYRiSQoN0ReTXcbByFg3_PRiNjmfxq9M9dCKb3vPNhRSU84brBx7kb7Hnad04d1b4-CSnkGQliN6kvw7HVgYaDCMdX_syyxt4Ntt36b61f8uskViEXC3xFxLFbXi8S6zlVqQ8sNxrrHZjwA13bzqXpYMggh5CtMmToMZpSg07x0ir7WD2uqHjyAfolyrwhC_4LXKDD2bCsjP3lXJrUsaClRGqadl9kTLeSXIWQ2sMo44U9uR2uqSMbT42EgQ6JRa92XlMN0T1gHCT2YVv1ErrkexpWrc4YxiBKKpzj0DGdowqGPk5UCl7t5BAU7nt5WZBwNkkO16K6JLyMYe419EcYJJdd6hAowcF1I0QFvc5QKoteMPW7bUlWG3VQb3vOl49kmEDNfEkU_VWJE4f0IvN7WPX8aS7cPqBd2YAAc3jhTRqpRn6GEo911moNOJHR4WdjZCuzJ8W0xAAJUGZJJj-Xrg1R4BBGoQKaNy36B7u-fxNNyNDBx2tHZ5ubb1c8PCOob8zm3PPWbDa2Y7277HY2FJ_nT9Wb5ekFRNC5y_NfwF9YeYo3LdNxEcmuEbt0_JPqEoeRpA5nGD9zvTCJcCQt6kI9Kzy_YsCirFaTHIt3qcV8FLFLmdqvPDBfUb3LkOV-P8eh3EbXr5NB40T8Ujl6oA8KhEoxR-6j4my0UkDghIbmO5kKDQciVpd1bKLMDbv49YVj8vxnKCrhJ8JJR7XnVTn4tnEe8cKm7IZH7z6svyuqV_Ausxpk5b7LvLsFv1GkoFaw7Y5JsqnSe_oSafO8_SHwlTlURUVBglMRtDYAhWixSmlBN22aVizlpIwULeo4mekr6r1m8r05ppjiFqd-BXozJeflP56yGv62xyFmB0Yy3WSBkwnVvSYZlCSXuqGKnKAFr3Jc_7_u43MZAYryAWdMROLg_GkQ8NGhNRmUT2G8-1i3o_UzgPIvcb21CxW1pD5UhCloaL5Nr7wXGGAE9OPAv0LiA08PCCrtlJ_8Cy17eIqw9RLeGJybVlQBT5UsvYOrWh5IuxtqRMWz8D7H_tpzXrJqEtqaw_d1l54js6fMppKeCZySvbJQ_xb6rubj5MahnKN98TjVeI3sd-ZREv6riZQApiZXQ1wLOpL7vci41rMg1-f3k_CDipPgPGHLdoCF8koGm5L5dPq8UNIuGo8VPpAKbN-f1aW8QFbnr-Xt_S8_1CSvXoIQprWa1KTMCX9wYIR-_K6I1Fc7hBCCARLple8aYE56F6qqRajVcfRXYXzh_OFd6wHc6x9vpygmwoyKvMLL_8aeWn_lR5NpndvIRq6Sq2MZu_zCtyZ5R-JZVprjvaV_rgbVyyH-REEwyAfaG2KRw&cid=CAASFeRoa4pYmBZ46IOXJmLtNfiB-Nu1AQ&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.210.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-210-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
33bfb1f6f1a9cb9c6d14e5786dae3ae31ffdd74e6ebd963348e342218561699d

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/ Frame C4F6 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bj7Mw9s-v6RrpcvNLLi31d7o-69gTKDnBTEu9NFRBSHVxhG13d0cd7pr5rVFQdbeGYG-krOPCh9SnZZJLuMT4Zf-aHI_UKrgtgsWU3Vh-oj7Iwt1MQLiM0Ls7qseUX73wt4IRvTTf5YZnV9Ow67S-aRpUA8w&dbm_d=AKAmf-CIvcMbMcENq8H2cAaRk8pqdoaURYPDAXZeClT1ahsGHuBPlJ406GFUleStE1irEzMNGCuqFS63ADsHrcWNZ0fr08E2nS3pAEZd84SzAONjtAUU8WLs9l1QU6Zfnzh__tp0v0Gkgjd90MD7IisNqL-S0quaRo0sZtV28kBAQInXuStIwSJzF88L8mua0Td3NK_1sb9iybL8elfNK8cgmnLpxbhmKG_LTVv40tjKKzFj5NKVr6o3CqyK3qJwLn_AMmdRQCSKrWIB3pMOnVpd3kiXTWaNPOcIMyGBvrFg5ta7RO3IZuycY2KX_UVFafJrs56496CjVb36dYoOc64wvQ395tFUJKQ8IfCwhsTv25Y-c8euokGbzwOcyPJNWMDBiVYqUzDRepU7Pr4ShJV2v0G2gX0L2qNtoRzCjh2BrvPRZI4c-baARwaH9FBDco8zI54qbhXxg_deeZwlzl18RIUHZ5pfJGaUuTGlEZmuWP9h0SO03ViobrR1OkncehQCPoZvsKXp3FVoF3WyXTBa6_442Mnqb_M3iZu79LaoGOChNIMevvmynE08LpIqYLle97e3YFBG3tgqDlaomSPvdOpA7ov1L-UiP8kEAo8eIp06mkVoI2P53QO1LeIH0iXMB0BXRBOM-owMbTAjfuTVPq7ldRcPYtqK616QwcymCvmDI2U63wR7gdafGz7MOzgGA0x28OjMfKkjgluRIfRc2p7SgCRF3oCm4SzsZ2JIDfJHFEKHh4HPm1r0d9oH946XFwhKQ_eipiv9fp_pc6h8RYhq-7MF84dWPYcz7sbOnjqPxv-4LiOnOcYCLpJ2MhjqfChotwZxyNgZcNiUtxQQzT1aSKOtnrfAIPjfLEmJjf2ZXsXbcARBwf37O7mm6p4ZQoUPt4RXXN0KwRrKDM36D1RIs6mVdmcPOuGh2_Tag5haBwKf86Prgoi7HDHMrSZaNfwzjfJhQe6BAcx7SyMui8881iKwNc9V42859L68NmlTDIeLHB831OKM3WfKPqUtX4ovAiVEn9sD3mUYuCnsA4pYjbANXgqsQbub00MSGdYbIzNSDx8Q7Vzu4C2WKxEBhTxm93djN1DqXxxEzexYD7qmisItcXV8rF8Hw2FCt7kiZZin0irXgg4LbyJyolMzkuWPI2KkBRhlM7eeILBF00NkVaNC-U83X6vreQZ5SzOuvRSb4v9JVXR-mVjAPykSyAgvcWUwy1ZV6QEouWlVqAFsyqn1kMaVTr8bHInTvwfvTD_1xhw7bZWBd4ovYc66CDYi0NiQpMtvX4dK2EW3dfU4IKvL_9lvAA-_ABDiOKoc3voxWJ0sN9MvPtKf6VzDfvtIZfD9pt7sAChFnchyUEXYwmzxlM3jflAoyhFTyrO03N8e9F25joD0WWlYUZJB5BpbJwQrM3vuNvvzaL9nY36_NkKIlZyQpFrVVMsaRVScaWUL8VtW1fxPFK2naHLopWDXDO0_kTMXsQqlfJ6OyqdIOESFlCR8CJnGvmw99_dliMTooTY2gwWrrAGEuLyooGyhDlyhcbM80OKFOpaCYiMLLm5lNL8Q4PjbjKT0zIXkMFWES7kWEf3mLd8XX1qyTAUUlWXnX6cx4YMVI8o7yCyN3CouwolNv3_0wNsnp7FJQTTXJuGszEF1laaAXvAi8vEOHBDOy2ykhPiWpRN-AxqGZO_PHjX087YCLI0BRpN6SeeHId1wdHL4dOkN6RXs1ba5_KTtHOOUU4VwQYAJw8pSHsZ7qHXwW8Mu77K3z6a5p1N7V0AdU6c5Ilxv6J_KvlRuyG3DuCbef7jpfhDe2-KFTt6ZTsBJBy_MhcXW29Ok1HGU7YkmLJLMDdAqSi04B846uxfTCjx9olhcuqJnlp9hStkBCbo1M6C9ovi_WABGpTdAwKqDumvcuLF_6HhVYHTJRnAeKwlWpzfM9ZPHYRiSQoN0ReTXcbByFg3_PRiNjmfxq9M9dCKb3vPNhRSU84brBx7kb7Hnad04d1b4-CSnkGQliN6kvw7HVgYaDCMdX_syyxt4Ntt36b61f8uskViEXC3xFxLFbXi8S6zlVqQ8sNxrrHZjwA13bzqXpYMggh5CtMmToMZpSg07x0ir7WD2uqHjyAfolyrwhC_4LXKDD2bCsjP3lXJrUsaClRGqadl9kTLeSXIWQ2sMo44U9uR2uqSMbT42EgQ6JRa92XlMN0T1gHCT2YVv1ErrkexpWrc4YxiBKKpzj0DGdowqGPk5UCl7t5BAU7nt5WZBwNkkO16K6JLyMYe419EcYJJdd6hAowcF1I0QFvc5QKoteMPW7bUlWG3VQb3vOl49kmEDNfEkU_VWJE4f0IvN7WPX8aS7cPqBd2YAAc3jhTRqpRn6GEo911moNOJHR4WdjZCuzJ8W0xAAJUGZJJj-Xrg1R4BBGoQKaNy36B7u-fxNNyNDBx2tHZ5ubb1c8PCOob8zm3PPWbDa2Y7277HY2FJ_nT9Wb5ekFRNC5y_NfwF9YeYo3LdNxEcmuEbt0_JPqEoeRpA5nGD9zvTCJcCQt6kI9Kzy_YsCirFaTHIt3qcV8FLFLmdqvPDBfUb3LkOV-P8eh3EbXr5NB40T8Ujl6oA8KhEoxR-6j4my0UkDghIbmO5kKDQciVpd1bKLMDbv49YVj8vxnKCrhJ8JJR7XnVTn4tnEe8cKm7IZH7z6svyuqV_Ausxpk5b7LvLsFv1GkoFaw7Y5JsqnSe_oSafO8_SHwlTlURUVBglMRtDYAhWixSmlBN22aVizlpIwULeo4mekr6r1m8r05ppjiFqd-BXozJeflP56yGv62xyFmB0Yy3WSBkwnVvSYZlCSXuqGKnKAFr3Jc_7_u43MZAYryAWdMROLg_GkQ8NGhNRmUT2G8-1i3o_UzgPIvcb21CxW1pD5UhCloaL5Nr7wXGGAE9OPAv0LiA08PCCrtlJ_8Cy17eIqw9RLeGJybVlQBT5UsvYOrWh5IuxtqRMWz8D7H_tpzXrJqEtqaw_d1l54js6fMppKeCZySvbJQ_xb6rubj5MahnKN98TjVeI3sd-ZREv6riZQApiZXQ1wLOpL7vci41rMg1-f3k_CDipPgPGHLdoCF8koGm5L5dPq8UNIuGo8VPpAKbN-f1aW8QFbnr-Xt_S8_1CSvXoIQprWa1KTMCX9wYIR-_K6I1Fc7hBCCARLple8aYE56F6qqRajVcfRXYXzh_OFd6wHc6x9vpygmwoyKvMLL_8aeWn_lR5NpndvIRq6Sq2MZu_zCtyZ5R-JZVprjvaV_rgbVyyH-REEwyAfaG2KRw&cid=CAASFeRoa4pYmBZ46IOXJmLtNfiB-Nu1AQ&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87b3beae1d08bf029d04938bc1d76c7870d450fd75609a85dfafd761cd472047
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:41:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
396
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9647
x-xss-protection
0
server
cafe
etag
6462939580093197770
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:41:40 GMT
4737677526979715882
s0.2mdn.net/simgad/ Frame C4F6 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4737677526979715882
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bj7Mw9s-v6RrpcvNLLi31d7o-69gTKDnBTEu9NFRBSHVxhG13d0cd7pr5rVFQdbeGYG-krOPCh9SnZZJLuMT4Zf-aHI_UKrgtgsWU3Vh-oj7Iwt1MQLiM0Ls7qseUX73wt4IRvTTf5YZnV9Ow67S-aRpUA8w&dbm_d=AKAmf-CIvcMbMcENq8H2cAaRk8pqdoaURYPDAXZeClT1ahsGHuBPlJ406GFUleStE1irEzMNGCuqFS63ADsHrcWNZ0fr08E2nS3pAEZd84SzAONjtAUU8WLs9l1QU6Zfnzh__tp0v0Gkgjd90MD7IisNqL-S0quaRo0sZtV28kBAQInXuStIwSJzF88L8mua0Td3NK_1sb9iybL8elfNK8cgmnLpxbhmKG_LTVv40tjKKzFj5NKVr6o3CqyK3qJwLn_AMmdRQCSKrWIB3pMOnVpd3kiXTWaNPOcIMyGBvrFg5ta7RO3IZuycY2KX_UVFafJrs56496CjVb36dYoOc64wvQ395tFUJKQ8IfCwhsTv25Y-c8euokGbzwOcyPJNWMDBiVYqUzDRepU7Pr4ShJV2v0G2gX0L2qNtoRzCjh2BrvPRZI4c-baARwaH9FBDco8zI54qbhXxg_deeZwlzl18RIUHZ5pfJGaUuTGlEZmuWP9h0SO03ViobrR1OkncehQCPoZvsKXp3FVoF3WyXTBa6_442Mnqb_M3iZu79LaoGOChNIMevvmynE08LpIqYLle97e3YFBG3tgqDlaomSPvdOpA7ov1L-UiP8kEAo8eIp06mkVoI2P53QO1LeIH0iXMB0BXRBOM-owMbTAjfuTVPq7ldRcPYtqK616QwcymCvmDI2U63wR7gdafGz7MOzgGA0x28OjMfKkjgluRIfRc2p7SgCRF3oCm4SzsZ2JIDfJHFEKHh4HPm1r0d9oH946XFwhKQ_eipiv9fp_pc6h8RYhq-7MF84dWPYcz7sbOnjqPxv-4LiOnOcYCLpJ2MhjqfChotwZxyNgZcNiUtxQQzT1aSKOtnrfAIPjfLEmJjf2ZXsXbcARBwf37O7mm6p4ZQoUPt4RXXN0KwRrKDM36D1RIs6mVdmcPOuGh2_Tag5haBwKf86Prgoi7HDHMrSZaNfwzjfJhQe6BAcx7SyMui8881iKwNc9V42859L68NmlTDIeLHB831OKM3WfKPqUtX4ovAiVEn9sD3mUYuCnsA4pYjbANXgqsQbub00MSGdYbIzNSDx8Q7Vzu4C2WKxEBhTxm93djN1DqXxxEzexYD7qmisItcXV8rF8Hw2FCt7kiZZin0irXgg4LbyJyolMzkuWPI2KkBRhlM7eeILBF00NkVaNC-U83X6vreQZ5SzOuvRSb4v9JVXR-mVjAPykSyAgvcWUwy1ZV6QEouWlVqAFsyqn1kMaVTr8bHInTvwfvTD_1xhw7bZWBd4ovYc66CDYi0NiQpMtvX4dK2EW3dfU4IKvL_9lvAA-_ABDiOKoc3voxWJ0sN9MvPtKf6VzDfvtIZfD9pt7sAChFnchyUEXYwmzxlM3jflAoyhFTyrO03N8e9F25joD0WWlYUZJB5BpbJwQrM3vuNvvzaL9nY36_NkKIlZyQpFrVVMsaRVScaWUL8VtW1fxPFK2naHLopWDXDO0_kTMXsQqlfJ6OyqdIOESFlCR8CJnGvmw99_dliMTooTY2gwWrrAGEuLyooGyhDlyhcbM80OKFOpaCYiMLLm5lNL8Q4PjbjKT0zIXkMFWES7kWEf3mLd8XX1qyTAUUlWXnX6cx4YMVI8o7yCyN3CouwolNv3_0wNsnp7FJQTTXJuGszEF1laaAXvAi8vEOHBDOy2ykhPiWpRN-AxqGZO_PHjX087YCLI0BRpN6SeeHId1wdHL4dOkN6RXs1ba5_KTtHOOUU4VwQYAJw8pSHsZ7qHXwW8Mu77K3z6a5p1N7V0AdU6c5Ilxv6J_KvlRuyG3DuCbef7jpfhDe2-KFTt6ZTsBJBy_MhcXW29Ok1HGU7YkmLJLMDdAqSi04B846uxfTCjx9olhcuqJnlp9hStkBCbo1M6C9ovi_WABGpTdAwKqDumvcuLF_6HhVYHTJRnAeKwlWpzfM9ZPHYRiSQoN0ReTXcbByFg3_PRiNjmfxq9M9dCKb3vPNhRSU84brBx7kb7Hnad04d1b4-CSnkGQliN6kvw7HVgYaDCMdX_syyxt4Ntt36b61f8uskViEXC3xFxLFbXi8S6zlVqQ8sNxrrHZjwA13bzqXpYMggh5CtMmToMZpSg07x0ir7WD2uqHjyAfolyrwhC_4LXKDD2bCsjP3lXJrUsaClRGqadl9kTLeSXIWQ2sMo44U9uR2uqSMbT42EgQ6JRa92XlMN0T1gHCT2YVv1ErrkexpWrc4YxiBKKpzj0DGdowqGPk5UCl7t5BAU7nt5WZBwNkkO16K6JLyMYe419EcYJJdd6hAowcF1I0QFvc5QKoteMPW7bUlWG3VQb3vOl49kmEDNfEkU_VWJE4f0IvN7WPX8aS7cPqBd2YAAc3jhTRqpRn6GEo911moNOJHR4WdjZCuzJ8W0xAAJUGZJJj-Xrg1R4BBGoQKaNy36B7u-fxNNyNDBx2tHZ5ubb1c8PCOob8zm3PPWbDa2Y7277HY2FJ_nT9Wb5ekFRNC5y_NfwF9YeYo3LdNxEcmuEbt0_JPqEoeRpA5nGD9zvTCJcCQt6kI9Kzy_YsCirFaTHIt3qcV8FLFLmdqvPDBfUb3LkOV-P8eh3EbXr5NB40T8Ujl6oA8KhEoxR-6j4my0UkDghIbmO5kKDQciVpd1bKLMDbv49YVj8vxnKCrhJ8JJR7XnVTn4tnEe8cKm7IZH7z6svyuqV_Ausxpk5b7LvLsFv1GkoFaw7Y5JsqnSe_oSafO8_SHwlTlURUVBglMRtDYAhWixSmlBN22aVizlpIwULeo4mekr6r1m8r05ppjiFqd-BXozJeflP56yGv62xyFmB0Yy3WSBkwnVvSYZlCSXuqGKnKAFr3Jc_7_u43MZAYryAWdMROLg_GkQ8NGhNRmUT2G8-1i3o_UzgPIvcb21CxW1pD5UhCloaL5Nr7wXGGAE9OPAv0LiA08PCCrtlJ_8Cy17eIqw9RLeGJybVlQBT5UsvYOrWh5IuxtqRMWz8D7H_tpzXrJqEtqaw_d1l54js6fMppKeCZySvbJQ_xb6rubj5MahnKN98TjVeI3sd-ZREv6riZQApiZXQ1wLOpL7vci41rMg1-f3k_CDipPgPGHLdoCF8koGm5L5dPq8UNIuGo8VPpAKbN-f1aW8QFbnr-Xt_S8_1CSvXoIQprWa1KTMCX9wYIR-_K6I1Fc7hBCCARLple8aYE56F6qqRajVcfRXYXzh_OFd6wHc6x9vpygmwoyKvMLL_8aeWn_lR5NpndvIRq6Sq2MZu_zCtyZ5R-JZVprjvaV_rgbVyyH-REEwyAfaG2KRw&cid=CAASFeRoa4pYmBZ46IOXJmLtNfiB-Nu1AQ&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab665fd42efb1585d9ebb070a1991a2b41d138cbae4fd0fed1aa857d79a5142e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 09:33:24 GMT
x-content-type-options
nosniff
age
234892
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60116
x-xss-protection
0
last-modified
Tue, 22 Feb 2022 09:29:30 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Feb 2023 09:33:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/ Frame C4F6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bj7Mw9s-v6RrpcvNLLi31d7o-69gTKDnBTEu9NFRBSHVxhG13d0cd7pr5rVFQdbeGYG-krOPCh9SnZZJLuMT4Zf-aHI_UKrgtgsWU3Vh-oj7Iwt1MQLiM0Ls7qseUX73wt4IRvTTf5YZnV9Ow67S-aRpUA8w&dbm_d=AKAmf-CIvcMbMcENq8H2cAaRk8pqdoaURYPDAXZeClT1ahsGHuBPlJ406GFUleStE1irEzMNGCuqFS63ADsHrcWNZ0fr08E2nS3pAEZd84SzAONjtAUU8WLs9l1QU6Zfnzh__tp0v0Gkgjd90MD7IisNqL-S0quaRo0sZtV28kBAQInXuStIwSJzF88L8mua0Td3NK_1sb9iybL8elfNK8cgmnLpxbhmKG_LTVv40tjKKzFj5NKVr6o3CqyK3qJwLn_AMmdRQCSKrWIB3pMOnVpd3kiXTWaNPOcIMyGBvrFg5ta7RO3IZuycY2KX_UVFafJrs56496CjVb36dYoOc64wvQ395tFUJKQ8IfCwhsTv25Y-c8euokGbzwOcyPJNWMDBiVYqUzDRepU7Pr4ShJV2v0G2gX0L2qNtoRzCjh2BrvPRZI4c-baARwaH9FBDco8zI54qbhXxg_deeZwlzl18RIUHZ5pfJGaUuTGlEZmuWP9h0SO03ViobrR1OkncehQCPoZvsKXp3FVoF3WyXTBa6_442Mnqb_M3iZu79LaoGOChNIMevvmynE08LpIqYLle97e3YFBG3tgqDlaomSPvdOpA7ov1L-UiP8kEAo8eIp06mkVoI2P53QO1LeIH0iXMB0BXRBOM-owMbTAjfuTVPq7ldRcPYtqK616QwcymCvmDI2U63wR7gdafGz7MOzgGA0x28OjMfKkjgluRIfRc2p7SgCRF3oCm4SzsZ2JIDfJHFEKHh4HPm1r0d9oH946XFwhKQ_eipiv9fp_pc6h8RYhq-7MF84dWPYcz7sbOnjqPxv-4LiOnOcYCLpJ2MhjqfChotwZxyNgZcNiUtxQQzT1aSKOtnrfAIPjfLEmJjf2ZXsXbcARBwf37O7mm6p4ZQoUPt4RXXN0KwRrKDM36D1RIs6mVdmcPOuGh2_Tag5haBwKf86Prgoi7HDHMrSZaNfwzjfJhQe6BAcx7SyMui8881iKwNc9V42859L68NmlTDIeLHB831OKM3WfKPqUtX4ovAiVEn9sD3mUYuCnsA4pYjbANXgqsQbub00MSGdYbIzNSDx8Q7Vzu4C2WKxEBhTxm93djN1DqXxxEzexYD7qmisItcXV8rF8Hw2FCt7kiZZin0irXgg4LbyJyolMzkuWPI2KkBRhlM7eeILBF00NkVaNC-U83X6vreQZ5SzOuvRSb4v9JVXR-mVjAPykSyAgvcWUwy1ZV6QEouWlVqAFsyqn1kMaVTr8bHInTvwfvTD_1xhw7bZWBd4ovYc66CDYi0NiQpMtvX4dK2EW3dfU4IKvL_9lvAA-_ABDiOKoc3voxWJ0sN9MvPtKf6VzDfvtIZfD9pt7sAChFnchyUEXYwmzxlM3jflAoyhFTyrO03N8e9F25joD0WWlYUZJB5BpbJwQrM3vuNvvzaL9nY36_NkKIlZyQpFrVVMsaRVScaWUL8VtW1fxPFK2naHLopWDXDO0_kTMXsQqlfJ6OyqdIOESFlCR8CJnGvmw99_dliMTooTY2gwWrrAGEuLyooGyhDlyhcbM80OKFOpaCYiMLLm5lNL8Q4PjbjKT0zIXkMFWES7kWEf3mLd8XX1qyTAUUlWXnX6cx4YMVI8o7yCyN3CouwolNv3_0wNsnp7FJQTTXJuGszEF1laaAXvAi8vEOHBDOy2ykhPiWpRN-AxqGZO_PHjX087YCLI0BRpN6SeeHId1wdHL4dOkN6RXs1ba5_KTtHOOUU4VwQYAJw8pSHsZ7qHXwW8Mu77K3z6a5p1N7V0AdU6c5Ilxv6J_KvlRuyG3DuCbef7jpfhDe2-KFTt6ZTsBJBy_MhcXW29Ok1HGU7YkmLJLMDdAqSi04B846uxfTCjx9olhcuqJnlp9hStkBCbo1M6C9ovi_WABGpTdAwKqDumvcuLF_6HhVYHTJRnAeKwlWpzfM9ZPHYRiSQoN0ReTXcbByFg3_PRiNjmfxq9M9dCKb3vPNhRSU84brBx7kb7Hnad04d1b4-CSnkGQliN6kvw7HVgYaDCMdX_syyxt4Ntt36b61f8uskViEXC3xFxLFbXi8S6zlVqQ8sNxrrHZjwA13bzqXpYMggh5CtMmToMZpSg07x0ir7WD2uqHjyAfolyrwhC_4LXKDD2bCsjP3lXJrUsaClRGqadl9kTLeSXIWQ2sMo44U9uR2uqSMbT42EgQ6JRa92XlMN0T1gHCT2YVv1ErrkexpWrc4YxiBKKpzj0DGdowqGPk5UCl7t5BAU7nt5WZBwNkkO16K6JLyMYe419EcYJJdd6hAowcF1I0QFvc5QKoteMPW7bUlWG3VQb3vOl49kmEDNfEkU_VWJE4f0IvN7WPX8aS7cPqBd2YAAc3jhTRqpRn6GEo911moNOJHR4WdjZCuzJ8W0xAAJUGZJJj-Xrg1R4BBGoQKaNy36B7u-fxNNyNDBx2tHZ5ubb1c8PCOob8zm3PPWbDa2Y7277HY2FJ_nT9Wb5ekFRNC5y_NfwF9YeYo3LdNxEcmuEbt0_JPqEoeRpA5nGD9zvTCJcCQt6kI9Kzy_YsCirFaTHIt3qcV8FLFLmdqvPDBfUb3LkOV-P8eh3EbXr5NB40T8Ujl6oA8KhEoxR-6j4my0UkDghIbmO5kKDQciVpd1bKLMDbv49YVj8vxnKCrhJ8JJR7XnVTn4tnEe8cKm7IZH7z6svyuqV_Ausxpk5b7LvLsFv1GkoFaw7Y5JsqnSe_oSafO8_SHwlTlURUVBglMRtDYAhWixSmlBN22aVizlpIwULeo4mekr6r1m8r05ppjiFqd-BXozJeflP56yGv62xyFmB0Yy3WSBkwnVvSYZlCSXuqGKnKAFr3Jc_7_u43MZAYryAWdMROLg_GkQ8NGhNRmUT2G8-1i3o_UzgPIvcb21CxW1pD5UhCloaL5Nr7wXGGAE9OPAv0LiA08PCCrtlJ_8Cy17eIqw9RLeGJybVlQBT5UsvYOrWh5IuxtqRMWz8D7H_tpzXrJqEtqaw_d1l54js6fMppKeCZySvbJQ_xb6rubj5MahnKN98TjVeI3sd-ZREv6riZQApiZXQ1wLOpL7vci41rMg1-f3k_CDipPgPGHLdoCF8koGm5L5dPq8UNIuGo8VPpAKbN-f1aW8QFbnr-Xt_S8_1CSvXoIQprWa1KTMCX9wYIR-_K6I1Fc7hBCCARLple8aYE56F6qqRajVcfRXYXzh_OFd6wHc6x9vpygmwoyKvMLL_8aeWn_lR5NpndvIRq6Sq2MZu_zCtyZ5R-JZVprjvaV_rgbVyyH-REEwyAfaG2KRw&cid=CAASFeRoa4pYmBZ46IOXJmLtNfiB-Nu1AQ&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:21:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1599
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:21:37 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C4F6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bj7Mw9s-v6RrpcvNLLi31d7o-69gTKDnBTEu9NFRBSHVxhG13d0cd7pr5rVFQdbeGYG-krOPCh9SnZZJLuMT4Zf-aHI_UKrgtgsWU3Vh-oj7Iwt1MQLiM0Ls7qseUX73wt4IRvTTf5YZnV9Ow67S-aRpUA8w&dbm_d=AKAmf-CIvcMbMcENq8H2cAaRk8pqdoaURYPDAXZeClT1ahsGHuBPlJ406GFUleStE1irEzMNGCuqFS63ADsHrcWNZ0fr08E2nS3pAEZd84SzAONjtAUU8WLs9l1QU6Zfnzh__tp0v0Gkgjd90MD7IisNqL-S0quaRo0sZtV28kBAQInXuStIwSJzF88L8mua0Td3NK_1sb9iybL8elfNK8cgmnLpxbhmKG_LTVv40tjKKzFj5NKVr6o3CqyK3qJwLn_AMmdRQCSKrWIB3pMOnVpd3kiXTWaNPOcIMyGBvrFg5ta7RO3IZuycY2KX_UVFafJrs56496CjVb36dYoOc64wvQ395tFUJKQ8IfCwhsTv25Y-c8euokGbzwOcyPJNWMDBiVYqUzDRepU7Pr4ShJV2v0G2gX0L2qNtoRzCjh2BrvPRZI4c-baARwaH9FBDco8zI54qbhXxg_deeZwlzl18RIUHZ5pfJGaUuTGlEZmuWP9h0SO03ViobrR1OkncehQCPoZvsKXp3FVoF3WyXTBa6_442Mnqb_M3iZu79LaoGOChNIMevvmynE08LpIqYLle97e3YFBG3tgqDlaomSPvdOpA7ov1L-UiP8kEAo8eIp06mkVoI2P53QO1LeIH0iXMB0BXRBOM-owMbTAjfuTVPq7ldRcPYtqK616QwcymCvmDI2U63wR7gdafGz7MOzgGA0x28OjMfKkjgluRIfRc2p7SgCRF3oCm4SzsZ2JIDfJHFEKHh4HPm1r0d9oH946XFwhKQ_eipiv9fp_pc6h8RYhq-7MF84dWPYcz7sbOnjqPxv-4LiOnOcYCLpJ2MhjqfChotwZxyNgZcNiUtxQQzT1aSKOtnrfAIPjfLEmJjf2ZXsXbcARBwf37O7mm6p4ZQoUPt4RXXN0KwRrKDM36D1RIs6mVdmcPOuGh2_Tag5haBwKf86Prgoi7HDHMrSZaNfwzjfJhQe6BAcx7SyMui8881iKwNc9V42859L68NmlTDIeLHB831OKM3WfKPqUtX4ovAiVEn9sD3mUYuCnsA4pYjbANXgqsQbub00MSGdYbIzNSDx8Q7Vzu4C2WKxEBhTxm93djN1DqXxxEzexYD7qmisItcXV8rF8Hw2FCt7kiZZin0irXgg4LbyJyolMzkuWPI2KkBRhlM7eeILBF00NkVaNC-U83X6vreQZ5SzOuvRSb4v9JVXR-mVjAPykSyAgvcWUwy1ZV6QEouWlVqAFsyqn1kMaVTr8bHInTvwfvTD_1xhw7bZWBd4ovYc66CDYi0NiQpMtvX4dK2EW3dfU4IKvL_9lvAA-_ABDiOKoc3voxWJ0sN9MvPtKf6VzDfvtIZfD9pt7sAChFnchyUEXYwmzxlM3jflAoyhFTyrO03N8e9F25joD0WWlYUZJB5BpbJwQrM3vuNvvzaL9nY36_NkKIlZyQpFrVVMsaRVScaWUL8VtW1fxPFK2naHLopWDXDO0_kTMXsQqlfJ6OyqdIOESFlCR8CJnGvmw99_dliMTooTY2gwWrrAGEuLyooGyhDlyhcbM80OKFOpaCYiMLLm5lNL8Q4PjbjKT0zIXkMFWES7kWEf3mLd8XX1qyTAUUlWXnX6cx4YMVI8o7yCyN3CouwolNv3_0wNsnp7FJQTTXJuGszEF1laaAXvAi8vEOHBDOy2ykhPiWpRN-AxqGZO_PHjX087YCLI0BRpN6SeeHId1wdHL4dOkN6RXs1ba5_KTtHOOUU4VwQYAJw8pSHsZ7qHXwW8Mu77K3z6a5p1N7V0AdU6c5Ilxv6J_KvlRuyG3DuCbef7jpfhDe2-KFTt6ZTsBJBy_MhcXW29Ok1HGU7YkmLJLMDdAqSi04B846uxfTCjx9olhcuqJnlp9hStkBCbo1M6C9ovi_WABGpTdAwKqDumvcuLF_6HhVYHTJRnAeKwlWpzfM9ZPHYRiSQoN0ReTXcbByFg3_PRiNjmfxq9M9dCKb3vPNhRSU84brBx7kb7Hnad04d1b4-CSnkGQliN6kvw7HVgYaDCMdX_syyxt4Ntt36b61f8uskViEXC3xFxLFbXi8S6zlVqQ8sNxrrHZjwA13bzqXpYMggh5CtMmToMZpSg07x0ir7WD2uqHjyAfolyrwhC_4LXKDD2bCsjP3lXJrUsaClRGqadl9kTLeSXIWQ2sMo44U9uR2uqSMbT42EgQ6JRa92XlMN0T1gHCT2YVv1ErrkexpWrc4YxiBKKpzj0DGdowqGPk5UCl7t5BAU7nt5WZBwNkkO16K6JLyMYe419EcYJJdd6hAowcF1I0QFvc5QKoteMPW7bUlWG3VQb3vOl49kmEDNfEkU_VWJE4f0IvN7WPX8aS7cPqBd2YAAc3jhTRqpRn6GEo911moNOJHR4WdjZCuzJ8W0xAAJUGZJJj-Xrg1R4BBGoQKaNy36B7u-fxNNyNDBx2tHZ5ubb1c8PCOob8zm3PPWbDa2Y7277HY2FJ_nT9Wb5ekFRNC5y_NfwF9YeYo3LdNxEcmuEbt0_JPqEoeRpA5nGD9zvTCJcCQt6kI9Kzy_YsCirFaTHIt3qcV8FLFLmdqvPDBfUb3LkOV-P8eh3EbXr5NB40T8Ujl6oA8KhEoxR-6j4my0UkDghIbmO5kKDQciVpd1bKLMDbv49YVj8vxnKCrhJ8JJR7XnVTn4tnEe8cKm7IZH7z6svyuqV_Ausxpk5b7LvLsFv1GkoFaw7Y5JsqnSe_oSafO8_SHwlTlURUVBglMRtDYAhWixSmlBN22aVizlpIwULeo4mekr6r1m8r05ppjiFqd-BXozJeflP56yGv62xyFmB0Yy3WSBkwnVvSYZlCSXuqGKnKAFr3Jc_7_u43MZAYryAWdMROLg_GkQ8NGhNRmUT2G8-1i3o_UzgPIvcb21CxW1pD5UhCloaL5Nr7wXGGAE9OPAv0LiA08PCCrtlJ_8Cy17eIqw9RLeGJybVlQBT5UsvYOrWh5IuxtqRMWz8D7H_tpzXrJqEtqaw_d1l54js6fMppKeCZySvbJQ_xb6rubj5MahnKN98TjVeI3sd-ZREv6riZQApiZXQ1wLOpL7vci41rMg1-f3k_CDipPgPGHLdoCF8koGm5L5dPq8UNIuGo8VPpAKbN-f1aW8QFbnr-Xt_S8_1CSvXoIQprWa1KTMCX9wYIR-_K6I1Fc7hBCCARLple8aYE56F6qqRajVcfRXYXzh_OFd6wHc6x9vpygmwoyKvMLL_8aeWn_lR5NpndvIRq6Sq2MZu_zCtyZ5R-JZVprjvaV_rgbVyyH-REEwyAfaG2KRw&cid=CAASFeRoa4pYmBZ46IOXJmLtNfiB-Nu1AQ&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 16:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38075
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Feb 2023 16:13:41 GMT
rum
dsum-sec.casalemedia.com/ Frame 78D8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOKUJAlrgDkK3Ez0uAmR7DM&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOKUJAlrgDkK3Ez0uAmR7DM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDtqwEQio_TsQIYnfqnwgEwAQ&v=APEucNVgC4crAAeHyVjXVwTIhQHy7LO8hKLmL55N3gPV2EMb0Cz1JCUpL-hh7CyI4VXirsHxnPYsoU0R2zUHw84mdXtFwYgeZQVGXnYm_LMCQ1s4CvsdoxCJDyl-YmeQ8WL3eCOXlXUxyYKlVdukUJNKbXdy3psc6WTnkoOdVvAAT4BZSqb94N6LKVR6eFJDQsswByT-TsLwOgF6q957VPCuWRHGqPAU1g
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:48:16 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOKUJAlrgDkK3Ez0uAmR7DM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 78D8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhhDb11T4iqGo90.2PC2xQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOKUJAlrgDkK3Ez0uAmR7DM&google_cver=1&google_hm=2
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOKUJAlrgDkK3Ez0uAmR7DM&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDtqwEQio_TsQIYnfqnwgEwAQ&v=APEucNVgC4crAAeHyVjXVwTIhQHy7LO8hKLmL55N3gPV2EMb0Cz1JCUpL-hh7CyI4VXirsHxnPYsoU0R2zUHw84mdXtFwYgeZQVGXnYm_LMCQ1s4CvsdoxCJDyl-YmeQ8WL3eCOXlXUxyYKlVdukUJNKbXdy3psc6WTnkoOdVvAAT4BZSqb94N6LKVR6eFJDQsswByT-TsLwOgF6q957VPCuWRHGqPAU1g
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 25 Feb 2022 02:48:16 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOKUJAlrgDkK3Ez0uAmR7DM&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 78D8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPQ9ovor2dZaehnTgPVDNTk&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPQ9ovor2dZaehnTgPVDNTk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDtqwEQio_TsQIYnfqnwgEwAQ&v=APEucNVgC4crAAeHyVjXVwTIhQHy7LO8hKLmL55N3gPV2EMb0Cz1JCUpL-hh7CyI4VXirsHxnPYsoU0R2zUHw84mdXtFwYgeZQVGXnYm_LMCQ1s4CvsdoxCJDyl-YmeQ8WL3eCOXlXUxyYKlVdukUJNKbXdy3psc6WTnkoOdVvAAT4BZSqb94N6LKVR6eFJDQsswByT-TsLwOgF6q957VPCuWRHGqPAU1g
Protocol
HTTP/1.1
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:16 GMT
X-Proxy-Origin
95.211.199.145; 95.211.199.145; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
b767798a-9b15-411d-8a91-427030e10852
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPQ9ovor2dZaehnTgPVDNTk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 78D8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIzNzQ4ODYzODkzNzA5ODkzNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIzNzQ4ODYzODkzNzA5ODkzNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDtqwEQio_TsQIYnfqnwgEwAQ&v=APEucNVgC4crAAeHyVjXVwTIhQHy7LO8hKLmL55N3gPV2EMb0Cz1JCUpL-hh7CyI4VXirsHxnPYsoU0R2zUHw84mdXtFwYgeZQVGXnYm_LMCQ1s4CvsdoxCJDyl-YmeQ8WL3eCOXlXUxyYKlVdukUJNKbXdy3psc6WTnkoOdVvAAT4BZSqb94N6LKVR6eFJDQsswByT-TsLwOgF6q957VPCuWRHGqPAU1g
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:16 GMT
X-Proxy-Origin
95.211.199.145; 95.211.199.145; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
25fb0d1c-b092-41ee-8818-715996ce01cb
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzIzNzQ4ODYzODkzNzA5ODkzNw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
skeleton.js
fw.adsafeprotected.com/rjss/st/931897/61009684/ Frame 9B9C 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/931897/61009684/skeleton.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6h_3XWYD0sRME5rCuu381bZ9AFz53teXNo5saDY-RbZpsdzANlutRdDey39-0xdGbzuIC-eROaSsUpdQ5yb7w71mymg&cry=1&dbm_d=AKAmf-ABfEW4A6ZkzbnhosZ_V4JTAJLJiNUZ7VP6mj12GnfdUW6zhfNsWeffW1Qtb_HJzoB9XuJgzxJHLq2u4gm3vMM1McHp2Cf1MOUtH4bz12_yIv3SG_RNYjE6prprAnTXO-vKrbC72gzqtDNfkENaWO0fKGtlubFPMyQvuYpFygp-p6I86UNVRD-h_aT8HTUCSGu_eJuPWGjspUwqCgLWOP3RrRvMshrWoUFsYdKYV-UtKRI7KtzeE3B1AwehhoiJaGsWPYEknyjp6x_oXqZtaIFBSspomio9xSwcHaz90i1FkCVpRZggbOk8rPVU1L0BDulHY8KxpqzCAeTvBg2zRJFNfZgBO0cu3_R0udGXCaBhVpdSzL-dbhsnn8Dc0Ewgm8DctUfORqwVDzEBsiMNLGa3vNwVgzJsiqAiVgCOrH6-v7qN2opVvzjv3VWHMGWEpUqOM5DvvwAgqGvlj-FT2yOGUcEB2ZoD055g4dti1iFPy3AiKYlyWNSuB9jiY0Z6KE-OfBr3kcNz9cVEGP7wOJigveQq-D_IoGdj-joMoGCyqIJohdliguvIbH2TojtY-itQLFTXBrr_q6fS2YXWlU_qjqtwucdIaUP3QprJPrgyyNy7I-6Ej8Ft_-4wsYEv_B005i2BLrltoQPWLM8GsbmawpErWPU9faWEwrLSAY5suiJku-OXtR2cDuewoSS_t8aFe8REmXJcSKqe5oZzUxLwe9ceRb1USB-Sbo6DjO6B9XEBwKm9Y-A6EyhzEMSXLIWHMOI1p1dezQMLHzFBw3dp8W-dS8Q3YnpJmMv7T6PQlJUK-77oa2pDTZBP9yHAtFZlALxX071xuJKYZuA33uBHQ5QjHUz9ryRrMiiQxcHM-mjDaCE9C3568QDD7vboUWAxxnopm6O14XA9QLphYXl_Zs0_2wDHenLirikSrHrCAuuDO2WHP4CxESkbiGnNGWLOgo5CSjVsmDQw1Kr7GJWAGqTZi119U6CGpHI7RB6cGzR52blVDzJzI_JztethTCQISlXwtkHrAU2fO638SeoBtjmbs6C-Hpp5BAfVNVcjOTgvcX9EtcWv_HpYxkQfUzahq9spksJQJn7tM4_udOOHgE6wuto0rX-95CRZZSsvkerzq1MxtkaHMuDMAU1md38upMjuwBiF-PEBkPI2W_kdgX7RbnvYRRo63lEa1Xj7MwW7fWp_wB1-TgMwCbNvYK4OI_YZ3QvGUYfQOi4quR-mLlWDcVK9WD4Ax2Kj6H7yu1_1E0XothbIWTzUdc2ikXJl4KyUVH3HycThOBAcDVhnVoj3Fyu554Zu8OzUzmfj0aJaTtpTU8mWF8_ZSAyEU3atDzMlylNZfzKDm_UyqRZoPfNqqkAPmRYy2fW2QfkkimPt3lcERPvRHIu10BMZinDbCI1ro65qiLefRXUgSu-b4QjA9Oj9t6kVLTv1RH9I561xRXv48CJa3AJXth52bqA8Lj9QKnrMxRTHvhibWrJ661cZ_imkfhI5-iJdFEGi3d89LSmpGn-RJ8u1GtaC5OU73bMuq_pfABWk6A3oOopVnnDOqzv63Pd6oZmASv-O0HfarPxCFWQywPvX5UrZw_QsXtijl7p4IVMEiD-uPhuw0_e6W4th1o4wSVFFR9ambXNqCsEPFq7LmfIBIR4LHQ4wn0iOT2saoMLlLrJDGOne4RE9y-t3NLsVB60toW4GVE9fUa4-7gL5VO067WzSq1k-PFCq2CJuFijYjIf8Lv6tIjwhOLVAEJbYuvnBSLMrzfXw7hvKUlTII6eHpwGFmBtnFgIud5NFxd-Mo0C_yMhQDSEbRa7xay__X_zVdX3c1jeQBBzIJ2oIzQutzxRWiOZPbSlMrghaZRLwElADiGl6m9l2tm6nnuJHreIPPrtXzuxGrBXGqZXXKyGR348lUto5DVoS5qeQgo7zVZs9cd4DQkr7X3cSBzpYrOvMGrixfOLbLWj6XzkXbuoVd4clSo0cPluqWHZ6ZKsuYbVZHUl184x5azjxN97UQTUdw-XnBC2EjDBfd4VCP1IzG5HKvJDadP-jrmEpdIdytye264QmWFcuh0FZn1SklLqc6Agp143T_BJzoPceEQyo9N1lKJgz1CmwGI-wAy3BUHwiuajly1z--ZYYMD7X7i_zEApENppTWKxIYXLNWZLwB7ureLJX3nNmnz0BOJlMQftEq7gRG0lVPfvx8_YGDim4Ibcp6Yf9TbFRDSPpelI3x499H2y4igUVIT4d79-2dqV7tkGgevssNkXAzznrGowaVYhb3Q3Q_V3qKYSL_OCVph2UFVOM3eN3qZUiIo9b1BfOFFdsv8jkDRaVrSVIzezqPekkI1m2Z5K-iBs1ZElZa60VtDOjsC0bFQ0YrATZWsWcYAgAxnO6VvGgPF9VEcqe3Bk5KSZwHP-ai1Ky4DdEBSssyD0kMIDPvpWkWce7MztfmqzNLMXzZybEDThd1awmilKAJI3kJCbCI-z34iFjJ-V6jdMMfY107YCB68-lRe1TGcgsloFM_GU1cp035CoH4JZAEPfKRtBN9qX6veig39w7X86SpUJaFL7GAOAF4G_y25lhIuBjS66cuVpFk_lU8hKwC8h0O14cacRR2j92uju5lr0GLUKXrmM2LLpFlLQn5vx59nyq8yreub0HsP4o0Eo-UHzWMfWxtTWuj1WnmT8DyyCnsixzDpsxHu-gzJE1ZFSY4def_OyetdJHLi_8sf9hyLZdSTzlrUwXJfFlkleadGETS95TMZNVG-Qe3cO_Qcfy8PIkckXn5tlj0Jl0qf0SRZGKoK5NH9x4OrzgUnAp2e8EVaMrS61yqpk5jAg2bW5V9lMMBBWw5_xNLd8xY3x6vFCZXdFkpvK0NFbshroulZmmlJKa5PjU-eRj8BiaCsl60_mZmgDRgcOELVitiDqPfuois5PT_v38rSZaQbe5oZHQ3RUUFni_tnKQ0DUuiSrQitqWeb0hcTl9FBhx4bXAHReZYo5ClYTcAVRpFZzjQTM6qexKPw9Yeh9btBgF09CSQcAMqUjI5QxbV0j9hobr-ZDKVlqOodYPX9iSbTWF3Rve7WiLqnNnXcy9cg9H1XcHbU8O8vrJ1oBQJrvLtFF_hsUPoToktOuGMkySu1XogKVSqpdZVUOxxCJtWeIMthYC5t6mXBTG2YMM7izWECXMkSmPDB8DuJQEZFHAP98GOwOB4jg5jXLRP-LIpYu4zkKCdpCZmvBfAfFAIFusDqI9ESqlZuvFjN626uUpu_W1QmucceHr8xB0raisYqeJ3m-PrDUq1vXyVFevPKylDrCTZrCSd1ZB-0EH3VE7esgm4Gd1g3GIQ0gtNzMdjQBm4hWpd4qvnw&cid=CAASEuRosEPWV2aCNx0sugiDGYopMQ&rfl=2%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.210.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-210-111.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
477343df44c11d9ad7663884d364459628cbd94770fe3763fe66067f4e98659e

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/ Frame 9B9C 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6h_3XWYD0sRME5rCuu381bZ9AFz53teXNo5saDY-RbZpsdzANlutRdDey39-0xdGbzuIC-eROaSsUpdQ5yb7w71mymg&cry=1&dbm_d=AKAmf-ABfEW4A6ZkzbnhosZ_V4JTAJLJiNUZ7VP6mj12GnfdUW6zhfNsWeffW1Qtb_HJzoB9XuJgzxJHLq2u4gm3vMM1McHp2Cf1MOUtH4bz12_yIv3SG_RNYjE6prprAnTXO-vKrbC72gzqtDNfkENaWO0fKGtlubFPMyQvuYpFygp-p6I86UNVRD-h_aT8HTUCSGu_eJuPWGjspUwqCgLWOP3RrRvMshrWoUFsYdKYV-UtKRI7KtzeE3B1AwehhoiJaGsWPYEknyjp6x_oXqZtaIFBSspomio9xSwcHaz90i1FkCVpRZggbOk8rPVU1L0BDulHY8KxpqzCAeTvBg2zRJFNfZgBO0cu3_R0udGXCaBhVpdSzL-dbhsnn8Dc0Ewgm8DctUfORqwVDzEBsiMNLGa3vNwVgzJsiqAiVgCOrH6-v7qN2opVvzjv3VWHMGWEpUqOM5DvvwAgqGvlj-FT2yOGUcEB2ZoD055g4dti1iFPy3AiKYlyWNSuB9jiY0Z6KE-OfBr3kcNz9cVEGP7wOJigveQq-D_IoGdj-joMoGCyqIJohdliguvIbH2TojtY-itQLFTXBrr_q6fS2YXWlU_qjqtwucdIaUP3QprJPrgyyNy7I-6Ej8Ft_-4wsYEv_B005i2BLrltoQPWLM8GsbmawpErWPU9faWEwrLSAY5suiJku-OXtR2cDuewoSS_t8aFe8REmXJcSKqe5oZzUxLwe9ceRb1USB-Sbo6DjO6B9XEBwKm9Y-A6EyhzEMSXLIWHMOI1p1dezQMLHzFBw3dp8W-dS8Q3YnpJmMv7T6PQlJUK-77oa2pDTZBP9yHAtFZlALxX071xuJKYZuA33uBHQ5QjHUz9ryRrMiiQxcHM-mjDaCE9C3568QDD7vboUWAxxnopm6O14XA9QLphYXl_Zs0_2wDHenLirikSrHrCAuuDO2WHP4CxESkbiGnNGWLOgo5CSjVsmDQw1Kr7GJWAGqTZi119U6CGpHI7RB6cGzR52blVDzJzI_JztethTCQISlXwtkHrAU2fO638SeoBtjmbs6C-Hpp5BAfVNVcjOTgvcX9EtcWv_HpYxkQfUzahq9spksJQJn7tM4_udOOHgE6wuto0rX-95CRZZSsvkerzq1MxtkaHMuDMAU1md38upMjuwBiF-PEBkPI2W_kdgX7RbnvYRRo63lEa1Xj7MwW7fWp_wB1-TgMwCbNvYK4OI_YZ3QvGUYfQOi4quR-mLlWDcVK9WD4Ax2Kj6H7yu1_1E0XothbIWTzUdc2ikXJl4KyUVH3HycThOBAcDVhnVoj3Fyu554Zu8OzUzmfj0aJaTtpTU8mWF8_ZSAyEU3atDzMlylNZfzKDm_UyqRZoPfNqqkAPmRYy2fW2QfkkimPt3lcERPvRHIu10BMZinDbCI1ro65qiLefRXUgSu-b4QjA9Oj9t6kVLTv1RH9I561xRXv48CJa3AJXth52bqA8Lj9QKnrMxRTHvhibWrJ661cZ_imkfhI5-iJdFEGi3d89LSmpGn-RJ8u1GtaC5OU73bMuq_pfABWk6A3oOopVnnDOqzv63Pd6oZmASv-O0HfarPxCFWQywPvX5UrZw_QsXtijl7p4IVMEiD-uPhuw0_e6W4th1o4wSVFFR9ambXNqCsEPFq7LmfIBIR4LHQ4wn0iOT2saoMLlLrJDGOne4RE9y-t3NLsVB60toW4GVE9fUa4-7gL5VO067WzSq1k-PFCq2CJuFijYjIf8Lv6tIjwhOLVAEJbYuvnBSLMrzfXw7hvKUlTII6eHpwGFmBtnFgIud5NFxd-Mo0C_yMhQDSEbRa7xay__X_zVdX3c1jeQBBzIJ2oIzQutzxRWiOZPbSlMrghaZRLwElADiGl6m9l2tm6nnuJHreIPPrtXzuxGrBXGqZXXKyGR348lUto5DVoS5qeQgo7zVZs9cd4DQkr7X3cSBzpYrOvMGrixfOLbLWj6XzkXbuoVd4clSo0cPluqWHZ6ZKsuYbVZHUl184x5azjxN97UQTUdw-XnBC2EjDBfd4VCP1IzG5HKvJDadP-jrmEpdIdytye264QmWFcuh0FZn1SklLqc6Agp143T_BJzoPceEQyo9N1lKJgz1CmwGI-wAy3BUHwiuajly1z--ZYYMD7X7i_zEApENppTWKxIYXLNWZLwB7ureLJX3nNmnz0BOJlMQftEq7gRG0lVPfvx8_YGDim4Ibcp6Yf9TbFRDSPpelI3x499H2y4igUVIT4d79-2dqV7tkGgevssNkXAzznrGowaVYhb3Q3Q_V3qKYSL_OCVph2UFVOM3eN3qZUiIo9b1BfOFFdsv8jkDRaVrSVIzezqPekkI1m2Z5K-iBs1ZElZa60VtDOjsC0bFQ0YrATZWsWcYAgAxnO6VvGgPF9VEcqe3Bk5KSZwHP-ai1Ky4DdEBSssyD0kMIDPvpWkWce7MztfmqzNLMXzZybEDThd1awmilKAJI3kJCbCI-z34iFjJ-V6jdMMfY107YCB68-lRe1TGcgsloFM_GU1cp035CoH4JZAEPfKRtBN9qX6veig39w7X86SpUJaFL7GAOAF4G_y25lhIuBjS66cuVpFk_lU8hKwC8h0O14cacRR2j92uju5lr0GLUKXrmM2LLpFlLQn5vx59nyq8yreub0HsP4o0Eo-UHzWMfWxtTWuj1WnmT8DyyCnsixzDpsxHu-gzJE1ZFSY4def_OyetdJHLi_8sf9hyLZdSTzlrUwXJfFlkleadGETS95TMZNVG-Qe3cO_Qcfy8PIkckXn5tlj0Jl0qf0SRZGKoK5NH9x4OrzgUnAp2e8EVaMrS61yqpk5jAg2bW5V9lMMBBWw5_xNLd8xY3x6vFCZXdFkpvK0NFbshroulZmmlJKa5PjU-eRj8BiaCsl60_mZmgDRgcOELVitiDqPfuois5PT_v38rSZaQbe5oZHQ3RUUFni_tnKQ0DUuiSrQitqWeb0hcTl9FBhx4bXAHReZYo5ClYTcAVRpFZzjQTM6qexKPw9Yeh9btBgF09CSQcAMqUjI5QxbV0j9hobr-ZDKVlqOodYPX9iSbTWF3Rve7WiLqnNnXcy9cg9H1XcHbU8O8vrJ1oBQJrvLtFF_hsUPoToktOuGMkySu1XogKVSqpdZVUOxxCJtWeIMthYC5t6mXBTG2YMM7izWECXMkSmPDB8DuJQEZFHAP98GOwOB4jg5jXLRP-LIpYu4zkKCdpCZmvBfAfFAIFusDqI9ESqlZuvFjN626uUpu_W1QmucceHr8xB0raisYqeJ3m-PrDUq1vXyVFevPKylDrCTZrCSd1ZB-0EH3VE7esgm4Gd1g3GIQ0gtNzMdjQBm4hWpd4qvnw&cid=CAASEuRosEPWV2aCNx0sugiDGYopMQ&rfl=2%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87b3beae1d08bf029d04938bc1d76c7870d450fd75609a85dfafd761cd472047
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:41:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
396
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9647
x-xss-protection
0
server
cafe
etag
6462939580093197770
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:41:40 GMT
12083427466942091092
s0.2mdn.net/simgad/ Frame 9B9C 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12083427466942091092
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6h_3XWYD0sRME5rCuu381bZ9AFz53teXNo5saDY-RbZpsdzANlutRdDey39-0xdGbzuIC-eROaSsUpdQ5yb7w71mymg&cry=1&dbm_d=AKAmf-ABfEW4A6ZkzbnhosZ_V4JTAJLJiNUZ7VP6mj12GnfdUW6zhfNsWeffW1Qtb_HJzoB9XuJgzxJHLq2u4gm3vMM1McHp2Cf1MOUtH4bz12_yIv3SG_RNYjE6prprAnTXO-vKrbC72gzqtDNfkENaWO0fKGtlubFPMyQvuYpFygp-p6I86UNVRD-h_aT8HTUCSGu_eJuPWGjspUwqCgLWOP3RrRvMshrWoUFsYdKYV-UtKRI7KtzeE3B1AwehhoiJaGsWPYEknyjp6x_oXqZtaIFBSspomio9xSwcHaz90i1FkCVpRZggbOk8rPVU1L0BDulHY8KxpqzCAeTvBg2zRJFNfZgBO0cu3_R0udGXCaBhVpdSzL-dbhsnn8Dc0Ewgm8DctUfORqwVDzEBsiMNLGa3vNwVgzJsiqAiVgCOrH6-v7qN2opVvzjv3VWHMGWEpUqOM5DvvwAgqGvlj-FT2yOGUcEB2ZoD055g4dti1iFPy3AiKYlyWNSuB9jiY0Z6KE-OfBr3kcNz9cVEGP7wOJigveQq-D_IoGdj-joMoGCyqIJohdliguvIbH2TojtY-itQLFTXBrr_q6fS2YXWlU_qjqtwucdIaUP3QprJPrgyyNy7I-6Ej8Ft_-4wsYEv_B005i2BLrltoQPWLM8GsbmawpErWPU9faWEwrLSAY5suiJku-OXtR2cDuewoSS_t8aFe8REmXJcSKqe5oZzUxLwe9ceRb1USB-Sbo6DjO6B9XEBwKm9Y-A6EyhzEMSXLIWHMOI1p1dezQMLHzFBw3dp8W-dS8Q3YnpJmMv7T6PQlJUK-77oa2pDTZBP9yHAtFZlALxX071xuJKYZuA33uBHQ5QjHUz9ryRrMiiQxcHM-mjDaCE9C3568QDD7vboUWAxxnopm6O14XA9QLphYXl_Zs0_2wDHenLirikSrHrCAuuDO2WHP4CxESkbiGnNGWLOgo5CSjVsmDQw1Kr7GJWAGqTZi119U6CGpHI7RB6cGzR52blVDzJzI_JztethTCQISlXwtkHrAU2fO638SeoBtjmbs6C-Hpp5BAfVNVcjOTgvcX9EtcWv_HpYxkQfUzahq9spksJQJn7tM4_udOOHgE6wuto0rX-95CRZZSsvkerzq1MxtkaHMuDMAU1md38upMjuwBiF-PEBkPI2W_kdgX7RbnvYRRo63lEa1Xj7MwW7fWp_wB1-TgMwCbNvYK4OI_YZ3QvGUYfQOi4quR-mLlWDcVK9WD4Ax2Kj6H7yu1_1E0XothbIWTzUdc2ikXJl4KyUVH3HycThOBAcDVhnVoj3Fyu554Zu8OzUzmfj0aJaTtpTU8mWF8_ZSAyEU3atDzMlylNZfzKDm_UyqRZoPfNqqkAPmRYy2fW2QfkkimPt3lcERPvRHIu10BMZinDbCI1ro65qiLefRXUgSu-b4QjA9Oj9t6kVLTv1RH9I561xRXv48CJa3AJXth52bqA8Lj9QKnrMxRTHvhibWrJ661cZ_imkfhI5-iJdFEGi3d89LSmpGn-RJ8u1GtaC5OU73bMuq_pfABWk6A3oOopVnnDOqzv63Pd6oZmASv-O0HfarPxCFWQywPvX5UrZw_QsXtijl7p4IVMEiD-uPhuw0_e6W4th1o4wSVFFR9ambXNqCsEPFq7LmfIBIR4LHQ4wn0iOT2saoMLlLrJDGOne4RE9y-t3NLsVB60toW4GVE9fUa4-7gL5VO067WzSq1k-PFCq2CJuFijYjIf8Lv6tIjwhOLVAEJbYuvnBSLMrzfXw7hvKUlTII6eHpwGFmBtnFgIud5NFxd-Mo0C_yMhQDSEbRa7xay__X_zVdX3c1jeQBBzIJ2oIzQutzxRWiOZPbSlMrghaZRLwElADiGl6m9l2tm6nnuJHreIPPrtXzuxGrBXGqZXXKyGR348lUto5DVoS5qeQgo7zVZs9cd4DQkr7X3cSBzpYrOvMGrixfOLbLWj6XzkXbuoVd4clSo0cPluqWHZ6ZKsuYbVZHUl184x5azjxN97UQTUdw-XnBC2EjDBfd4VCP1IzG5HKvJDadP-jrmEpdIdytye264QmWFcuh0FZn1SklLqc6Agp143T_BJzoPceEQyo9N1lKJgz1CmwGI-wAy3BUHwiuajly1z--ZYYMD7X7i_zEApENppTWKxIYXLNWZLwB7ureLJX3nNmnz0BOJlMQftEq7gRG0lVPfvx8_YGDim4Ibcp6Yf9TbFRDSPpelI3x499H2y4igUVIT4d79-2dqV7tkGgevssNkXAzznrGowaVYhb3Q3Q_V3qKYSL_OCVph2UFVOM3eN3qZUiIo9b1BfOFFdsv8jkDRaVrSVIzezqPekkI1m2Z5K-iBs1ZElZa60VtDOjsC0bFQ0YrATZWsWcYAgAxnO6VvGgPF9VEcqe3Bk5KSZwHP-ai1Ky4DdEBSssyD0kMIDPvpWkWce7MztfmqzNLMXzZybEDThd1awmilKAJI3kJCbCI-z34iFjJ-V6jdMMfY107YCB68-lRe1TGcgsloFM_GU1cp035CoH4JZAEPfKRtBN9qX6veig39w7X86SpUJaFL7GAOAF4G_y25lhIuBjS66cuVpFk_lU8hKwC8h0O14cacRR2j92uju5lr0GLUKXrmM2LLpFlLQn5vx59nyq8yreub0HsP4o0Eo-UHzWMfWxtTWuj1WnmT8DyyCnsixzDpsxHu-gzJE1ZFSY4def_OyetdJHLi_8sf9hyLZdSTzlrUwXJfFlkleadGETS95TMZNVG-Qe3cO_Qcfy8PIkckXn5tlj0Jl0qf0SRZGKoK5NH9x4OrzgUnAp2e8EVaMrS61yqpk5jAg2bW5V9lMMBBWw5_xNLd8xY3x6vFCZXdFkpvK0NFbshroulZmmlJKa5PjU-eRj8BiaCsl60_mZmgDRgcOELVitiDqPfuois5PT_v38rSZaQbe5oZHQ3RUUFni_tnKQ0DUuiSrQitqWeb0hcTl9FBhx4bXAHReZYo5ClYTcAVRpFZzjQTM6qexKPw9Yeh9btBgF09CSQcAMqUjI5QxbV0j9hobr-ZDKVlqOodYPX9iSbTWF3Rve7WiLqnNnXcy9cg9H1XcHbU8O8vrJ1oBQJrvLtFF_hsUPoToktOuGMkySu1XogKVSqpdZVUOxxCJtWeIMthYC5t6mXBTG2YMM7izWECXMkSmPDB8DuJQEZFHAP98GOwOB4jg5jXLRP-LIpYu4zkKCdpCZmvBfAfFAIFusDqI9ESqlZuvFjN626uUpu_W1QmucceHr8xB0raisYqeJ3m-PrDUq1vXyVFevPKylDrCTZrCSd1ZB-0EH3VE7esgm4Gd1g3GIQ0gtNzMdjQBm4hWpd4qvnw&cid=CAASEuRosEPWV2aCNx0sugiDGYopMQ&rfl=2%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec3602b0a6c7bf513449055d8e1237dbc1c312d1b2bb28ff3d2515b02a279699
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 09:36:35 GMT
x-content-type-options
nosniff
age
234701
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56057
x-xss-protection
0
last-modified
Tue, 22 Feb 2022 09:29:42 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 22 Feb 2023 09:36:35 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/ Frame 9B9C 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6h_3XWYD0sRME5rCuu381bZ9AFz53teXNo5saDY-RbZpsdzANlutRdDey39-0xdGbzuIC-eROaSsUpdQ5yb7w71mymg&cry=1&dbm_d=AKAmf-ABfEW4A6ZkzbnhosZ_V4JTAJLJiNUZ7VP6mj12GnfdUW6zhfNsWeffW1Qtb_HJzoB9XuJgzxJHLq2u4gm3vMM1McHp2Cf1MOUtH4bz12_yIv3SG_RNYjE6prprAnTXO-vKrbC72gzqtDNfkENaWO0fKGtlubFPMyQvuYpFygp-p6I86UNVRD-h_aT8HTUCSGu_eJuPWGjspUwqCgLWOP3RrRvMshrWoUFsYdKYV-UtKRI7KtzeE3B1AwehhoiJaGsWPYEknyjp6x_oXqZtaIFBSspomio9xSwcHaz90i1FkCVpRZggbOk8rPVU1L0BDulHY8KxpqzCAeTvBg2zRJFNfZgBO0cu3_R0udGXCaBhVpdSzL-dbhsnn8Dc0Ewgm8DctUfORqwVDzEBsiMNLGa3vNwVgzJsiqAiVgCOrH6-v7qN2opVvzjv3VWHMGWEpUqOM5DvvwAgqGvlj-FT2yOGUcEB2ZoD055g4dti1iFPy3AiKYlyWNSuB9jiY0Z6KE-OfBr3kcNz9cVEGP7wOJigveQq-D_IoGdj-joMoGCyqIJohdliguvIbH2TojtY-itQLFTXBrr_q6fS2YXWlU_qjqtwucdIaUP3QprJPrgyyNy7I-6Ej8Ft_-4wsYEv_B005i2BLrltoQPWLM8GsbmawpErWPU9faWEwrLSAY5suiJku-OXtR2cDuewoSS_t8aFe8REmXJcSKqe5oZzUxLwe9ceRb1USB-Sbo6DjO6B9XEBwKm9Y-A6EyhzEMSXLIWHMOI1p1dezQMLHzFBw3dp8W-dS8Q3YnpJmMv7T6PQlJUK-77oa2pDTZBP9yHAtFZlALxX071xuJKYZuA33uBHQ5QjHUz9ryRrMiiQxcHM-mjDaCE9C3568QDD7vboUWAxxnopm6O14XA9QLphYXl_Zs0_2wDHenLirikSrHrCAuuDO2WHP4CxESkbiGnNGWLOgo5CSjVsmDQw1Kr7GJWAGqTZi119U6CGpHI7RB6cGzR52blVDzJzI_JztethTCQISlXwtkHrAU2fO638SeoBtjmbs6C-Hpp5BAfVNVcjOTgvcX9EtcWv_HpYxkQfUzahq9spksJQJn7tM4_udOOHgE6wuto0rX-95CRZZSsvkerzq1MxtkaHMuDMAU1md38upMjuwBiF-PEBkPI2W_kdgX7RbnvYRRo63lEa1Xj7MwW7fWp_wB1-TgMwCbNvYK4OI_YZ3QvGUYfQOi4quR-mLlWDcVK9WD4Ax2Kj6H7yu1_1E0XothbIWTzUdc2ikXJl4KyUVH3HycThOBAcDVhnVoj3Fyu554Zu8OzUzmfj0aJaTtpTU8mWF8_ZSAyEU3atDzMlylNZfzKDm_UyqRZoPfNqqkAPmRYy2fW2QfkkimPt3lcERPvRHIu10BMZinDbCI1ro65qiLefRXUgSu-b4QjA9Oj9t6kVLTv1RH9I561xRXv48CJa3AJXth52bqA8Lj9QKnrMxRTHvhibWrJ661cZ_imkfhI5-iJdFEGi3d89LSmpGn-RJ8u1GtaC5OU73bMuq_pfABWk6A3oOopVnnDOqzv63Pd6oZmASv-O0HfarPxCFWQywPvX5UrZw_QsXtijl7p4IVMEiD-uPhuw0_e6W4th1o4wSVFFR9ambXNqCsEPFq7LmfIBIR4LHQ4wn0iOT2saoMLlLrJDGOne4RE9y-t3NLsVB60toW4GVE9fUa4-7gL5VO067WzSq1k-PFCq2CJuFijYjIf8Lv6tIjwhOLVAEJbYuvnBSLMrzfXw7hvKUlTII6eHpwGFmBtnFgIud5NFxd-Mo0C_yMhQDSEbRa7xay__X_zVdX3c1jeQBBzIJ2oIzQutzxRWiOZPbSlMrghaZRLwElADiGl6m9l2tm6nnuJHreIPPrtXzuxGrBXGqZXXKyGR348lUto5DVoS5qeQgo7zVZs9cd4DQkr7X3cSBzpYrOvMGrixfOLbLWj6XzkXbuoVd4clSo0cPluqWHZ6ZKsuYbVZHUl184x5azjxN97UQTUdw-XnBC2EjDBfd4VCP1IzG5HKvJDadP-jrmEpdIdytye264QmWFcuh0FZn1SklLqc6Agp143T_BJzoPceEQyo9N1lKJgz1CmwGI-wAy3BUHwiuajly1z--ZYYMD7X7i_zEApENppTWKxIYXLNWZLwB7ureLJX3nNmnz0BOJlMQftEq7gRG0lVPfvx8_YGDim4Ibcp6Yf9TbFRDSPpelI3x499H2y4igUVIT4d79-2dqV7tkGgevssNkXAzznrGowaVYhb3Q3Q_V3qKYSL_OCVph2UFVOM3eN3qZUiIo9b1BfOFFdsv8jkDRaVrSVIzezqPekkI1m2Z5K-iBs1ZElZa60VtDOjsC0bFQ0YrATZWsWcYAgAxnO6VvGgPF9VEcqe3Bk5KSZwHP-ai1Ky4DdEBSssyD0kMIDPvpWkWce7MztfmqzNLMXzZybEDThd1awmilKAJI3kJCbCI-z34iFjJ-V6jdMMfY107YCB68-lRe1TGcgsloFM_GU1cp035CoH4JZAEPfKRtBN9qX6veig39w7X86SpUJaFL7GAOAF4G_y25lhIuBjS66cuVpFk_lU8hKwC8h0O14cacRR2j92uju5lr0GLUKXrmM2LLpFlLQn5vx59nyq8yreub0HsP4o0Eo-UHzWMfWxtTWuj1WnmT8DyyCnsixzDpsxHu-gzJE1ZFSY4def_OyetdJHLi_8sf9hyLZdSTzlrUwXJfFlkleadGETS95TMZNVG-Qe3cO_Qcfy8PIkckXn5tlj0Jl0qf0SRZGKoK5NH9x4OrzgUnAp2e8EVaMrS61yqpk5jAg2bW5V9lMMBBWw5_xNLd8xY3x6vFCZXdFkpvK0NFbshroulZmmlJKa5PjU-eRj8BiaCsl60_mZmgDRgcOELVitiDqPfuois5PT_v38rSZaQbe5oZHQ3RUUFni_tnKQ0DUuiSrQitqWeb0hcTl9FBhx4bXAHReZYo5ClYTcAVRpFZzjQTM6qexKPw9Yeh9btBgF09CSQcAMqUjI5QxbV0j9hobr-ZDKVlqOodYPX9iSbTWF3Rve7WiLqnNnXcy9cg9H1XcHbU8O8vrJ1oBQJrvLtFF_hsUPoToktOuGMkySu1XogKVSqpdZVUOxxCJtWeIMthYC5t6mXBTG2YMM7izWECXMkSmPDB8DuJQEZFHAP98GOwOB4jg5jXLRP-LIpYu4zkKCdpCZmvBfAfFAIFusDqI9ESqlZuvFjN626uUpu_W1QmucceHr8xB0raisYqeJ3m-PrDUq1vXyVFevPKylDrCTZrCSd1ZB-0EH3VE7esgm4Gd1g3GIQ0gtNzMdjQBm4hWpd4qvnw&cid=CAASEuRosEPWV2aCNx0sugiDGYopMQ&rfl=2%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:21:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1599
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 11 Mar 2022 02:21:37 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9B9C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6h_3XWYD0sRME5rCuu381bZ9AFz53teXNo5saDY-RbZpsdzANlutRdDey39-0xdGbzuIC-eROaSsUpdQ5yb7w71mymg&cry=1&dbm_d=AKAmf-ABfEW4A6ZkzbnhosZ_V4JTAJLJiNUZ7VP6mj12GnfdUW6zhfNsWeffW1Qtb_HJzoB9XuJgzxJHLq2u4gm3vMM1McHp2Cf1MOUtH4bz12_yIv3SG_RNYjE6prprAnTXO-vKrbC72gzqtDNfkENaWO0fKGtlubFPMyQvuYpFygp-p6I86UNVRD-h_aT8HTUCSGu_eJuPWGjspUwqCgLWOP3RrRvMshrWoUFsYdKYV-UtKRI7KtzeE3B1AwehhoiJaGsWPYEknyjp6x_oXqZtaIFBSspomio9xSwcHaz90i1FkCVpRZggbOk8rPVU1L0BDulHY8KxpqzCAeTvBg2zRJFNfZgBO0cu3_R0udGXCaBhVpdSzL-dbhsnn8Dc0Ewgm8DctUfORqwVDzEBsiMNLGa3vNwVgzJsiqAiVgCOrH6-v7qN2opVvzjv3VWHMGWEpUqOM5DvvwAgqGvlj-FT2yOGUcEB2ZoD055g4dti1iFPy3AiKYlyWNSuB9jiY0Z6KE-OfBr3kcNz9cVEGP7wOJigveQq-D_IoGdj-joMoGCyqIJohdliguvIbH2TojtY-itQLFTXBrr_q6fS2YXWlU_qjqtwucdIaUP3QprJPrgyyNy7I-6Ej8Ft_-4wsYEv_B005i2BLrltoQPWLM8GsbmawpErWPU9faWEwrLSAY5suiJku-OXtR2cDuewoSS_t8aFe8REmXJcSKqe5oZzUxLwe9ceRb1USB-Sbo6DjO6B9XEBwKm9Y-A6EyhzEMSXLIWHMOI1p1dezQMLHzFBw3dp8W-dS8Q3YnpJmMv7T6PQlJUK-77oa2pDTZBP9yHAtFZlALxX071xuJKYZuA33uBHQ5QjHUz9ryRrMiiQxcHM-mjDaCE9C3568QDD7vboUWAxxnopm6O14XA9QLphYXl_Zs0_2wDHenLirikSrHrCAuuDO2WHP4CxESkbiGnNGWLOgo5CSjVsmDQw1Kr7GJWAGqTZi119U6CGpHI7RB6cGzR52blVDzJzI_JztethTCQISlXwtkHrAU2fO638SeoBtjmbs6C-Hpp5BAfVNVcjOTgvcX9EtcWv_HpYxkQfUzahq9spksJQJn7tM4_udOOHgE6wuto0rX-95CRZZSsvkerzq1MxtkaHMuDMAU1md38upMjuwBiF-PEBkPI2W_kdgX7RbnvYRRo63lEa1Xj7MwW7fWp_wB1-TgMwCbNvYK4OI_YZ3QvGUYfQOi4quR-mLlWDcVK9WD4Ax2Kj6H7yu1_1E0XothbIWTzUdc2ikXJl4KyUVH3HycThOBAcDVhnVoj3Fyu554Zu8OzUzmfj0aJaTtpTU8mWF8_ZSAyEU3atDzMlylNZfzKDm_UyqRZoPfNqqkAPmRYy2fW2QfkkimPt3lcERPvRHIu10BMZinDbCI1ro65qiLefRXUgSu-b4QjA9Oj9t6kVLTv1RH9I561xRXv48CJa3AJXth52bqA8Lj9QKnrMxRTHvhibWrJ661cZ_imkfhI5-iJdFEGi3d89LSmpGn-RJ8u1GtaC5OU73bMuq_pfABWk6A3oOopVnnDOqzv63Pd6oZmASv-O0HfarPxCFWQywPvX5UrZw_QsXtijl7p4IVMEiD-uPhuw0_e6W4th1o4wSVFFR9ambXNqCsEPFq7LmfIBIR4LHQ4wn0iOT2saoMLlLrJDGOne4RE9y-t3NLsVB60toW4GVE9fUa4-7gL5VO067WzSq1k-PFCq2CJuFijYjIf8Lv6tIjwhOLVAEJbYuvnBSLMrzfXw7hvKUlTII6eHpwGFmBtnFgIud5NFxd-Mo0C_yMhQDSEbRa7xay__X_zVdX3c1jeQBBzIJ2oIzQutzxRWiOZPbSlMrghaZRLwElADiGl6m9l2tm6nnuJHreIPPrtXzuxGrBXGqZXXKyGR348lUto5DVoS5qeQgo7zVZs9cd4DQkr7X3cSBzpYrOvMGrixfOLbLWj6XzkXbuoVd4clSo0cPluqWHZ6ZKsuYbVZHUl184x5azjxN97UQTUdw-XnBC2EjDBfd4VCP1IzG5HKvJDadP-jrmEpdIdytye264QmWFcuh0FZn1SklLqc6Agp143T_BJzoPceEQyo9N1lKJgz1CmwGI-wAy3BUHwiuajly1z--ZYYMD7X7i_zEApENppTWKxIYXLNWZLwB7ureLJX3nNmnz0BOJlMQftEq7gRG0lVPfvx8_YGDim4Ibcp6Yf9TbFRDSPpelI3x499H2y4igUVIT4d79-2dqV7tkGgevssNkXAzznrGowaVYhb3Q3Q_V3qKYSL_OCVph2UFVOM3eN3qZUiIo9b1BfOFFdsv8jkDRaVrSVIzezqPekkI1m2Z5K-iBs1ZElZa60VtDOjsC0bFQ0YrATZWsWcYAgAxnO6VvGgPF9VEcqe3Bk5KSZwHP-ai1Ky4DdEBSssyD0kMIDPvpWkWce7MztfmqzNLMXzZybEDThd1awmilKAJI3kJCbCI-z34iFjJ-V6jdMMfY107YCB68-lRe1TGcgsloFM_GU1cp035CoH4JZAEPfKRtBN9qX6veig39w7X86SpUJaFL7GAOAF4G_y25lhIuBjS66cuVpFk_lU8hKwC8h0O14cacRR2j92uju5lr0GLUKXrmM2LLpFlLQn5vx59nyq8yreub0HsP4o0Eo-UHzWMfWxtTWuj1WnmT8DyyCnsixzDpsxHu-gzJE1ZFSY4def_OyetdJHLi_8sf9hyLZdSTzlrUwXJfFlkleadGETS95TMZNVG-Qe3cO_Qcfy8PIkckXn5tlj0Jl0qf0SRZGKoK5NH9x4OrzgUnAp2e8EVaMrS61yqpk5jAg2bW5V9lMMBBWw5_xNLd8xY3x6vFCZXdFkpvK0NFbshroulZmmlJKa5PjU-eRj8BiaCsl60_mZmgDRgcOELVitiDqPfuois5PT_v38rSZaQbe5oZHQ3RUUFni_tnKQ0DUuiSrQitqWeb0hcTl9FBhx4bXAHReZYo5ClYTcAVRpFZzjQTM6qexKPw9Yeh9btBgF09CSQcAMqUjI5QxbV0j9hobr-ZDKVlqOodYPX9iSbTWF3Rve7WiLqnNnXcy9cg9H1XcHbU8O8vrJ1oBQJrvLtFF_hsUPoToktOuGMkySu1XogKVSqpdZVUOxxCJtWeIMthYC5t6mXBTG2YMM7izWECXMkSmPDB8DuJQEZFHAP98GOwOB4jg5jXLRP-LIpYu4zkKCdpCZmvBfAfFAIFusDqI9ESqlZuvFjN626uUpu_W1QmucceHr8xB0raisYqeJ3m-PrDUq1vXyVFevPKylDrCTZrCSd1ZB-0EH3VE7esgm4Gd1g3GIQ0gtNzMdjQBm4hWpd4qvnw&cid=CAASEuRosEPWV2aCNx0sugiDGYopMQ&rfl=2%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 16:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38075
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Feb 2023 16:13:41 GMT
pixel;r=1730843637;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=1;fpa=P0-1600553470-1645757296163;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;ref=;d=hawt...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1730843637;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=1;fpa=P0-1600553470-1645757296163;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;ref=;d=hawtcelebs.com;je=0;sr=1600x1200x24;dst=0;et=1645757296163;tzo=0;ogl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel;r=255654255;labels=edge.1%2Csid.14863;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=0;fpa=P0-1600553470-1645757296163;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-202202011833...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=255654255;labels=edge.1%2Csid.14863;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=0;fpa=P0-1600553470-1645757296163;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;ref=;d=hawtcelebs.com;je=0;sr=1600x1200x24;dst=0;et=1645757296165;tzo=0;ogl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C4F6 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvsrj1cY7NMyEQAhso_2HIrEfC048HyiCUkUgB2hAUyfQkBbxxTrN9roz6R3L5SByIaLi70qCqnD_PMVCsjnaNPUv9XfnxHaOzf3qDQtH7l0-JIJUplyF9pphWXmru69D7S-0Yz4vBZk-J6eZSrDvaouiuAiUvZqowjbWFtbTCiMO_fVwRa4yNFY8kb1VCf9UTgVW0T7na-O9dT4ULhybpRdu3wWoaDiUZBg_wCi6-deuL3zcfqG4-Yr0ruCCzd_GDWi0u5wUNJ8M9XMXaNX-PxNscwMEvH0l6die1EK4kvIpUPX01hreU0asvUH9hCJabPjWuwXrfY9xfoYXtGfEkxAHjG7gkHdRcY2TgM3r-dA00Eza2j5HnRSqcW4ONx5IYF1AMwdfc2F3j7Yu4PhYUfaxuCii4X3dE606bHcT9oV5HsUX9jS2cc05Svz0vgALVQJnDAkwJWgHfHoRBgIj75TKmDptOMKnCu-ReojbC_AJFveMwEaxf5yE5CFmccu_BW1tpO2qnpyt27C3cwnrP6Dau4CHaaXdcZbMNuU7yRDdhiDWzYZptq1-wsgenHmsoEHnFE9tQLJ6Lkp8RC-zPw1Q3wtaNSRuKgT9nbMTQg2DJw6Or5VWg5RoaSkrIWaXKyJC3NaBOU233JqKQ0ba8xCfYe0wN5oPxYrBhlxAjVM_9OV_br0GVdbpYCeFlycVLEsTZA6ybnuYubyFt2hZtTroFO2TmoWLxl9_5na6vEAoFfYqWAckITsnqTAIOmfd3snm-EfZajyUJskpoj-NP3E8euzf0cxWKx_7ogjxZ75RzpTW7JYYzjxCVAKpHuVA3mv3NFRB_AIP5egoJevnMcSqYxb_nR65H8nB_JDN3i_2MdJ3mwgIeE8Zc0IsOWV5x0JQ3lDEIHRMx0mFY9b4Pcxk-iYXkLnePbO-yD7IDpn6sjrVjrsiiwNN4rceBqgBl8NadgQMDp-NCUqs3HKee_ojUXdkZICISIadd49soPnDZfxSw26tOz3GqKkdLcSfM_BQP9LDv8qixovzTEFctvQE0ZkPX_z7EqxGloOH0GOGAlafAMuWnfBX53nB8mjJ1P8nSqQrY6CqNDOSO5lxF-u5qCIJFOr4LMDM3KpdLJIGOH9aIPGDD38vTpZfNcG8E-mDeOE4fpVUyVGjdoNrQTn44j8jmH9Ksu9qbKyzlft4FZBOXN2hiLr7QPfsQ7iDiwW1EJSD_-VxPdtUHw&sai=AMfl-YRQxaCJOvpyp0Srf86Cq3vMxNDrJA5y26VTpDp1aiPupM6hM4hBbxSP3acdHTu1uplmdy954rBE3cHmwZE00vQ6P1F0SU-OUBzzw-EboAJslyzUd4Qzfp1PobbfmTPUbDp_D85rcbsbodsd-o4lEwGHBUYK1vykv0_gBZ0&sig=Cg0ArKJSzBjHGtb6uhV0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=18&cbvp=1&cstd=0&cisv=r20220223.74402&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bj7Mw9s-v6RrpcvNLLi31d7o-69gTKDnBTEu9NFRBSHVxhG13d0cd7pr5rVFQdbeGYG-krOPCh9SnZZJLuMT4Zf-aHI_UKrgtgsWU3Vh-oj7Iwt1MQLiM0Ls7qseUX73wt4IRvTTf5YZnV9Ow67S-aRpUA8w&dbm_d=AKAmf-CIvcMbMcENq8H2cAaRk8pqdoaURYPDAXZeClT1ahsGHuBPlJ406GFUleStE1irEzMNGCuqFS63ADsHrcWNZ0fr08E2nS3pAEZd84SzAONjtAUU8WLs9l1QU6Zfnzh__tp0v0Gkgjd90MD7IisNqL-S0quaRo0sZtV28kBAQInXuStIwSJzF88L8mua0Td3NK_1sb9iybL8elfNK8cgmnLpxbhmKG_LTVv40tjKKzFj5NKVr6o3CqyK3qJwLn_AMmdRQCSKrWIB3pMOnVpd3kiXTWaNPOcIMyGBvrFg5ta7RO3IZuycY2KX_UVFafJrs56496CjVb36dYoOc64wvQ395tFUJKQ8IfCwhsTv25Y-c8euokGbzwOcyPJNWMDBiVYqUzDRepU7Pr4ShJV2v0G2gX0L2qNtoRzCjh2BrvPRZI4c-baARwaH9FBDco8zI54qbhXxg_deeZwlzl18RIUHZ5pfJGaUuTGlEZmuWP9h0SO03ViobrR1OkncehQCPoZvsKXp3FVoF3WyXTBa6_442Mnqb_M3iZu79LaoGOChNIMevvmynE08LpIqYLle97e3YFBG3tgqDlaomSPvdOpA7ov1L-UiP8kEAo8eIp06mkVoI2P53QO1LeIH0iXMB0BXRBOM-owMbTAjfuTVPq7ldRcPYtqK616QwcymCvmDI2U63wR7gdafGz7MOzgGA0x28OjMfKkjgluRIfRc2p7SgCRF3oCm4SzsZ2JIDfJHFEKHh4HPm1r0d9oH946XFwhKQ_eipiv9fp_pc6h8RYhq-7MF84dWPYcz7sbOnjqPxv-4LiOnOcYCLpJ2MhjqfChotwZxyNgZcNiUtxQQzT1aSKOtnrfAIPjfLEmJjf2ZXsXbcARBwf37O7mm6p4ZQoUPt4RXXN0KwRrKDM36D1RIs6mVdmcPOuGh2_Tag5haBwKf86Prgoi7HDHMrSZaNfwzjfJhQe6BAcx7SyMui8881iKwNc9V42859L68NmlTDIeLHB831OKM3WfKPqUtX4ovAiVEn9sD3mUYuCnsA4pYjbANXgqsQbub00MSGdYbIzNSDx8Q7Vzu4C2WKxEBhTxm93djN1DqXxxEzexYD7qmisItcXV8rF8Hw2FCt7kiZZin0irXgg4LbyJyolMzkuWPI2KkBRhlM7eeILBF00NkVaNC-U83X6vreQZ5SzOuvRSb4v9JVXR-mVjAPykSyAgvcWUwy1ZV6QEouWlVqAFsyqn1kMaVTr8bHInTvwfvTD_1xhw7bZWBd4ovYc66CDYi0NiQpMtvX4dK2EW3dfU4IKvL_9lvAA-_ABDiOKoc3voxWJ0sN9MvPtKf6VzDfvtIZfD9pt7sAChFnchyUEXYwmzxlM3jflAoyhFTyrO03N8e9F25joD0WWlYUZJB5BpbJwQrM3vuNvvzaL9nY36_NkKIlZyQpFrVVMsaRVScaWUL8VtW1fxPFK2naHLopWDXDO0_kTMXsQqlfJ6OyqdIOESFlCR8CJnGvmw99_dliMTooTY2gwWrrAGEuLyooGyhDlyhcbM80OKFOpaCYiMLLm5lNL8Q4PjbjKT0zIXkMFWES7kWEf3mLd8XX1qyTAUUlWXnX6cx4YMVI8o7yCyN3CouwolNv3_0wNsnp7FJQTTXJuGszEF1laaAXvAi8vEOHBDOy2ykhPiWpRN-AxqGZO_PHjX087YCLI0BRpN6SeeHId1wdHL4dOkN6RXs1ba5_KTtHOOUU4VwQYAJw8pSHsZ7qHXwW8Mu77K3z6a5p1N7V0AdU6c5Ilxv6J_KvlRuyG3DuCbef7jpfhDe2-KFTt6ZTsBJBy_MhcXW29Ok1HGU7YkmLJLMDdAqSi04B846uxfTCjx9olhcuqJnlp9hStkBCbo1M6C9ovi_WABGpTdAwKqDumvcuLF_6HhVYHTJRnAeKwlWpzfM9ZPHYRiSQoN0ReTXcbByFg3_PRiNjmfxq9M9dCKb3vPNhRSU84brBx7kb7Hnad04d1b4-CSnkGQliN6kvw7HVgYaDCMdX_syyxt4Ntt36b61f8uskViEXC3xFxLFbXi8S6zlVqQ8sNxrrHZjwA13bzqXpYMggh5CtMmToMZpSg07x0ir7WD2uqHjyAfolyrwhC_4LXKDD2bCsjP3lXJrUsaClRGqadl9kTLeSXIWQ2sMo44U9uR2uqSMbT42EgQ6JRa92XlMN0T1gHCT2YVv1ErrkexpWrc4YxiBKKpzj0DGdowqGPk5UCl7t5BAU7nt5WZBwNkkO16K6JLyMYe419EcYJJdd6hAowcF1I0QFvc5QKoteMPW7bUlWG3VQb3vOl49kmEDNfEkU_VWJE4f0IvN7WPX8aS7cPqBd2YAAc3jhTRqpRn6GEo911moNOJHR4WdjZCuzJ8W0xAAJUGZJJj-Xrg1R4BBGoQKaNy36B7u-fxNNyNDBx2tHZ5ubb1c8PCOob8zm3PPWbDa2Y7277HY2FJ_nT9Wb5ekFRNC5y_NfwF9YeYo3LdNxEcmuEbt0_JPqEoeRpA5nGD9zvTCJcCQt6kI9Kzy_YsCirFaTHIt3qcV8FLFLmdqvPDBfUb3LkOV-P8eh3EbXr5NB40T8Ujl6oA8KhEoxR-6j4my0UkDghIbmO5kKDQciVpd1bKLMDbv49YVj8vxnKCrhJ8JJR7XnVTn4tnEe8cKm7IZH7z6svyuqV_Ausxpk5b7LvLsFv1GkoFaw7Y5JsqnSe_oSafO8_SHwlTlURUVBglMRtDYAhWixSmlBN22aVizlpIwULeo4mekr6r1m8r05ppjiFqd-BXozJeflP56yGv62xyFmB0Yy3WSBkwnVvSYZlCSXuqGKnKAFr3Jc_7_u43MZAYryAWdMROLg_GkQ8NGhNRmUT2G8-1i3o_UzgPIvcb21CxW1pD5UhCloaL5Nr7wXGGAE9OPAv0LiA08PCCrtlJ_8Cy17eIqw9RLeGJybVlQBT5UsvYOrWh5IuxtqRMWz8D7H_tpzXrJqEtqaw_d1l54js6fMppKeCZySvbJQ_xb6rubj5MahnKN98TjVeI3sd-ZREv6riZQApiZXQ1wLOpL7vci41rMg1-f3k_CDipPgPGHLdoCF8koGm5L5dPq8UNIuGo8VPpAKbN-f1aW8QFbnr-Xt_S8_1CSvXoIQprWa1KTMCX9wYIR-_K6I1Fc7hBCCARLple8aYE56F6qqRajVcfRXYXzh_OFd6wHc6x9vpygmwoyKvMLL_8aeWn_lR5NpndvIRq6Sq2MZu_zCtyZ5R-JZVprjvaV_rgbVyyH-REEwyAfaG2KRw&cid=CAASFeRoa4pYmBZ46IOXJmLtNfiB-Nu1AQ&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 25 Feb 2022 02:48:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
m
secure-gg.imrworldwide.com/cgi-bin/ Frame C4F6 		44 B
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gg.imrworldwide.com/cgi-bin/m?ca=nlsn314139&cr=166861144&ce=N911828.4015942ESOMEDV360&pc=328923687&ci=nlsnci1671&am=1&at=view&rt=banner&st=image&cy=0&gdpr=&gdpr_consent=&r=869600136%22style=%22display:none%22/&C78=G1,DCM&uoo=0
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.115.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-115-176.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gg.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D23C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 22 Feb 2022 08:13:54 GMT
expires
Wed, 22 Feb 2023 08:13:54 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
239662
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/sadbundle/6322940812012159067/ Frame 3CB3 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6322940812012159067/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e2e286ea34fc95498453634590b36fe9f7771ee59930d4c6da4b9ecc8fb27e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
2414
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
date
Sun, 20 Feb 2022 08:17:05 GMT
expires
Mon, 20 Feb 2023 08:17:05 GMT
cache-control
public, max-age=31536000
last-modified
Thu, 17 Feb 2022 10:41:36 GMT
content-type
text/html
age
412271
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 8E3E 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst_NPTBlefNUSUU6cUjfmUaarPX8xDBt0fFsLbQBDGnKZqlpOoVrHAonZFfqh8Ks7FsjOqYyOG5xhk8TzbXdZiSpUGnNhw2CveAZ8k3n1BHZwOZL_D802l2N_CQN0A2txnb7gnYBGP99UGJMPSnr7JsAk27Go-xhT_pz0RHso330wVE2UWBRXHYsbu8R5bMdfu8zh4Yyfl2X1hMtw0AH2fJgbAjLm3tdTohkztt0lFOonfewJRRJoEi5g5NV_NpmVMuODerstAfL1mrQc9R341AxKgGWZwwuHRRaIDnZFfScNjIoDYu2tmXE95Ipf3hwogiwhW6YrQJoeILTrTvEZTanES-koLnUIGYP7BYpLQd_Hy8gUOaefC7iSX-dv2FhMGdxKkjBZpNn0Xsu7IfNv-Yy4DFVXth5zTBBe9G8KFS3Jw5RNNRUWuJxr0IHnzU7aAJpc3TO8NC5ipOtGcW6SkfMrQuEVdFUlpFfNmrno0EWzlls_N_z9pfkKqPApjNpedrq4vlGwLRqsS4yFSlA6Zz8X8Nv25Vc59PmdLUBvBklX9D8gZrXTZDhANu5DA6KDJ3Ljiw7HX3kWzOQTcMN_q8xJ4JYX9NyrMWDlDaHdvDLogwlWwJ8oafG3FfBVjlY340ieqoOBIr3RimE_6HqVqVRkfXYo1i8I8O7UL2rXDiVk6giJ9MnAYqfGQWIWUgGKvKePD4ANpm1qaVVZTSNR9n1Bcb5c4rGgnQJ7BoNgYcE2remt2VvthJxE3ZhnixVtQtexDzcUtFBRFnprrIZZcMnNjY4YEWbVYXm40aEF204ZOGtqsu4lmgkf5yIw9OcqRh6Hs9R98l-L6P2SPjeC-seenZqrQNkBYkrT-oUDAcIGnwyhqnUu2x9wKiAPULKSs3hwWlSXR2en1l9r3qNKre31Ayk5_KM2ALk2-uu5yCM7lY6BqVGHvz0JVY7DHFhq3KCwdvgn6s3LA8EN52E_IM4AMLJallSQOknirkYqv_Vv9Ax8f5W5Ja3WLUCwQ8dbYS-aGz3OGLI6Tzuzd2wML7NJZInqBvj9-ILXWYGHDyO61cprJSlHGTDZCLhWCthCpiwT-Jq33aPUd_pforPZPwW6obnyifYZCgcZEK-BIswz-3zQHcopBDbX7i9iYL1JljMBExoFkMboTU0n-Hg-bEiNkV6ZVzgSdmODWSUT8xtJrsX1tAVbrl05TWvnf6MVHgBDjpjWDUpwlshAUGUoYXFWlgFKJZ7YPQ&sai=AMfl-YQAK_o0cUK8BHvO5cntZ83vHXKwoUMDhDZdO235lC7wj4tajOvS5W5307OQl43-VuRZxV-eM7yDA0sw3rOaFc0v-xIJyYwbLrpJCfhG2ooQIaM9nk1EpsskCqzm9J_IeXEEiwCmfKEObNoow3OTPa1Wb60g_uBO7h5PBNk&sig=Cg0ArKJSzMVpSmLkU6GeEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=221&cbvp=1&cstd=219&cisv=r20220223.75406&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 25 Feb 2022 02:48:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sd
us-u.openx.net/w/1.0/ Frame FA09
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOLqr71RKg_vdnygS1cotfM&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOLqr71RKg_vdnygS1cotfM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDtqwEQio_TsQIYwIqowgEwAQ&v=APEucNV5qr1d7z2x7VPIgFv_J4KQ5vs7APluIMWzcpU5Z3BTvgrBqM2MMffdA-K96cz2YT7fTOolFMC1E9Yyh-CvHEKpfMvm-Sb-lzkUkGOj9NH6-Qr8R37PNynuZYrB3z1SGhAdVnFgZZzm5hmCDPAotJR9pWUdX_ToOAalZYRy-ynDA1wtbSa8GwGndagFAKa_iBthx9N8CtZDrxP4lCNMjZl0bDGt8Q
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
via
1.1 google
server
OXGW/17.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOLqr71RKg_vdnygS1cotfM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame FA09 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDtqwEQio_TsQIYwIqowgEwAQ&v=APEucNV5qr1d7z2x7VPIgFv_J4KQ5vs7APluIMWzcpU5Z3BTvgrBqM2MMffdA-K96cz2YT7fTOolFMC1E9Yyh-CvHEKpfMvm-Sb-lzkUkGOj9NH6-Qr8R37PNynuZYrB3z1SGhAdVnFgZZzm5hmCDPAotJR9pWUdX_ToOAalZYRy-ynDA1wtbSa8GwGndagFAKa_iBthx9N8CtZDrxP4lCNMjZl0bDGt8Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame FA09
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEE2AvvnerkJYjXRaOIq6hZI&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEE2AvvnerkJYjXRaOIq6hZI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDtqwEQio_TsQIYwIqowgEwAQ&v=APEucNV5qr1d7z2x7VPIgFv_J4KQ5vs7APluIMWzcpU5Z3BTvgrBqM2MMffdA-K96cz2YT7fTOolFMC1E9Yyh-CvHEKpfMvm-Sb-lzkUkGOj9NH6-Qr8R37PNynuZYrB3z1SGhAdVnFgZZzm5hmCDPAotJR9pWUdX_ToOAalZYRy-ynDA1wtbSa8GwGndagFAKa_iBthx9N8CtZDrxP4lCNMjZl0bDGt8Q
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 25 Feb 2022 02:48:16 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEE2AvvnerkJYjXRaOIq6hZI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame FA09 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDtqwEQio_TsQIYwIqowgEwAQ&v=APEucNV5qr1d7z2x7VPIgFv_J4KQ5vs7APluIMWzcpU5Z3BTvgrBqM2MMffdA-K96cz2YT7fTOolFMC1E9Yyh-CvHEKpfMvm-Sb-lzkUkGOj9NH6-Qr8R37PNynuZYrB3z1SGhAdVnFgZZzm5hmCDPAotJR9pWUdX_ToOAalZYRy-ynDA1wtbSa8GwGndagFAKa_iBthx9N8CtZDrxP4lCNMjZl0bDGt8Q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 25 Feb 2022 02:48:16 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame DC5F 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 14:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
132299
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Feb 2023 14:03:17 GMT
css
fonts.googleapis.com/ Frame DC5F 		2 KB
448 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cardo:400,700&lang=nl
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
99102e527161666787f96e02feaaf9416de6b06d3fcea9635c500ef4662d238b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Feb 2022 02:48:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 25 Feb 2022 02:48:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Feb 2022 02:48:16 GMT
15509668166230846236
tpc.googlesyndication.com/simgad/ Frame DC5F 		936 KB
936 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15509668166230846236?
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb8ae618006941b6b9f90f644b3fffa993586c2ceb817a5fab715a0a7b543c47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 14:01:57 GMT
x-content-type-options
nosniff
age
45979
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
958606
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 13:33:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 24 Feb 2023 14:01:57 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DC5F 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38829
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1645619776399499"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 25 Feb 2022 02:48:16 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E4DD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 22 Feb 2022 08:13:54 GMT
expires
Wed, 22 Feb 2023 08:13:54 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
239662
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/sadbundle/1338021503599923470/ Frame 27EB 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1338021503599923470/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75376d8f59370f5b6c6f1c70e79f33b3d7058dfd6d4ae06709ab26c7bf82bebf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
content-length
2415
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
date
Sun, 20 Feb 2022 08:16:42 GMT
expires
Mon, 20 Feb 2023 08:16:42 GMT
cache-control
public, max-age=31536000
last-modified
Thu, 17 Feb 2022 16:24:41 GMT
content-type
text/html
age
412294
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 8600 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssoMrNrnCGlm8RkNKbP59P3gNSTtzMphpC8rZQKTC3RKbqYwb0wW1y3BoTLFz9xTuqhOz19BX8KrstVr1tDUsvnxRGCWwl02fo8yfrFWo0oWxG2qLroig88RqK45j4am2iijuYMgVwR-DEAgJd06pDIeD7_DJ79uhVbg3z4dyQ8XJ5f8FYMi_niJv-5lUEuZiQKAHpwhJ_aeljqvp0zCnU5bGD7vrDI6wX_GyKG8eGy3bts347sqv_Xldfz4c_1BaEDFuUr9HCmDS8EB-lP6r7Sk4z2EqX9GposrfA_lbwO8ZUD1ZWpFoZ2KgIjRr6a1eTlD0peNAnDAU3uCdn-Ll_piKetkzdGxRofJwkGGtRyzveEkORva038QslxrSEL-1fgU78pyg-_mycGszwQilJ4WM03w0IszKHtb2aBFwnUlePj2M6vG1j-hRolwhukEOEQG0Juhph3tF__GZNO4mpKhKg545pgG8pJZVxBQGoj2JrPWg8TDXih1mNznwGNEp5UKFsXaO4f023lZbuXtEa2X50AxvQ2cTPJdXeKMo0Zn0jQsaob-mBrYoTF0hXkAruRr7Zh_wIrDnkTUCB0pZN2h4cUz07Mbl9p4jBi5gOsNgSsZwrnvPnHPdUGdsrFA9mzxlZd6Fm8mbDVniuih3vy46IjI6LjOyHjcEMciCwwmp9d0FYFNAbfbpERddk08176AL9MORgeTxQ5ZgpL6D6jpjuwIro0VzCb_vgbFNMH3LljxWQLnXgOg5CrILkjbOl0QiqnKfN9f12twzqCn51HFSQ_IrZphFTONBxiLFVdm6pYk5Uy-MkpUNMKYJXC1egrqSeRzezDQGEkmk_KxN-mgdri74yqGEemZMTnuDu1AYn4y98hkU5KE5PMq2fbTtTYuUF6XQlQchN3CMbbdiy2MqVjoWMgpbq0YQCZzFkU0EcL8cZY5Yod7TTimdeK1_ZfEB1IkinKLQ9HNFAsXuWkqVMVkDCYd0ZE6KKwCxM36d5qNfPfKc4G-VqJVZskF6s3e3vjD_QGIIpm3BaAw7PQu0i-wp4nJO4a5gfwvkWxHmUCBo2Bk_5fMifGov2QIpJyFsSq5DqTODEESN2M3-Gh5zJ6vmCaXkcKRFd8lJ50QWu6OW0yXbrmlMs7TzVad9ZiLPdrmaMbGpq9JNF8LgALQHnbW6Plq4bVMzntNzJR-igUUU6s4Uyuj_3dhQAt5ktiTGRcEDclWiC6MuXbzetbV2S3lJK1HoDnRJWYsoA_vQdNaZb9E7i14w&sai=AMfl-YS6lNLilILcVbSJI4V_mCJdEw_TA6O08fM9ZoC8Niry3pIrSwXNH7NdELO-VaQQqHn8FEtDjw6FLS9rmhxjEMmMeYIBzEQvPdaQRzcIpaOHp61RLaOLEbBq7f41MgXM91BforPnkbw9lDyLwQquslkME4-zN8D-Ot3fLqo&sig=Cg0ArKJSzF_67uExEhtCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=222&cbvp=1&cstd=221&cisv=r20220223.30955&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 25 Feb 2022 02:48:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame D7D0 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2fd5454e78881c6473682a91be312322de22a2fb8e629e8ddb3157d0794456e

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 310F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhhDbwAKoG0Hg4bWAAfQCskRsyKG2fQvDftJeg&u=%7C9ELlD9KQb%2Fz0eg9Hwf4869hjPjpA4WHDFzG9Rq1eGnk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOkMar8-yfGc15w0edYqkXr7_ByuHu9tWhBBk4MbA_WwhwoTHvNBiNJmilko35kcnWz7L_GRrqkP-ad9cUcqpR80XxHnd2lxr6mtsnUFif5z6eaQagz6UmFprJdRWmxm832zpl6CnoummdmAGoIIlzzYd9xMuKFYE5oon1mmSgCqkDGpdHcW0NW97tqReK2gtkeOU1vzxruQ-CdEG4HeaUg3P-iFt96p8NBY-TMmFKuwza_yU4uHMxTxjTEQGiTzZh9EuutVNQ9U2DUHMtw8iJjcbao23mHggOpoA-zdIhkLSqrhhJpQy882iXQ4Oug_PEhCOy9DCsLnWgnYRIAjiqbV-IKaIitPaYSzu2fG3lWA2F34A5H1AObtUVewy9so0wT4X2_kvg5D6gxXkvs6IIU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbBT7b0MYYu3AKtaNjuwPiqCf0AzJntKxXIX-l_dwwI23ARABIABgleqOgpwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTSgAdW20uoDyAEJqQIavs0D58ayPuACAKgDAaoEowJP0CvX8tDN7VGQ0CB3X0XkWiYTLo6f4p_nJZRuNlRyTqROa0BbsjHnScie0QGcbEm2nCIjVN5mjn3QwfSZQVq070l_ZrUlgsrUjyOqmrBOpeqNkrS2hzMG6XSxvyTHf-vDiuihcZqJndxrkgJo2lW7djrY8BnEpQlkOTB4eMSOcGyytYS0stAX-TxvaR4PIbSwENpgbCqfe-9_Kii8bm2Y4ixYijS4648GjcrOc-7czCX7BMMTSKxG7iSgWQiMAnebT1nAA5sM-UPney28U__QIagBr48mbPttg5QJS7TCcwMN845GTPfZeYXd1-nhVVEf83nKcGMzoRIewg5_KOjc1A1phvcraPEo_i3TpkUvTh_sst-tf5bICZk3NYGHSdVqkangBAGABpyDt46vq_-3mgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_224EEJ4_nIIq_BbqrBXkX6my1gPQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:16 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Feb 2023 02:48:16 GMT
adchoices_nl.svg
static.criteo.net/flash/icon/ Frame 310F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_nl.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhhDbwAKoG0Hg4bWAAfQCskRsyKG2fQvDftJeg&u=%7C9ELlD9KQb%2Fz0eg9Hwf4869hjPjpA4WHDFzG9Rq1eGnk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOkMar8-yfGc15w0edYqkXr7_ByuHu9tWhBBk4MbA_WwhwoTHvNBiNJmilko35kcnWz7L_GRrqkP-ad9cUcqpR80XxHnd2lxr6mtsnUFif5z6eaQagz6UmFprJdRWmxm832zpl6CnoummdmAGoIIlzzYd9xMuKFYE5oon1mmSgCqkDGpdHcW0NW97tqReK2gtkeOU1vzxruQ-CdEG4HeaUg3P-iFt96p8NBY-TMmFKuwza_yU4uHMxTxjTEQGiTzZh9EuutVNQ9U2DUHMtw8iJjcbao23mHggOpoA-zdIhkLSqrhhJpQy882iXQ4Oug_PEhCOy9DCsLnWgnYRIAjiqbV-IKaIitPaYSzu2fG3lWA2F34A5H1AObtUVewy9so0wT4X2_kvg5D6gxXkvs6IIU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbBT7b0MYYu3AKtaNjuwPiqCf0AzJntKxXIX-l_dwwI23ARABIABgleqOgpwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTSgAdW20uoDyAEJqQIavs0D58ayPuACAKgDAaoEowJP0CvX8tDN7VGQ0CB3X0XkWiYTLo6f4p_nJZRuNlRyTqROa0BbsjHnScie0QGcbEm2nCIjVN5mjn3QwfSZQVq070l_ZrUlgsrUjyOqmrBOpeqNkrS2hzMG6XSxvyTHf-vDiuihcZqJndxrkgJo2lW7djrY8BnEpQlkOTB4eMSOcGyytYS0stAX-TxvaR4PIbSwENpgbCqfe-9_Kii8bm2Y4ixYijS4648GjcrOc-7czCX7BMMTSKxG7iSgWQiMAnebT1nAA5sM-UPney28U__QIagBr48mbPttg5QJS7TCcwMN845GTPfZeYXd1-nhVVEf83nKcGMzoRIewg5_KOjc1A1phvcraPEo_i3TpkUvTh_sst-tf5bICZk3NYGHSdVqkangBAGABpyDt46vq_-3mgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_224EEJ4_nIIq_BbqrBXkX6my1gPQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:16 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-754"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Feb 2023 02:48:16 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 310F 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhhDbwAKoG0Hg4bWAAfQCskRsyKG2fQvDftJeg&u=%7C9ELlD9KQb%2Fz0eg9Hwf4869hjPjpA4WHDFzG9Rq1eGnk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOkMar8-yfGc15w0edYqkXr7_ByuHu9tWhBBk4MbA_WwhwoTHvNBiNJmilko35kcnWz7L_GRrqkP-ad9cUcqpR80XxHnd2lxr6mtsnUFif5z6eaQagz6UmFprJdRWmxm832zpl6CnoummdmAGoIIlzzYd9xMuKFYE5oon1mmSgCqkDGpdHcW0NW97tqReK2gtkeOU1vzxruQ-CdEG4HeaUg3P-iFt96p8NBY-TMmFKuwza_yU4uHMxTxjTEQGiTzZh9EuutVNQ9U2DUHMtw8iJjcbao23mHggOpoA-zdIhkLSqrhhJpQy882iXQ4Oug_PEhCOy9DCsLnWgnYRIAjiqbV-IKaIitPaYSzu2fG3lWA2F34A5H1AObtUVewy9so0wT4X2_kvg5D6gxXkvs6IIU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbBT7b0MYYu3AKtaNjuwPiqCf0AzJntKxXIX-l_dwwI23ARABIABgleqOgpwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTSgAdW20uoDyAEJqQIavs0D58ayPuACAKgDAaoEowJP0CvX8tDN7VGQ0CB3X0XkWiYTLo6f4p_nJZRuNlRyTqROa0BbsjHnScie0QGcbEm2nCIjVN5mjn3QwfSZQVq070l_ZrUlgsrUjyOqmrBOpeqNkrS2hzMG6XSxvyTHf-vDiuihcZqJndxrkgJo2lW7djrY8BnEpQlkOTB4eMSOcGyytYS0stAX-TxvaR4PIbSwENpgbCqfe-9_Kii8bm2Y4ixYijS4648GjcrOc-7czCX7BMMTSKxG7iSgWQiMAnebT1nAA5sM-UPney28U__QIagBr48mbPttg5QJS7TCcwMN845GTPfZeYXd1-nhVVEf83nKcGMzoRIewg5_KOjc1A1phvcraPEo_i3TpkUvTh_sst-tf5bICZk3NYGHSdVqkangBAGABpyDt46vq_-3mgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_224EEJ4_nIIq_BbqrBXkX6my1gPQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:16 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 20 Feb 2023 02:48:16 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 310F 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhhDbwAKoG0Hg4bWAAfQCskRsyKG2fQvDftJeg&u=%7C9ELlD9KQb%2Fz0eg9Hwf4869hjPjpA4WHDFzG9Rq1eGnk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOkMar8-yfGc15w0edYqkXr7_ByuHu9tWhBBk4MbA_WwhwoTHvNBiNJmilko35kcnWz7L_GRrqkP-ad9cUcqpR80XxHnd2lxr6mtsnUFif5z6eaQagz6UmFprJdRWmxm832zpl6CnoummdmAGoIIlzzYd9xMuKFYE5oon1mmSgCqkDGpdHcW0NW97tqReK2gtkeOU1vzxruQ-CdEG4HeaUg3P-iFt96p8NBY-TMmFKuwza_yU4uHMxTxjTEQGiTzZh9EuutVNQ9U2DUHMtw8iJjcbao23mHggOpoA-zdIhkLSqrhhJpQy882iXQ4Oug_PEhCOy9DCsLnWgnYRIAjiqbV-IKaIitPaYSzu2fG3lWA2F34A5H1AObtUVewy9so0wT4X2_kvg5D6gxXkvs6IIU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbBT7b0MYYu3AKtaNjuwPiqCf0AzJntKxXIX-l_dwwI23ARABIABgleqOgpwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTSgAdW20uoDyAEJqQIavs0D58ayPuACAKgDAaoEowJP0CvX8tDN7VGQ0CB3X0XkWiYTLo6f4p_nJZRuNlRyTqROa0BbsjHnScie0QGcbEm2nCIjVN5mjn3QwfSZQVq070l_ZrUlgsrUjyOqmrBOpeqNkrS2hzMG6XSxvyTHf-vDiuihcZqJndxrkgJo2lW7djrY8BnEpQlkOTB4eMSOcGyytYS0stAX-TxvaR4PIbSwENpgbCqfe-9_Kii8bm2Y4ixYijS4648GjcrOc-7czCX7BMMTSKxG7iSgWQiMAnebT1nAA5sM-UPney28U__QIagBr48mbPttg5QJS7TCcwMN845GTPfZeYXd1-nhVVEf83nKcGMzoRIewg5_KOjc1A1phvcraPEo_i3TpkUvTh_sst-tf5bICZk3NYGHSdVqkangBAGABpyDt46vq_-3mgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_224EEJ4_nIIq_BbqrBXkX6my1gPQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:16 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Mon, 20 Feb 2023 02:48:16 GMT
ai.aspx
m.exactag.com/ Frame 310F 		43 B
900 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=15&extPu=72360-criteo&extLi=152208&rnd=6218436f1e511007b6011f9e2486ea8f&criteoid=&consent_string=&iab=1&url=
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhhDbwAKoG0Hg4bWAAfQCskRsyKG2fQvDftJeg&u=%7C9ELlD9KQb%2Fz0eg9Hwf4869hjPjpA4WHDFzG9Rq1eGnk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOkMar8-yfGc15w0edYqkXr7_ByuHu9tWhBBk4MbA_WwhwoTHvNBiNJmilko35kcnWz7L_GRrqkP-ad9cUcqpR80XxHnd2lxr6mtsnUFif5z6eaQagz6UmFprJdRWmxm832zpl6CnoummdmAGoIIlzzYd9xMuKFYE5oon1mmSgCqkDGpdHcW0NW97tqReK2gtkeOU1vzxruQ-CdEG4HeaUg3P-iFt96p8NBY-TMmFKuwza_yU4uHMxTxjTEQGiTzZh9EuutVNQ9U2DUHMtw8iJjcbao23mHggOpoA-zdIhkLSqrhhJpQy882iXQ4Oug_PEhCOy9DCsLnWgnYRIAjiqbV-IKaIitPaYSzu2fG3lWA2F34A5H1AObtUVewy9so0wT4X2_kvg5D6gxXkvs6IIU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbBT7b0MYYu3AKtaNjuwPiqCf0AzJntKxXIX-l_dwwI23ARABIABgleqOgpwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTSgAdW20uoDyAEJqQIavs0D58ayPuACAKgDAaoEowJP0CvX8tDN7VGQ0CB3X0XkWiYTLo6f4p_nJZRuNlRyTqROa0BbsjHnScie0QGcbEm2nCIjVN5mjn3QwfSZQVq070l_ZrUlgsrUjyOqmrBOpeqNkrS2hzMG6XSxvyTHf-vDiuihcZqJndxrkgJo2lW7djrY8BnEpQlkOTB4eMSOcGyytYS0stAX-TxvaR4PIbSwENpgbCqfe-9_Kii8bm2Y4ixYijS4648GjcrOc-7czCX7BMMTSKxG7iSgWQiMAnebT1nAA5sM-UPney28U__QIagBr48mbPttg5QJS7TCcwMN845GTPfZeYXd1-nhVVEf83nKcGMzoRIewg5_KOjc1A1phvcraPEo_i3TpkUvTh_sst-tf5bICZk3NYGHSdVqkangBAGABpyDt46vq_-3mgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_224EEJ4_nIIq_BbqrBXkX6my1gPQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
213.202.235.10 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection
close
X-ET-Monitoring
1
Content-Length
43
Pragma
no-cache
X-ET-Code
0
Last-Modified
Fr, 25 Feb 2022 02:48:16 GMT
Server
Microsoft-IIS/8.5
Date
Fri, 25 Feb 2022 02:48:16 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://ads.eu.criteo.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1696
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 310F 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=DLv_Ejm2gGl4gEH2L_AW4DCD1m7hGPCYlHyvPnWEuH4QvkkKv3Rjnkweu0v0v_aNnKObRT28nDarnim5K36xMdvcokC9U9HBGkt_EKDKdMguHpz7f8C_-AXIzJP8ncUvbeHPt_L3qvAFxVE52-fc3W6hV14Y_LDreFRfrdQOZnd33JIecP4ah09ynL5QCqzRe86QP-ETZtHLXnlBM70iZfIav4t1a3dnfzw_PEFoLtGF8_VinjS6DKgakktxSrwTuHQQRAcyj_vCqc8SH7RCzxNMjZieakf6Qxn78YoBuCYU2AKBVcqIHoztWC-JUu1fP2jxlm3HQw-rm3BGSqOexwENVvYdLJbEcv0izHdgNf5a4wGurfTb5exvxhltbCQFmDPJTVMJsYABCq7Qeb-f15oo7mt7Bcd1ZcH2LxB6T7wEphMlQEGm4FeLxISxAAUuPAiKg5ayHTB8IPIGUDaEAodNu-E
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhhDbwAKoG0Hg4bWAAfQCskRsyKG2fQvDftJeg&u=%7C9ELlD9KQb%2Fz0eg9Hwf4869hjPjpA4WHDFzG9Rq1eGnk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOkMar8-yfGc15w0edYqkXr7_ByuHu9tWhBBk4MbA_WwhwoTHvNBiNJmilko35kcnWz7L_GRrqkP-ad9cUcqpR80XxHnd2lxr6mtsnUFif5z6eaQagz6UmFprJdRWmxm832zpl6CnoummdmAGoIIlzzYd9xMuKFYE5oon1mmSgCqkDGpdHcW0NW97tqReK2gtkeOU1vzxruQ-CdEG4HeaUg3P-iFt96p8NBY-TMmFKuwza_yU4uHMxTxjTEQGiTzZh9EuutVNQ9U2DUHMtw8iJjcbao23mHggOpoA-zdIhkLSqrhhJpQy882iXQ4Oug_PEhCOy9DCsLnWgnYRIAjiqbV-IKaIitPaYSzu2fG3lWA2F34A5H1AObtUVewy9so0wT4X2_kvg5D6gxXkvs6IIU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbBT7b0MYYu3AKtaNjuwPiqCf0AzJntKxXIX-l_dwwI23ARABIABgleqOgpwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTSgAdW20uoDyAEJqQIavs0D58ayPuACAKgDAaoEowJP0CvX8tDN7VGQ0CB3X0XkWiYTLo6f4p_nJZRuNlRyTqROa0BbsjHnScie0QGcbEm2nCIjVN5mjn3QwfSZQVq070l_ZrUlgsrUjyOqmrBOpeqNkrS2hzMG6XSxvyTHf-vDiuihcZqJndxrkgJo2lW7djrY8BnEpQlkOTB4eMSOcGyytYS0stAX-TxvaR4PIbSwENpgbCqfe-9_Kii8bm2Y4ixYijS4648GjcrOc-7czCX7BMMTSKxG7iSgWQiMAnebT1nAA5sM-UPney28U__QIagBr48mbPttg5QJS7TCcwMN845GTPfZeYXd1-nhVVEf83nKcGMzoRIewg5_KOjc1A1phvcraPEo_i3TpkUvTh_sst-tf5bICZk3NYGHSdVqkangBAGABpyDt46vq_-3mgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_224EEJ4_nIIq_BbqrBXkX6my1gPQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:15 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2290598
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
request.php
hal900027.redintelligence.net/ Frame 33F2
Redirect Chain
  • https://hal900027.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=25497c379c&subid=&uid=b1bac9c3e55f0f9c&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900027.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=25497c379c&subid=&uid=b1bac9c3e55f0f9c&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
611 B
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900027.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=25497c379c&subid=&uid=b1bac9c3e55f0f9c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChC7hb0MYYrm-I4Hu3wOf8KDwCd2t6KhgqNy3x7kK8C4QASCVm8ohYJXqjoKcB8gBCakCVm4sPcnIsj6oAwGqBO8BT9BfQxZj9AsPLFzRIG6kIYFPYCClE5deBKBaBcWBNSaMyHbU6GrnVlsxEfw_My3l6A9DPoFxVt4jeonLjHmhFSMvpCkbiaHModyDDgj8QD9Ilqra_qpO-yUhogv9G_TK8IbZd643gMUCyjZoH9aG6IhUPHgRdHH8Rr2-P-Ma-lq7BknuNKlmgTytfto3GEqB-vbRgcxMV8srEbcBOXAsubxkdepw02Nhjn3VDouTVZrk9yzZAJAjwWNFuOjNqHScY32r0dBNA3UO8akMtHynZtXz2LuI5By_vfPU6NTF5QS4ilZzgcezqH-u_P6xN8DABM6Ou7GWAuAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA5gLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRotu0-NxBjPVcV8oSzVR8rZrKLTA%26sig%3DAOD64_09Zdr7eyjcGC9GtksUu6QhHCgX0Q%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-Dn03Ka2P2tfEiyzKMqd-C4XZ5VNii4wrieATPYZThawjolaH5LXhvRSgarWHGHEqGQS32xD33_VXM8Se4Tr2q0_zZ1lkcD2VRDQOv4q8fITvf8gfma6VtHh7ECwot6iypS6I_bEKyLjmtEUsBjNIEIw0iQwA%26cry%3D1%26dbm_d%3DAKAmf-C8lzo9G9xT9_sNxjNBZC9-tQv5MQ4YpdR9Fncn5SD3YnIm5RqoEJWQQ-I6cIJBDnXcPIVZo2ph8xNEcxVrksK8QS6sr1JhGLRe8w0FFmhguc7Kfp9L7LqMzXjJnK3cej6IfNbgadNshcMxErLqhCgstlizdFtdwNWlMib_gIuPfTCuwFUQ07HQvnX2LDsx0xdQS2MkPnCsXljYNFa_mq16Tfp6mduYTs60nZiLf4oBhTzGvp-TL9v0MdRSZSfH4G-i6h6vD07UDODwTNmEam0D5bsX4xzH6ax1fu_CGeNMJLKNnfEVxxA6Cin8_VLiFa6hu9fBH5Vvqg7w--WlWSp6Um33gdej_Ccn2Yn0V4lJkdOR_7HdPUwN-NZIbjXC2MixR2LDTyFwzfi0IQXccoLjH-J6ZICBjVH4T9M-gr6mnMAl4GAGZGHffICSFMGhlfOgxNGV%26adurl%3D&documentReferer=https%3A%2F%2Fc79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fc79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.hawtcelebs.com&random=4963609132300&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
f3c931fcf7dd0c4696d398d2d5c9e3d1b60bca8a8384d133fd2021c9c132fefb

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:16 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
59150400009604200757585011881027
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
330
Expires
Fri, 25 Feb 2022 02:48:16 +0100

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:16 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=25497c379c&subid=&uid=b1bac9c3e55f0f9c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChC7hb0MYYrm-I4Hu3wOf8KDwCd2t6KhgqNy3x7kK8C4QASCVm8ohYJXqjoKcB8gBCakCVm4sPcnIsj6oAwGqBO8BT9BfQxZj9AsPLFzRIG6kIYFPYCClE5deBKBaBcWBNSaMyHbU6GrnVlsxEfw_My3l6A9DPoFxVt4jeonLjHmhFSMvpCkbiaHModyDDgj8QD9Ilqra_qpO-yUhogv9G_TK8IbZd643gMUCyjZoH9aG6IhUPHgRdHH8Rr2-P-Ma-lq7BknuNKlmgTytfto3GEqB-vbRgcxMV8srEbcBOXAsubxkdepw02Nhjn3VDouTVZrk9yzZAJAjwWNFuOjNqHScY32r0dBNA3UO8akMtHynZtXz2LuI5By_vfPU6NTF5QS4ilZzgcezqH-u_P6xN8DABM6Ou7GWAuAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA5gLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRotu0-NxBjPVcV8oSzVR8rZrKLTA%26sig%3DAOD64_09Zdr7eyjcGC9GtksUu6QhHCgX0Q%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-Dn03Ka2P2tfEiyzKMqd-C4XZ5VNii4wrieATPYZThawjolaH5LXhvRSgarWHGHEqGQS32xD33_VXM8Se4Tr2q0_zZ1lkcD2VRDQOv4q8fITvf8gfma6VtHh7ECwot6iypS6I_bEKyLjmtEUsBjNIEIw0iQwA%26cry%3D1%26dbm_d%3DAKAmf-C8lzo9G9xT9_sNxjNBZC9-tQv5MQ4YpdR9Fncn5SD3YnIm5RqoEJWQQ-I6cIJBDnXcPIVZo2ph8xNEcxVrksK8QS6sr1JhGLRe8w0FFmhguc7Kfp9L7LqMzXjJnK3cej6IfNbgadNshcMxErLqhCgstlizdFtdwNWlMib_gIuPfTCuwFUQ07HQvnX2LDsx0xdQS2MkPnCsXljYNFa_mq16Tfp6mduYTs60nZiLf4oBhTzGvp-TL9v0MdRSZSfH4G-i6h6vD07UDODwTNmEam0D5bsX4xzH6ax1fu_CGeNMJLKNnfEVxxA6Cin8_VLiFa6hu9fBH5Vvqg7w--WlWSp6Um33gdej_Ccn2Yn0V4lJkdOR_7HdPUwN-NZIbjXC2MixR2LDTyFwzfi0IQXccoLjH-J6ZICBjVH4T9M-gr6mnMAl4GAGZGHffICSFMGhlfOgxNGV%26adurl%3D&documentReferer=https%3A%2F%2Fc79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fc79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.hawtcelebs.com&random=4963609132300&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Fri, 25 Feb 2022 02:48:16 +0100
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame D085
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESELC5BiHzSX0WhLsThEJhzdI&google_cver=1&google_push=AYg5qPJRgY0fBSCqBmb40Xta3SXiLZYY0AaPhq3FwfOdZtm25oNtBusi-rlLaC7VGfH28GPp2OK42QEvBq6JqBi7r0GcpykIE2Q
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzI3MjQ3OTU1NzMyNjg5MDcxMg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOVdrquPChWcPeZhOUChgCI&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOVdrquPChWcPeZhOUChgCI&google_cver=1
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOVdrquPChWcPeZhOUChgCI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D085
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPaPvQiEStboMHBFta8wZaM&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPaPvQiEStboMHBFta8wZaM&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N3hCSXdOZ0gxTm5xRXc1&google_gid=CAESEPaPvQiEStboMHBFta8wZaM&google_cver=1&google_push=AYg5qPIxbL9RT-E0LUr3XeoNxnkPH7sPKsiwt80HbQ1mOER...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N3hCSXdOZ0gxTm5xRXc1&google_gid=CAESEPaPvQiEStboMHBFta8wZaM&google_cver=1&google_push=AYg5qPIxbL9RT-E0LUr3XeoNxnkPH7sPKsiwt80HbQ1mOERm-_-JJ2WVtejOLzxYUdegusxJVtW9DapC182sTQ8jqW0V-p2FjjmD
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:16 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-04fd973f611872bb0@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=N3hCSXdOZ0gxTm5xRXc1&google_gid=CAESEPaPvQiEStboMHBFta8wZaM&google_cver=1&google_push=AYg5qPIxbL9RT-E0LUr3XeoNxnkPH7sPKsiwt80HbQ1mOERm-_-JJ2WVtejOLzxYUdegusxJVtW9DapC182sTQ8jqW0V-p2FjjmD
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D085
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELRgwKzvs6TEIaTtoMyTRA4&google_cver=1&google_push=AYg5qPK4eqYEanF7rOdN1LyZKHoYbnSfW_fbihnm47lIprwI0xssjjC_Poq4RISQCV8iwNJts8_ZcDMZypKGwj74ZVCvy4E...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK4eqYEanF7rOdN1LyZKHoYbnSfW_fbihnm47lIprwI0xssjjC_Poq4RISQCV8iwNJts8_ZcDMZypKGwj74ZVCvy4EJhlHv&google_hm=MTg0ODg0MDI2MDc2MTI3Nj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK4eqYEanF7rOdN1LyZKHoYbnSfW_fbihnm47lIprwI0xssjjC_Poq4RISQCV8iwNJts8_ZcDMZypKGwj74ZVCvy4EJhlHv&google_hm=MTg0ODg0MDI2MDc2MTI3NjUzNw%3D%3D
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 25 Feb 2022 02:48:16 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK4eqYEanF7rOdN1LyZKHoYbnSfW_fbihnm47lIprwI0xssjjC_Poq4RISQCV8iwNJts8_ZcDMZypKGwj74ZVCvy4EJhlHv&google_hm=MTg0ODg0MDI2MDc2MTI3NjUzNw%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
dds
rtb.openx.net/sync/ Frame D085 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEP5oTeWUBQXUOJtVKetUJGo&google_cver=1&google_push=AYg5qPJGHXy2vWgTturpT8g0nGWD7ZuQS2z0eXXNg8ztI2IEIu13ro5N1v3PCRYCIfOEPvwQxoE_q03vp_K86cVzf1Wrout7sleQ
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:15 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
fksr50nvaarhc4nmlb3ojcl74e9ef401
us
sync.go.sonobi.com/ Frame D085 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPIwT4Kxi-KGZ2apUOFtlY1HPJW54Kwm1GWPqL0CO7ammdkRAchBYTYtD1bE3fyi1iK59w1gFIpi25iAi5bgPskpkikA4WEt%26google_hm%3D%5BUID%5D&google_gid=CAESEOt0a8vCcZDV4HUYZVEUzCQ&google_cver=1
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:16 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ssbsync.smartadserver.com/api/ Frame D085 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEB8Tnx-fuLS_5e4IfbPvfxQ&google_cver=1&google_push=AYg5qPKm_G-BdxmgQZ52ssRZY6QiBgMEKB9r1l-9sLQcASr3mF-gU-6H4sh7ZDgMoD0qM9rGBBvtujuSgG6l8vjQUxEHyAJuiD4
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:16 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame D085
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGo6WrDmN1UuAGg-NzZ_lx4&google_cver=1&google_push=AYg5qPIajQoSNIwIb9cl3l7uN6uWb7-hb3RWrcecqIH2VGOQSNrquHcPzJMSdPAiou2Sl1SaNc...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEGo6WrDmN1UuAGg-NzZ_lx4&google_cver=1&google_push=AYg5qPIajQoSNIwIb9cl3l7uN6uWb7-hb3RWrcecqIH2VGOQSNrquHcPzJMSdPAiou2Sl1SaNc...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1iMHdtQUpKRTJ1RkxlcF84RjJ0YU9xMWVxbVhFZHpGNX5B&google_push=AYg5qPIajQoSNIwIb9cl3l7uN6uWb7-hb3RWrcecqIH2VGOQSNrquHcPz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1iMHdtQUpKRTJ1RkxlcF84RjJ0YU9xMWVxbVhFZHpGNX5B&google_push=AYg5qPIajQoSNIwIb9cl3l7uN6uWb7-hb3RWrcecqIH2VGOQSNrquHcPzJMSdPAiou2Sl1SaNcmlQm8qKmzjDaIwgK-QO0J-iYJ3nw
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1iMHdtQUpKRTJ1RkxlcF84RjJ0YU9xMWVxbVhFZHpGNX5B&google_push=AYg5qPIajQoSNIwIb9cl3l7uN6uWb7-hb3RWrcecqIH2VGOQSNrquHcPzJMSdPAiou2Sl1SaNcmlQm8qKmzjDaIwgK-QO0J-iYJ3nw
date
Fri, 25 Feb 2022 02:48:16 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame D085 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LLn_BJdh6KY3Qcq6lOBXjanpaLYRN-pULqqnHieMM-vawhpsgMeE2D_l-xtF-axCJccWvJaA
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:16 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D26B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 22 Feb 2022 08:13:54 GMT
expires
Wed, 22 Feb 2023 08:13:54 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
239662
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 755B 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 22 Feb 2022 08:13:54 GMT
expires
Wed, 22 Feb 2023 08:13:54 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
239662
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3A2A 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 24 Feb 2022 13:26:12 GMT
expires
Fri, 25 Feb 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
48124
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame C4F6 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvsrj1cY7NMyEQAhso_2HIrEfC048HyiCUkUgB2hAUyfQkBbxxTrN9roz6R3L5SByIaLi70qCqnD_PMVCsjnaNPUv9XfnxHaOzf3qDQtH7l0-JIJUplyF9pphWXmru69D7S-0Yz4vBZk-J6eZSrDvaouiuAiUvZqowjbWFtbTCiMO_fVwRa4yNFY8kb1VCf9UTgVW0T7na-O9dT4ULhybpRdu3wWoaDiUZBg_wCi6-deuL3zcfqG4-Yr0ruCCzd_GDWi0u5wUNJ8M9XMXaNX-PxNscwMEvH0l6die1EK4kvIpUPX01hreU0asvUH9hCJabPjWuwXrfY9xfoYXtGfEkxAHjG7gkHdRcY2TgM3r-dA00Eza2j5HnRSqcW4ONx5IYF1AMwdfc2F3j7Yu4PhYUfaxuCii4X3dE606bHcT9oV5HsUX9jS2cc05Svz0vgALVQJnDAkwJWgHfHoRBgIj75TKmDptOMKnCu-ReojbC_AJFveMwEaxf5yE5CFmccu_BW1tpO2qnpyt27C3cwnrP6Dau4CHaaXdcZbMNuU7yRDdhiDWzYZptq1-wsgenHmsoEHnFE9tQLJ6Lkp8RC-zPw1Q3wtaNSRuKgT9nbMTQg2DJw6Or5VWg5RoaSkrIWaXKyJC3NaBOU233JqKQ0ba8xCfYe0wN5oPxYrBhlxAjVM_9OV_br0GVdbpYCeFlycVLEsTZA6ybnuYubyFt2hZtTroFO2TmoWLxl9_5na6vEAoFfYqWAckITsnqTAIOmfd3snm-EfZajyUJskpoj-NP3E8euzf0cxWKx_7ogjxZ75RzpTW7JYYzjxCVAKpHuVA3mv3NFRB_AIP5egoJevnMcSqYxb_nR65H8nB_JDN3i_2MdJ3mwgIeE8Zc0IsOWV5x0JQ3lDEIHRMx0mFY9b4Pcxk-iYXkLnePbO-yD7IDpn6sjrVjrsiiwNN4rceBqgBl8NadgQMDp-NCUqs3HKee_ojUXdkZICISIadd49soPnDZfxSw26tOz3GqKkdLcSfM_BQP9LDv8qixovzTEFctvQE0ZkPX_z7EqxGloOH0GOGAlafAMuWnfBX53nB8mjJ1P8nSqQrY6CqNDOSO5lxF-u5qCIJFOr4LMDM3KpdLJIGOH9aIPGDD38vTpZfNcG8E-mDeOE4fpVUyVGjdoNrQTn44j8jmH9Ksu9qbKyzlft4FZBOXN2hiLr7QPfsQ7iDiwW1EJSD_-VxPdtUHw&sai=AMfl-YRQxaCJOvpyp0Srf86Cq3vMxNDrJA5y26VTpDp1aiPupM6hM4hBbxSP3acdHTu1uplmdy954rBE3cHmwZE00vQ6P1F0SU-OUBzzw-EboAJslyzUd4Qzfp1PobbfmTPUbDp_D85rcbsbodsd-o4lEwGHBUYK1vykv0_gBZ0&sig=Cg0ArKJSzBjHGtb6uhV0EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=131&vt=11&dtpt=113&dett=2&cstd=0&cisv=r20220223.74402&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bj7Mw9s-v6RrpcvNLLi31d7o-69gTKDnBTEu9NFRBSHVxhG13d0cd7pr5rVFQdbeGYG-krOPCh9SnZZJLuMT4Zf-aHI_UKrgtgsWU3Vh-oj7Iwt1MQLiM0Ls7qseUX73wt4IRvTTf5YZnV9Ow67S-aRpUA8w&dbm_d=AKAmf-CIvcMbMcENq8H2cAaRk8pqdoaURYPDAXZeClT1ahsGHuBPlJ406GFUleStE1irEzMNGCuqFS63ADsHrcWNZ0fr08E2nS3pAEZd84SzAONjtAUU8WLs9l1QU6Zfnzh__tp0v0Gkgjd90MD7IisNqL-S0quaRo0sZtV28kBAQInXuStIwSJzF88L8mua0Td3NK_1sb9iybL8elfNK8cgmnLpxbhmKG_LTVv40tjKKzFj5NKVr6o3CqyK3qJwLn_AMmdRQCSKrWIB3pMOnVpd3kiXTWaNPOcIMyGBvrFg5ta7RO3IZuycY2KX_UVFafJrs56496CjVb36dYoOc64wvQ395tFUJKQ8IfCwhsTv25Y-c8euokGbzwOcyPJNWMDBiVYqUzDRepU7Pr4ShJV2v0G2gX0L2qNtoRzCjh2BrvPRZI4c-baARwaH9FBDco8zI54qbhXxg_deeZwlzl18RIUHZ5pfJGaUuTGlEZmuWP9h0SO03ViobrR1OkncehQCPoZvsKXp3FVoF3WyXTBa6_442Mnqb_M3iZu79LaoGOChNIMevvmynE08LpIqYLle97e3YFBG3tgqDlaomSPvdOpA7ov1L-UiP8kEAo8eIp06mkVoI2P53QO1LeIH0iXMB0BXRBOM-owMbTAjfuTVPq7ldRcPYtqK616QwcymCvmDI2U63wR7gdafGz7MOzgGA0x28OjMfKkjgluRIfRc2p7SgCRF3oCm4SzsZ2JIDfJHFEKHh4HPm1r0d9oH946XFwhKQ_eipiv9fp_pc6h8RYhq-7MF84dWPYcz7sbOnjqPxv-4LiOnOcYCLpJ2MhjqfChotwZxyNgZcNiUtxQQzT1aSKOtnrfAIPjfLEmJjf2ZXsXbcARBwf37O7mm6p4ZQoUPt4RXXN0KwRrKDM36D1RIs6mVdmcPOuGh2_Tag5haBwKf86Prgoi7HDHMrSZaNfwzjfJhQe6BAcx7SyMui8881iKwNc9V42859L68NmlTDIeLHB831OKM3WfKPqUtX4ovAiVEn9sD3mUYuCnsA4pYjbANXgqsQbub00MSGdYbIzNSDx8Q7Vzu4C2WKxEBhTxm93djN1DqXxxEzexYD7qmisItcXV8rF8Hw2FCt7kiZZin0irXgg4LbyJyolMzkuWPI2KkBRhlM7eeILBF00NkVaNC-U83X6vreQZ5SzOuvRSb4v9JVXR-mVjAPykSyAgvcWUwy1ZV6QEouWlVqAFsyqn1kMaVTr8bHInTvwfvTD_1xhw7bZWBd4ovYc66CDYi0NiQpMtvX4dK2EW3dfU4IKvL_9lvAA-_ABDiOKoc3voxWJ0sN9MvPtKf6VzDfvtIZfD9pt7sAChFnchyUEXYwmzxlM3jflAoyhFTyrO03N8e9F25joD0WWlYUZJB5BpbJwQrM3vuNvvzaL9nY36_NkKIlZyQpFrVVMsaRVScaWUL8VtW1fxPFK2naHLopWDXDO0_kTMXsQqlfJ6OyqdIOESFlCR8CJnGvmw99_dliMTooTY2gwWrrAGEuLyooGyhDlyhcbM80OKFOpaCYiMLLm5lNL8Q4PjbjKT0zIXkMFWES7kWEf3mLd8XX1qyTAUUlWXnX6cx4YMVI8o7yCyN3CouwolNv3_0wNsnp7FJQTTXJuGszEF1laaAXvAi8vEOHBDOy2ykhPiWpRN-AxqGZO_PHjX087YCLI0BRpN6SeeHId1wdHL4dOkN6RXs1ba5_KTtHOOUU4VwQYAJw8pSHsZ7qHXwW8Mu77K3z6a5p1N7V0AdU6c5Ilxv6J_KvlRuyG3DuCbef7jpfhDe2-KFTt6ZTsBJBy_MhcXW29Ok1HGU7YkmLJLMDdAqSi04B846uxfTCjx9olhcuqJnlp9hStkBCbo1M6C9ovi_WABGpTdAwKqDumvcuLF_6HhVYHTJRnAeKwlWpzfM9ZPHYRiSQoN0ReTXcbByFg3_PRiNjmfxq9M9dCKb3vPNhRSU84brBx7kb7Hnad04d1b4-CSnkGQliN6kvw7HVgYaDCMdX_syyxt4Ntt36b61f8uskViEXC3xFxLFbXi8S6zlVqQ8sNxrrHZjwA13bzqXpYMggh5CtMmToMZpSg07x0ir7WD2uqHjyAfolyrwhC_4LXKDD2bCsjP3lXJrUsaClRGqadl9kTLeSXIWQ2sMo44U9uR2uqSMbT42EgQ6JRa92XlMN0T1gHCT2YVv1ErrkexpWrc4YxiBKKpzj0DGdowqGPk5UCl7t5BAU7nt5WZBwNkkO16K6JLyMYe419EcYJJdd6hAowcF1I0QFvc5QKoteMPW7bUlWG3VQb3vOl49kmEDNfEkU_VWJE4f0IvN7WPX8aS7cPqBd2YAAc3jhTRqpRn6GEo911moNOJHR4WdjZCuzJ8W0xAAJUGZJJj-Xrg1R4BBGoQKaNy36B7u-fxNNyNDBx2tHZ5ubb1c8PCOob8zm3PPWbDa2Y7277HY2FJ_nT9Wb5ekFRNC5y_NfwF9YeYo3LdNxEcmuEbt0_JPqEoeRpA5nGD9zvTCJcCQt6kI9Kzy_YsCirFaTHIt3qcV8FLFLmdqvPDBfUb3LkOV-P8eh3EbXr5NB40T8Ujl6oA8KhEoxR-6j4my0UkDghIbmO5kKDQciVpd1bKLMDbv49YVj8vxnKCrhJ8JJR7XnVTn4tnEe8cKm7IZH7z6svyuqV_Ausxpk5b7LvLsFv1GkoFaw7Y5JsqnSe_oSafO8_SHwlTlURUVBglMRtDYAhWixSmlBN22aVizlpIwULeo4mekr6r1m8r05ppjiFqd-BXozJeflP56yGv62xyFmB0Yy3WSBkwnVvSYZlCSXuqGKnKAFr3Jc_7_u43MZAYryAWdMROLg_GkQ8NGhNRmUT2G8-1i3o_UzgPIvcb21CxW1pD5UhCloaL5Nr7wXGGAE9OPAv0LiA08PCCrtlJ_8Cy17eIqw9RLeGJybVlQBT5UsvYOrWh5IuxtqRMWz8D7H_tpzXrJqEtqaw_d1l54js6fMppKeCZySvbJQ_xb6rubj5MahnKN98TjVeI3sd-ZREv6riZQApiZXQ1wLOpL7vci41rMg1-f3k_CDipPgPGHLdoCF8koGm5L5dPq8UNIuGo8VPpAKbN-f1aW8QFbnr-Xt_S8_1CSvXoIQprWa1KTMCX9wYIR-_K6I1Fc7hBCCARLple8aYE56F6qqRajVcfRXYXzh_OFd6wHc6x9vpygmwoyKvMLL_8aeWn_lR5NpndvIRq6Sq2MZu_zCtyZ5R-JZVprjvaV_rgbVyyH-REEwyAfaG2KRw&cid=CAASFeRoa4pYmBZ46IOXJmLtNfiB-Nu1AQ&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:48:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 3CB3 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6322940812012159067/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6322940812012159067/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 25 Feb 2022 02:48:16 GMT
roller-kw08-300x600.js
s0.2mdn.net/sadbundle/6322940812012159067/ Frame 3CB3 		26 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6322940812012159067/roller-kw08-300x600.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6322940812012159067/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c66763e1e6d6b624d1b23dbc574730d2b180fead419e3f50ac9b0b4716d4eef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6322940812012159067/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 08:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
412271
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5193
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 10:41:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 20 Feb 2023 08:17:05 GMT
truncated
/ Frame C4F6 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd4c1968239cd97688e2725ff0292fb788d1c752ac068c257df1823638f14a82

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 310F 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhhDbwAKoG0Hg4bWAAfQCskRsyKG2fQvDftJeg&u=%7C9ELlD9KQb%2Fz0eg9Hwf4869hjPjpA4WHDFzG9Rq1eGnk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOkMar8-yfGc15w0edYqkXr7_ByuHu9tWhBBk4MbA_WwhwoTHvNBiNJmilko35kcnWz7L_GRrqkP-ad9cUcqpR80XxHnd2lxr6mtsnUFif5z6eaQagz6UmFprJdRWmxm832zpl6CnoummdmAGoIIlzzYd9xMuKFYE5oon1mmSgCqkDGpdHcW0NW97tqReK2gtkeOU1vzxruQ-CdEG4HeaUg3P-iFt96p8NBY-TMmFKuwza_yU4uHMxTxjTEQGiTzZh9EuutVNQ9U2DUHMtw8iJjcbao23mHggOpoA-zdIhkLSqrhhJpQy882iXQ4Oug_PEhCOy9DCsLnWgnYRIAjiqbV-IKaIitPaYSzu2fG3lWA2F34A5H1AObtUVewy9so0wT4X2_kvg5D6gxXkvs6IIU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbBT7b0MYYu3AKtaNjuwPiqCf0AzJntKxXIX-l_dwwI23ARABIABgleqOgpwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTSgAdW20uoDyAEJqQIavs0D58ayPuACAKgDAaoEowJP0CvX8tDN7VGQ0CB3X0XkWiYTLo6f4p_nJZRuNlRyTqROa0BbsjHnScie0QGcbEm2nCIjVN5mjn3QwfSZQVq070l_ZrUlgsrUjyOqmrBOpeqNkrS2hzMG6XSxvyTHf-vDiuihcZqJndxrkgJo2lW7djrY8BnEpQlkOTB4eMSOcGyytYS0stAX-TxvaR4PIbSwENpgbCqfe-9_Kii8bm2Y4ixYijS4648GjcrOc-7czCX7BMMTSKxG7iSgWQiMAnebT1nAA5sM-UPney28U__QIagBr48mbPttg5QJS7TCcwMN845GTPfZeYXd1-nhVVEf83nKcGMzoRIewg5_KOjc1A1phvcraPEo_i3TpkUvTh_sst-tf5bICZk3NYGHSdVqkangBAGABpyDt46vq_-3mgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_224EEJ4_nIIq_BbqrBXkX6my1gPQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1003115
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7sME7gYrTmUKbZhEeG7TsmC3SZiuMFob8qADBs4lAdDiH88B5CTespSLYY%2FgcLYBQXqgPMw%2BM3FOTHTmXyuW7sHLkql1hdAz5spXtpLIdRGemKRnQAySoG381%2FvvTfWa3zOxRDeI9aVK4aZ9q813JceF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6e2d9d1e4fea9055-FRA
expires
Wed, 15 Feb 2023 02:48:16 GMT
animejs.js
static.criteo.net/animejs/ Frame 310F 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhhDbwAKoG0Hg4bWAAfQCskRsyKG2fQvDftJeg&u=%7C9ELlD9KQb%2Fz0eg9Hwf4869hjPjpA4WHDFzG9Rq1eGnk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOkMar8-yfGc15w0edYqkXr7_ByuHu9tWhBBk4MbA_WwhwoTHvNBiNJmilko35kcnWz7L_GRrqkP-ad9cUcqpR80XxHnd2lxr6mtsnUFif5z6eaQagz6UmFprJdRWmxm832zpl6CnoummdmAGoIIlzzYd9xMuKFYE5oon1mmSgCqkDGpdHcW0NW97tqReK2gtkeOU1vzxruQ-CdEG4HeaUg3P-iFt96p8NBY-TMmFKuwza_yU4uHMxTxjTEQGiTzZh9EuutVNQ9U2DUHMtw8iJjcbao23mHggOpoA-zdIhkLSqrhhJpQy882iXQ4Oug_PEhCOy9DCsLnWgnYRIAjiqbV-IKaIitPaYSzu2fG3lWA2F34A5H1AObtUVewy9so0wT4X2_kvg5D6gxXkvs6IIU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbBT7b0MYYu3AKtaNjuwPiqCf0AzJntKxXIX-l_dwwI23ARABIABgleqOgpwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTSgAdW20uoDyAEJqQIavs0D58ayPuACAKgDAaoEowJP0CvX8tDN7VGQ0CB3X0XkWiYTLo6f4p_nJZRuNlRyTqROa0BbsjHnScie0QGcbEm2nCIjVN5mjn3QwfSZQVq070l_ZrUlgsrUjyOqmrBOpeqNkrS2hzMG6XSxvyTHf-vDiuihcZqJndxrkgJo2lW7djrY8BnEpQlkOTB4eMSOcGyytYS0stAX-TxvaR4PIbSwENpgbCqfe-9_Kii8bm2Y4ixYijS4648GjcrOc-7czCX7BMMTSKxG7iSgWQiMAnebT1nAA5sM-UPney28U__QIagBr48mbPttg5QJS7TCcwMN845GTPfZeYXd1-nhVVEf83nKcGMzoRIewg5_KOjc1A1phvcraPEo_i3TpkUvTh_sst-tf5bICZk3NYGHSdVqkangBAGABpyDt46vq_-3mgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_224EEJ4_nIIq_BbqrBXkX6my1gPQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:16 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Feb 2023 02:48:16 GMT
img
pix.eu.criteo.net/img/ Frame 310F 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=196&m=0&partner=12719&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F12719%2F210702%2Fb42a3fb412864cd39d1cc90c626bd9bc_mue_logo_rgb.png&v=3&w=196&s=t9TRsfoFOXjpksTLPKexiXay
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhhDbwAKoG0Hg4bWAAfQCskRsyKG2fQvDftJeg&u=%7C9ELlD9KQb%2Fz0eg9Hwf4869hjPjpA4WHDFzG9Rq1eGnk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOkMar8-yfGc15w0edYqkXr7_ByuHu9tWhBBk4MbA_WwhwoTHvNBiNJmilko35kcnWz7L_GRrqkP-ad9cUcqpR80XxHnd2lxr6mtsnUFif5z6eaQagz6UmFprJdRWmxm832zpl6CnoummdmAGoIIlzzYd9xMuKFYE5oon1mmSgCqkDGpdHcW0NW97tqReK2gtkeOU1vzxruQ-CdEG4HeaUg3P-iFt96p8NBY-TMmFKuwza_yU4uHMxTxjTEQGiTzZh9EuutVNQ9U2DUHMtw8iJjcbao23mHggOpoA-zdIhkLSqrhhJpQy882iXQ4Oug_PEhCOy9DCsLnWgnYRIAjiqbV-IKaIitPaYSzu2fG3lWA2F34A5H1AObtUVewy9so0wT4X2_kvg5D6gxXkvs6IIU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbBT7b0MYYu3AKtaNjuwPiqCf0AzJntKxXIX-l_dwwI23ARABIABgleqOgpwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTSgAdW20uoDyAEJqQIavs0D58ayPuACAKgDAaoEowJP0CvX8tDN7VGQ0CB3X0XkWiYTLo6f4p_nJZRuNlRyTqROa0BbsjHnScie0QGcbEm2nCIjVN5mjn3QwfSZQVq070l_ZrUlgsrUjyOqmrBOpeqNkrS2hzMG6XSxvyTHf-vDiuihcZqJndxrkgJo2lW7djrY8BnEpQlkOTB4eMSOcGyytYS0stAX-TxvaR4PIbSwENpgbCqfe-9_Kii8bm2Y4ixYijS4648GjcrOc-7czCX7BMMTSKxG7iSgWQiMAnebT1nAA5sM-UPney28U__QIagBr48mbPttg5QJS7TCcwMN845GTPfZeYXd1-nhVVEf83nKcGMzoRIewg5_KOjc1A1phvcraPEo_i3TpkUvTh_sst-tf5bICZk3NYGHSdVqkangBAGABpyDt46vq_-3mgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_224EEJ4_nIIq_BbqrBXkX6my1gPQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0e6b1ef8d7d064b6c94d14c18562f5a43286b40b0903549f608bd9ee61ec42e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=29724218
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
4966
expires
Sat, 04 Feb 2023 03:31:54 GMT
img
pix.eu.criteo.net/img/ Frame 310F 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12719&q=80&r=0&u=https%3A%2F%2Fmedia.mey-edlich.de%2Fproducts%2Fmey-edlich%2Fimages%2F1441x1922%2FEC23_7955_FA.jpg&v=3&w=400&s=t7VezI4cdmO2qQ8cJbftS-ET&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhhDbwAKoG0Hg4bWAAfQCskRsyKG2fQvDftJeg&u=%7C9ELlD9KQb%2Fz0eg9Hwf4869hjPjpA4WHDFzG9Rq1eGnk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOkMar8-yfGc15w0edYqkXr7_ByuHu9tWhBBk4MbA_WwhwoTHvNBiNJmilko35kcnWz7L_GRrqkP-ad9cUcqpR80XxHnd2lxr6mtsnUFif5z6eaQagz6UmFprJdRWmxm832zpl6CnoummdmAGoIIlzzYd9xMuKFYE5oon1mmSgCqkDGpdHcW0NW97tqReK2gtkeOU1vzxruQ-CdEG4HeaUg3P-iFt96p8NBY-TMmFKuwza_yU4uHMxTxjTEQGiTzZh9EuutVNQ9U2DUHMtw8iJjcbao23mHggOpoA-zdIhkLSqrhhJpQy882iXQ4Oug_PEhCOy9DCsLnWgnYRIAjiqbV-IKaIitPaYSzu2fG3lWA2F34A5H1AObtUVewy9so0wT4X2_kvg5D6gxXkvs6IIU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbBT7b0MYYu3AKtaNjuwPiqCf0AzJntKxXIX-l_dwwI23ARABIABgleqOgpwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTSgAdW20uoDyAEJqQIavs0D58ayPuACAKgDAaoEowJP0CvX8tDN7VGQ0CB3X0XkWiYTLo6f4p_nJZRuNlRyTqROa0BbsjHnScie0QGcbEm2nCIjVN5mjn3QwfSZQVq070l_ZrUlgsrUjyOqmrBOpeqNkrS2hzMG6XSxvyTHf-vDiuihcZqJndxrkgJo2lW7djrY8BnEpQlkOTB4eMSOcGyytYS0stAX-TxvaR4PIbSwENpgbCqfe-9_Kii8bm2Y4ixYijS4648GjcrOc-7czCX7BMMTSKxG7iSgWQiMAnebT1nAA5sM-UPney28U__QIagBr48mbPttg5QJS7TCcwMN845GTPfZeYXd1-nhVVEf83nKcGMzoRIewg5_KOjc1A1phvcraPEo_i3TpkUvTh_sst-tf5bICZk3NYGHSdVqkangBAGABpyDt46vq_-3mgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_224EEJ4_nIIq_BbqrBXkX6my1gPQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
051b581511dacf32a993f681ddd02c67f3161b8fe080b4eb9bccdf3b02d5994b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=571154
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
13800
expires
Thu, 03 Mar 2022 17:27:30 GMT
img
pix.eu.criteo.net/img/ Frame 310F 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12719&q=80&r=0&u=https%3A%2F%2Fmedia.mey-edlich.de%2Fproducts%2Fmey-edlich%2Fimages%2F1441x1922%2FEC23_7450_FA.jpg&v=3&w=400&s=r94yHPWn9eOaqd49Ed0fmtxi&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhhDbwAKoG0Hg4bWAAfQCskRsyKG2fQvDftJeg&u=%7C9ELlD9KQb%2Fz0eg9Hwf4869hjPjpA4WHDFzG9Rq1eGnk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOkMar8-yfGc15w0edYqkXr7_ByuHu9tWhBBk4MbA_WwhwoTHvNBiNJmilko35kcnWz7L_GRrqkP-ad9cUcqpR80XxHnd2lxr6mtsnUFif5z6eaQagz6UmFprJdRWmxm832zpl6CnoummdmAGoIIlzzYd9xMuKFYE5oon1mmSgCqkDGpdHcW0NW97tqReK2gtkeOU1vzxruQ-CdEG4HeaUg3P-iFt96p8NBY-TMmFKuwza_yU4uHMxTxjTEQGiTzZh9EuutVNQ9U2DUHMtw8iJjcbao23mHggOpoA-zdIhkLSqrhhJpQy882iXQ4Oug_PEhCOy9DCsLnWgnYRIAjiqbV-IKaIitPaYSzu2fG3lWA2F34A5H1AObtUVewy9so0wT4X2_kvg5D6gxXkvs6IIU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbBT7b0MYYu3AKtaNjuwPiqCf0AzJntKxXIX-l_dwwI23ARABIABgleqOgpwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTSgAdW20uoDyAEJqQIavs0D58ayPuACAKgDAaoEowJP0CvX8tDN7VGQ0CB3X0XkWiYTLo6f4p_nJZRuNlRyTqROa0BbsjHnScie0QGcbEm2nCIjVN5mjn3QwfSZQVq070l_ZrUlgsrUjyOqmrBOpeqNkrS2hzMG6XSxvyTHf-vDiuihcZqJndxrkgJo2lW7djrY8BnEpQlkOTB4eMSOcGyytYS0stAX-TxvaR4PIbSwENpgbCqfe-9_Kii8bm2Y4ixYijS4648GjcrOc-7czCX7BMMTSKxG7iSgWQiMAnebT1nAA5sM-UPney28U__QIagBr48mbPttg5QJS7TCcwMN845GTPfZeYXd1-nhVVEf83nKcGMzoRIewg5_KOjc1A1phvcraPEo_i3TpkUvTh_sst-tf5bICZk3NYGHSdVqkangBAGABpyDt46vq_-3mgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_224EEJ4_nIIq_BbqrBXkX6my1gPQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
24bb4f60127410dd11384ecc39e888dc21974e7aa2e4596eade1d5e97ea008ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:15 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=31104000
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
7646
expires
Mon, 20 Feb 2023 02:48:16 GMT
all
csm.eu.criteo.net/ Frame 310F 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=dYOIWYjhpyfn17tedWts5dIYh_lm6pEdVw8KQL-iyVq6VY9EOVyjV0vOcVRD50BCDDnJN3ekbfv13LnP0i4S4mtQe_5g6GN4br_Le3NCVwDyb2Uo-QxG4K5_UZ_vwRTv_xrdW2Cs3q7eMiAMTaHVyWVsYrqBFPQtAuB4E1rTSkCBXyyRVE1k7RSubcRw4FrtOdAuaBB1lM7M2HKNYcOeqXpRkU41GC2drMBBb7b6vPWMgIKVVVkMISyh_RPyQKBYr-79Qw&sds=2&rev=unknown&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhhDbwAKoG0Hg4bWAAfQCskRsyKG2fQvDftJeg&u=%7C9ELlD9KQb%2Fz0eg9Hwf4869hjPjpA4WHDFzG9Rq1eGnk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOkMar8-yfGc15w0edYqkXr7_ByuHu9tWhBBk4MbA_WwhwoTHvNBiNJmilko35kcnWz7L_GRrqkP-ad9cUcqpR80XxHnd2lxr6mtsnUFif5z6eaQagz6UmFprJdRWmxm832zpl6CnoummdmAGoIIlzzYd9xMuKFYE5oon1mmSgCqkDGpdHcW0NW97tqReK2gtkeOU1vzxruQ-CdEG4HeaUg3P-iFt96p8NBY-TMmFKuwza_yU4uHMxTxjTEQGiTzZh9EuutVNQ9U2DUHMtw8iJjcbao23mHggOpoA-zdIhkLSqrhhJpQy882iXQ4Oug_PEhCOy9DCsLnWgnYRIAjiqbV-IKaIitPaYSzu2fG3lWA2F34A5H1AObtUVewy9so0wT4X2_kvg5D6gxXkvs6IIU&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCbBT7b0MYYu3AKtaNjuwPiqCf0AzJntKxXIX-l_dwwI23ARABIABgleqOgpwHggEXY2EtcHViLTM4MzE4OTQ1NTkwMTQ2MTSgAdW20uoDyAEJqQIavs0D58ayPuACAKgDAaoEowJP0CvX8tDN7VGQ0CB3X0XkWiYTLo6f4p_nJZRuNlRyTqROa0BbsjHnScie0QGcbEm2nCIjVN5mjn3QwfSZQVq070l_ZrUlgsrUjyOqmrBOpeqNkrS2hzMG6XSxvyTHf-vDiuihcZqJndxrkgJo2lW7djrY8BnEpQlkOTB4eMSOcGyytYS0stAX-TxvaR4PIbSwENpgbCqfe-9_Kii8bm2Y4ixYijS4648GjcrOc-7czCX7BMMTSKxG7iSgWQiMAnebT1nAA5sM-UPney28U__QIagBr48mbPttg5QJS7TCcwMN845GTPfZeYXd1-nhVVEf83nKcGMzoRIewg5_KOjc1A1phvcraPEo_i3TpkUvTh_sst-tf5bICZk3NYGHSdVqkangBAGABpyDt46vq_-3mgGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfIIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_224EEJ4_nIIq_BbqrBXkX6my1gPQ%26client%3Dca-pub-3831894559014614%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 25 Feb 2022 02:48:15 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 27EB 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1338021503599923470/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1338021503599923470/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 25 Feb 2022 02:48:16 GMT
roller-kw08-300x250.js
s0.2mdn.net/sadbundle/1338021503599923470/ Frame 27EB 		57 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1338021503599923470/roller-kw08-300x250.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/1338021503599923470/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
396466f4a6f3b156f779b3f29b4d91112933863cde9a5227b67685f3d27a157b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1338021503599923470/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 08:16:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
412294
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7601
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 16:24:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 20 Feb 2023 08:16:42 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DC5F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvt_MJfCptgK1N1VH4O5uQyxHtJAgKk1UyiTIHPzch4rujdITLu0AJbRAXnXs8RDwtRATtUF82dGZYrVGI0HjOkhiS0Ev4zcC2Yt-by4fqK3a6aa0x5cGZGnsdlvxkEsB62nYqXQ310aALZ_ZUo7XDk1d3tCm914f9u-7H3x38gJ1x-Yf21iKdhFWAoaZtmDsFsU7Wc70DK0WadRRQvWAoxnXxsxMqVZn6dxFGldtEYG1jHss6rTRHb9xV4pgndNCU4n3dFhpZb2zClTtkiXZva_oOZJ6Gtb-zrvnBNG2-PiEWLH97oG4ibt8-S4YgIG5H4xHUlPZN5U09mp5x27QAGTGnbKeAG-6LZeFXIXPg4pP61VYGD&sig=Cg0ArKJSzIPkK0fvJ-7_EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:48:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
wlp_gwjKBV1pqhv43IE.woff2
fonts.gstatic.com/s/cardo/v18/ Frame DC5F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cardo/v18/wlp_gwjKBV1pqhv43IE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cardo:400,700&lang=nl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1346360729e77380edf8f17fa421b76452289ae1b5f4be290b19c4d204e9587
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 19:59:45 GMT
x-content-type-options
nosniff
age
110911
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14880
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:30 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Feb 2023 19:59:45 GMT
wlpygwjKBV1pqhND-ZQW-WM.woff2
fonts.gstatic.com/s/cardo/v18/ Frame DC5F 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cardo/v18/wlpygwjKBV1pqhND-ZQW-WM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cardo:400,700&lang=nl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f94a0b25ed421e6643ca8ae21ccd63cf5630e8db8a3b64f63a669936d068c427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 20:00:01 GMT
x-content-type-options
nosniff
age
110895
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18852
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:58:33 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Feb 2023 20:00:01 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DC5F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuafuHo0aeQQ-k2DpikKY9TL_r4F3_X14Ua98KQhJ_58R3VLpuwBMX0qaXRrAS0sjHvL9te0mXL0-UyU8Ga7cD6zBa-ctDLLWB68098xYEJqh3y2a00QWkGDR_6fhQFOp4X2ZwVSn2AZhUJBFbNGOmhm3YgvpWoQq1F5DVvS10RQIIzZl4LwVX3V_AVCy2oGRy1IO2OYjx_z_PBqLpMBY9LhD8wIOQ6JM4tHlSkHvSIZihxQDHCpXskrCYDkOokWpnSnKO77tR_4fwbxRSpL4B0O9hZ7stwxRzU7Vq2WPqc3j3hhuuRSVwItA7FVjn9-VEiVRRi0zLHqxncszneh3v_1CZW7gOjD2iZz9VuIHrsytnkfLAJgO4&sig=Cg0ArKJSzLDEcv1zpdqyEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:48:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 25 Feb 2022 02:48:16 GMT
truncated
/ Frame DC5F 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
107c338e0891c48ba74d94dc3aec5897bec91892538eaa333a91d5aa9671512b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
main.gr.19.8.289.js
static.adsafeprotected.com/ Frame C4F6 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.289.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/931897/61009656/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b048e01655cdf47f739c288fc4195c26de3883db4ebc4368242fa38b0ca0062d

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:07:10 GMT
content-encoding
gzip
age
812467
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 15 Feb 2022 16:52:16 GMT
server
AmazonS3
etag
W/"e894d9dd87d5e06b21396e04a0c29127"
vary
Accept-Encoding
x-amz-version-id
QoliWv7Zm09sOtt_1ftKxG1EPIuNscaU
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
mRchwNCqJN21BOF-eH2VoyXiuUIS40vep1L-mDLpi5xpgL0ENT0hOA==
main.gr.19.8.289.js
static.adsafeprotected.com/ Frame 9B9C 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.289.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/931897/61009684/skeleton.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b048e01655cdf47f739c288fc4195c26de3883db4ebc4368242fa38b0ca0062d

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 17:07:10 GMT
content-encoding
gzip
age
812467
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 15 Feb 2022 16:52:16 GMT
server
AmazonS3
etag
W/"e894d9dd87d5e06b21396e04a0c29127"
vary
Accept-Encoding
x-amz-version-id
QoliWv7Zm09sOtt_1ftKxG1EPIuNscaU
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
-BPqD9yWP2jfFfC12xxlLiEMf9gtLN7iutt1aDwAyKqNzQkEoXXjuA==
SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js
pagead2.googlesyndication.com/bg/ Frame 5C2C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
484c9dc906528d1a062bb6bafbadaf374c145503a4c3de6826c967c642ddcff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 04:14:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
81209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13759
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Feb 2023 04:14:47 GMT
SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js
pagead2.googlesyndication.com/bg/ Frame D23C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
484c9dc906528d1a062bb6bafbadaf374c145503a4c3de6826c967c642ddcff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 04:14:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
81209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13759
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Feb 2023 04:14:47 GMT
css
fonts.googleapis.com/ Frame 310F 		5 KB
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
68b931411d1b32336caca78f0e52dc3a6f5d197c8d99d811dd5fae004f3a831a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 25 Feb 2022 02:28:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 25 Feb 2022 02:48:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 25 Feb 2022 02:48:16 GMT
SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js
pagead2.googlesyndication.com/bg/ Frame E4DD 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
484c9dc906528d1a062bb6bafbadaf374c145503a4c3de6826c967c642ddcff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 04:14:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
81209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13759
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Feb 2023 04:14:47 GMT
roller_kw08_300x600_atlas_1.png
s0.2mdn.net/sadbundle/6322940812012159067/images/ Frame 3CB3 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/6322940812012159067/images/roller_kw08_300x600_atlas_1.png
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc10e02f4c1daa00e6b2c098833c4cb62e147c160eb9466123644bd8728e9f85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/6322940812012159067/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 08:17:05 GMT
x-content-type-options
nosniff
age
412271
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100091
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 10:41:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 20 Feb 2023 08:17:05 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8E3E 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst_NPTBlefNUSUU6cUjfmUaarPX8xDBt0fFsLbQBDGnKZqlpOoVrHAonZFfqh8Ks7FsjOqYyOG5xhk8TzbXdZiSpUGnNhw2CveAZ8k3n1BHZwOZL_D802l2N_CQN0A2txnb7gnYBGP99UGJMPSnr7JsAk27Go-xhT_pz0RHso330wVE2UWBRXHYsbu8R5bMdfu8zh4Yyfl2X1hMtw0AH2fJgbAjLm3tdTohkztt0lFOonfewJRRJoEi5g5NV_NpmVMuODerstAfL1mrQc9R341AxKgGWZwwuHRRaIDnZFfScNjIoDYu2tmXE95Ipf3hwogiwhW6YrQJoeILTrTvEZTanES-koLnUIGYP7BYpLQd_Hy8gUOaefC7iSX-dv2FhMGdxKkjBZpNn0Xsu7IfNv-Yy4DFVXth5zTBBe9G8KFS3Jw5RNNRUWuJxr0IHnzU7aAJpc3TO8NC5ipOtGcW6SkfMrQuEVdFUlpFfNmrno0EWzlls_N_z9pfkKqPApjNpedrq4vlGwLRqsS4yFSlA6Zz8X8Nv25Vc59PmdLUBvBklX9D8gZrXTZDhANu5DA6KDJ3Ljiw7HX3kWzOQTcMN_q8xJ4JYX9NyrMWDlDaHdvDLogwlWwJ8oafG3FfBVjlY340ieqoOBIr3RimE_6HqVqVRkfXYo1i8I8O7UL2rXDiVk6giJ9MnAYqfGQWIWUgGKvKePD4ANpm1qaVVZTSNR9n1Bcb5c4rGgnQJ7BoNgYcE2remt2VvthJxE3ZhnixVtQtexDzcUtFBRFnprrIZZcMnNjY4YEWbVYXm40aEF204ZOGtqsu4lmgkf5yIw9OcqRh6Hs9R98l-L6P2SPjeC-seenZqrQNkBYkrT-oUDAcIGnwyhqnUu2x9wKiAPULKSs3hwWlSXR2en1l9r3qNKre31Ayk5_KM2ALk2-uu5yCM7lY6BqVGHvz0JVY7DHFhq3KCwdvgn6s3LA8EN52E_IM4AMLJallSQOknirkYqv_Vv9Ax8f5W5Ja3WLUCwQ8dbYS-aGz3OGLI6Tzuzd2wML7NJZInqBvj9-ILXWYGHDyO61cprJSlHGTDZCLhWCthCpiwT-Jq33aPUd_pforPZPwW6obnyifYZCgcZEK-BIswz-3zQHcopBDbX7i9iYL1JljMBExoFkMboTU0n-Hg-bEiNkV6ZVzgSdmODWSUT8xtJrsX1tAVbrl05TWvnf6MVHgBDjpjWDUpwlshAUGUoYXFWlgFKJZ7YPQ&sai=AMfl-YQAK_o0cUK8BHvO5cntZ83vHXKwoUMDhDZdO235lC7wj4tajOvS5W5307OQl43-VuRZxV-eM7yDA0sw3rOaFc0v-xIJyYwbLrpJCfhG2ooQIaM9nk1EpsskCqzm9J_IeXEEiwCmfKEObNoow3OTPa1Wb60g_uBO7h5PBNk&sig=Cg0ArKJSzMVpSmLkU6GeEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=501&vt=11&dtpt=280&dett=3&cstd=219&cisv=r20220223.75406&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:48:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
roller_kw08_300x250_atlas_1.png
s0.2mdn.net/sadbundle/1338021503599923470/images/ Frame 27EB 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/1338021503599923470/images/roller_kw08_300x250_atlas_1.png
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
421558717c78d73a75b61bfa6102202f99ca2a2d12952515e08e69efa36f1e77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://s0.2mdn.net/sadbundle/1338021503599923470/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 08:16:42 GMT
x-content-type-options
nosniff
age
412294
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100101
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 16:24:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 20 Feb 2023 08:16:42 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 8600 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssoMrNrnCGlm8RkNKbP59P3gNSTtzMphpC8rZQKTC3RKbqYwb0wW1y3BoTLFz9xTuqhOz19BX8KrstVr1tDUsvnxRGCWwl02fo8yfrFWo0oWxG2qLroig88RqK45j4am2iijuYMgVwR-DEAgJd06pDIeD7_DJ79uhVbg3z4dyQ8XJ5f8FYMi_niJv-5lUEuZiQKAHpwhJ_aeljqvp0zCnU5bGD7vrDI6wX_GyKG8eGy3bts347sqv_Xldfz4c_1BaEDFuUr9HCmDS8EB-lP6r7Sk4z2EqX9GposrfA_lbwO8ZUD1ZWpFoZ2KgIjRr6a1eTlD0peNAnDAU3uCdn-Ll_piKetkzdGxRofJwkGGtRyzveEkORva038QslxrSEL-1fgU78pyg-_mycGszwQilJ4WM03w0IszKHtb2aBFwnUlePj2M6vG1j-hRolwhukEOEQG0Juhph3tF__GZNO4mpKhKg545pgG8pJZVxBQGoj2JrPWg8TDXih1mNznwGNEp5UKFsXaO4f023lZbuXtEa2X50AxvQ2cTPJdXeKMo0Zn0jQsaob-mBrYoTF0hXkAruRr7Zh_wIrDnkTUCB0pZN2h4cUz07Mbl9p4jBi5gOsNgSsZwrnvPnHPdUGdsrFA9mzxlZd6Fm8mbDVniuih3vy46IjI6LjOyHjcEMciCwwmp9d0FYFNAbfbpERddk08176AL9MORgeTxQ5ZgpL6D6jpjuwIro0VzCb_vgbFNMH3LljxWQLnXgOg5CrILkjbOl0QiqnKfN9f12twzqCn51HFSQ_IrZphFTONBxiLFVdm6pYk5Uy-MkpUNMKYJXC1egrqSeRzezDQGEkmk_KxN-mgdri74yqGEemZMTnuDu1AYn4y98hkU5KE5PMq2fbTtTYuUF6XQlQchN3CMbbdiy2MqVjoWMgpbq0YQCZzFkU0EcL8cZY5Yod7TTimdeK1_ZfEB1IkinKLQ9HNFAsXuWkqVMVkDCYd0ZE6KKwCxM36d5qNfPfKc4G-VqJVZskF6s3e3vjD_QGIIpm3BaAw7PQu0i-wp4nJO4a5gfwvkWxHmUCBo2Bk_5fMifGov2QIpJyFsSq5DqTODEESN2M3-Gh5zJ6vmCaXkcKRFd8lJ50QWu6OW0yXbrmlMs7TzVad9ZiLPdrmaMbGpq9JNF8LgALQHnbW6Plq4bVMzntNzJR-igUUU6s4Uyuj_3dhQAt5ktiTGRcEDclWiC6MuXbzetbV2S3lJK1HoDnRJWYsoA_vQdNaZb9E7i14w&sai=AMfl-YS6lNLilILcVbSJI4V_mCJdEw_TA6O08fM9ZoC8Niry3pIrSwXNH7NdELO-VaQQqHn8FEtDjw6FLS9rmhxjEMmMeYIBzEQvPdaQRzcIpaOHp61RLaOLEbBq7f41MgXM91BforPnkbw9lDyLwQquslkME4-zN8D-Ot3fLqo&sig=Cg0ArKJSzF_67uExEhtCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=486&vt=11&dtpt=264&dett=3&cstd=221&cisv=r20220223.30955&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:48:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3A2A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGjyDXgE8NDuVLGCbqe8A-Q&google_cver=1&google_push=AYg5qPJbxPx_9QjGhLiljO5Ep261vvwxTSFvVhYCJHV63DUdto6zKgBGho5pDzVE_VQ_fZYDC3nXquC_56b35VW4XUAVLkuSmww
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzI3MjQ3OTU1NzMyNjg5MDcxMg==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOVdrquPChWcPeZhOUChgCI&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOVdrquPChWcPeZhOUChgCI&google_cver=1
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOVdrquPChWcPeZhOUChgCI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 3A2A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEETC5-y-L0bHvsIjW86xBTc&google_cver=1&google_push=AYg5qPKBEV6hSfcRzwxS8ueMjaP8ws7YVGm_8tuJCTa7yNY2MktsRtLYo-JECMZRGmSiDzm3EeU1q22fa8X9Isg5yW1E7ArefaE&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEETC5-y-L0bHvsIjW86xBTc&google_cver=1&google_push=AYg5qPKBEV6hSfcRzwxS8ueMjaP8ws7YVGm_8tuJCTa7yNY2MktsRtLYo-JECMZRGmSiDzm3EeU1q22fa8X9Isg5yW1E7ArefaE...
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEETC5-y-L0bHvsIjW86xBTc&google_cver=1&google_push=AYg5qPKBEV6hSfcRzwxS8ueMjaP8ws7YVGm_8tuJCTa7yNY2MktsRtLYo-JECMZRGmSiDzm3EeU1q22fa8X9Isg5yW1E7ArefaE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKBEV6hSfcRzwxS8ueMjaP8ws7YVGm_8tuJCTa7yNY2MktsRtLYo-JECMZRGmSiDzm3EeU1q22fa8X9Isg5yW1E7ArefaE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6e2d9d210fff6913-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
2987
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6e2d9d1f5e4d6913-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEETC5-y-L0bHvsIjW86xBTc&google_cver=1&google_push=AYg5qPKBEV6hSfcRzwxS8ueMjaP8ws7YVGm_8tuJCTa7yNY2MktsRtLYo-JECMZRGmSiDzm3EeU1q22fa8X9Isg5yW1E7ArefaE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKBEV6hSfcRzwxS8ueMjaP8ws7YVGm_8tuJCTa7yNY2MktsRtLYo-JECMZRGmSiDzm3EeU1q22fa8X9Isg5yW1E7ArefaE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3A2A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENhw7HxOspsHVlSgpwLhhQA&google_push=AYg5qPLtWJ3WBtYUXhJjIM-iN141rOwNuZcOf9vQ4OX9jAbZsYahbP52cP...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENhw7HxOspsHVlSgpwLhhQA&google_push=AYg5qPLtWJ3WBtYUXhJjIM-iN141rOwNuZcOf9vQ4OX9jAbZsYahbP52cPrk8n-cimWj9fYL2yNcV2KKdKt1Oemn5npGzWOrUrY
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1645757297.525488,VS0,VE87
x-served-by
cache-ams21040-AMS
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENhw7HxOspsHVlSgpwLhhQA&google_push=AYg5qPLtWJ3WBtYUXhJjIM-iN141rOwNuZcOf9vQ4OX9jAbZsYahbP52cPrk8n-cimWj9fYL2yNcV2KKdKt1Oemn5npGzWOrUrY
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 3A2A
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEJcG4ZtkFqG0NKv4ZsN7FuI&google_cver=1&google_push=AYg5qPIbfFTXsKbz_0LplHRyJT4ZR0pW7kOUb9Ju9ayp-it46OXQd4NZnGKwDgVErG-Y1QXvmwRHleGvjkRGL-rJJAAObQApfic
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzA5NEM3N0RGMTQ4N0I1NA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzA5NEM3N0RGMTQ4N0I1NA==
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzA5NEM3N0RGMTQ4N0I1NA==
date
Fri, 25 Feb 2022 02:48:16 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 3A2A
Redirect Chain
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESENPkFDaJ10fnKVy2hnlGbuI&google_cver=1&google_push=AYg5qPIsADk1nvCfRea6SLClDzFp_LzSLi1I69zp49ptyT8hiArrs-ShfO8lKFmsjx1J6...
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPIsADk1nvCfRea6SLClDzFp_LzSLi1I69zp49ptyT8hiArrs-ShfO8lKFmsjx1J6rpXntOA4j79LQoT3vAJq1cwThVrqAs&google_hm=QTc1T3IxRGlmd0RXNm84eHV0Y...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPIsADk1nvCfRea6SLClDzFp_LzSLi1I69zp49ptyT8hiArrs-ShfO8lKFmsjx1J6rpXntOA4j79LQoT3vAJq1cwThVrqAs&google_hm=QTc1T3IxRGlmd0RXNm84eHV0Yk1jTkE=
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPIsADk1nvCfRea6SLClDzFp_LzSLi1I69zp49ptyT8hiArrs-ShfO8lKFmsjx1J6rpXntOA4j79LQoT3vAJq1cwThVrqAs&google_hm=QTc1T3IxRGlmd0RXNm84eHV0Yk1jTkE=
Date
Fri, 25 Feb 2022 02:48:16 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
pixel
cm.g.doubleclick.net/ Frame 3A2A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESELNwiuXhpxzhEdP5BWVgmT0&google_cver=1&google_push=AYg5qPLSgPlokKTHik5M6HbJISF4uhT3YkFdxFZQ8boYKSzG694j3FMSbYd92GDchH6_Mye2V84wZFocXzyLl9m...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=fitiZTs0QlFbLb9Mi4ZA6F_Tx5E&google_push=AYg5qPLSgPlokKTHik5M6HbJISF4uhT3YkFdxFZQ8boYKSzG694j3FMSbYd92GDchH6_Mye2V84wZFocXzyLl9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=fitiZTs0QlFbLb9Mi4ZA6F_Tx5E&google_push=AYg5qPLSgPlokKTHik5M6HbJISF4uhT3YkFdxFZQ8boYKSzG694j3FMSbYd92GDchH6_Mye2V84wZFocXzyLl9mruZ-EBvcFRbE
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=fitiZTs0QlFbLb9Mi4ZA6F_Tx5E&google_push=AYg5qPLSgPlokKTHik5M6HbJISF4uhT3YkFdxFZQ8boYKSzG694j3FMSbYd92GDchH6_Mye2V84wZFocXzyLl9mruZ-EBvcFRbE
Date
Fri, 25 Feb 2022 02:48:16 GMT
Connection
keep-alive
Content-Length
241
Content-Type
text/html; charset=utf-8
gob
sync.inmobi.com/ Frame 3A2A 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 3A2A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jjj55ADzr2TfRmTscAhAFRZReDIUFjjb5udKHr593ni_oYc4Jds69IgBAb0yw_ghTnJjmjFQ
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:16 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js
pagead2.googlesyndication.com/bg/ Frame D26B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
484c9dc906528d1a062bb6bafbadaf374c145503a4c3de6826c967c642ddcff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 04:14:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
81209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13759
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Feb 2023 04:14:47 GMT
SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js
pagead2.googlesyndication.com/bg/ Frame 755B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
484c9dc906528d1a062bb6bafbadaf374c145503a4c3de6826c967c642ddcff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 04:14:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
81209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13759
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Feb 2023 04:14:47 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ Frame 310F 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 18 Feb 2022 09:58:52 GMT
x-content-type-options
nosniff
age
578964
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 18 Feb 2023 09:58:52 GMT
request_content.php
hal900027.redintelligence.net/ Frame 35C5 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900027.redintelligence.net/request_content.php?s=59150400009604200757585011881027&a=d115444c
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request.php?zone=t43ocmuaiycq&nw=20&renderingType=javascript&namespace=25497c379c&subid=&uid=b1bac9c3e55f0f9c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DChC7hb0MYYrm-I4Hu3wOf8KDwCd2t6KhgqNy3x7kK8C4QASCVm8ohYJXqjoKcB8gBCakCVm4sPcnIsj6oAwGqBO8BT9BfQxZj9AsPLFzRIG6kIYFPYCClE5deBKBaBcWBNSaMyHbU6GrnVlsxEfw_My3l6A9DPoFxVt4jeonLjHmhFSMvpCkbiaHModyDDgj8QD9Ilqra_qpO-yUhogv9G_TK8IbZd643gMUCyjZoH9aG6IhUPHgRdHH8Rr2-P-Ma-lq7BknuNKlmgTytfto3GEqB-vbRgcxMV8srEbcBOXAsubxkdepw02Nhjn3VDouTVZrk9yzZAJAjwWNFuOjNqHScY32r0dBNA3UO8akMtHynZtXz2LuI5By_vfPU6NTF5QS4ilZzgcezqH-u_P6xN8DABM6Ou7GWAuAEA5AGAaAGTYAH6-foXqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTkzODU2NTgyMjAzNDY4MIAKA5gLAcgLAYAMAbATms3oDdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRotu0-NxBjPVcV8oSzVR8rZrKLTA%26sig%3DAOD64_09Zdr7eyjcGC9GtksUu6QhHCgX0Q%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-Dn03Ka2P2tfEiyzKMqd-C4XZ5VNii4wrieATPYZThawjolaH5LXhvRSgarWHGHEqGQS32xD33_VXM8Se4Tr2q0_zZ1lkcD2VRDQOv4q8fITvf8gfma6VtHh7ECwot6iypS6I_bEKyLjmtEUsBjNIEIw0iQwA%26cry%3D1%26dbm_d%3DAKAmf-C8lzo9G9xT9_sNxjNBZC9-tQv5MQ4YpdR9Fncn5SD3YnIm5RqoEJWQQ-I6cIJBDnXcPIVZo2ph8xNEcxVrksK8QS6sr1JhGLRe8w0FFmhguc7Kfp9L7LqMzXjJnK3cej6IfNbgadNshcMxErLqhCgstlizdFtdwNWlMib_gIuPfTCuwFUQ07HQvnX2LDsx0xdQS2MkPnCsXljYNFa_mq16Tfp6mduYTs60nZiLf4oBhTzGvp-TL9v0MdRSZSfH4G-i6h6vD07UDODwTNmEam0D5bsX4xzH6ax1fu_CGeNMJLKNnfEVxxA6Cin8_VLiFa6hu9fBH5Vvqg7w--WlWSp6Um33gdej_Ccn2Yn0V4lJkdOR_7HdPUwN-NZIbjXC2MixR2LDTyFwzfi0IQXccoLjH-J6ZICBjVH4T9M-gr6mnMAl4GAGZGHffICSFMGhlfOgxNGV%26adurl%3D&documentReferer=https%3A%2F%2Fc79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Fc79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fwww.hawtcelebs.com&random=4963609132300&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
4f7b301bc78717404c91000f14bf0173518d3727878f41a7028ba79ec93bbb2a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/

Response headers

Date
Fri, 25 Feb 2022 02:48:16 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Fri, 25 Feb 2022 02:48:16 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1527
Connection
close
Content-Type
text/html; charset=utf-8
truncated
/ Frame 33F2 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e56dfed176d4ebd61853de843789e0b9de308d33510a1d192ad1266ca2fb0ce

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
skeleton.js
static.adsafeprotected.com/ Frame C4F6
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/931897/61009656/skeleton.js?adsafe_url=https%3A%2F%2Fwww.hawtcelebs.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fc79a1e0e19bd29b6e5d17d81a2604f51.safeframe.go...
  • https://static.adsafeprotected.com/skeleton.js
17 B
462 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Server
2600:9000:2156:2800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
age
823813
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
1Fgh8lo0iEfJp0FPVK-JNJLP0oCDzuhchxCS4CX_Hqhi27qdjNpcWA==

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
x-server-name
app06.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 38D2 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
content-encoding
gzip
age
823813
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
b77oUP0_3qDxMlVjTy1ox-nDyQb21eu8F3338IwKBoBe6c9d7tivtg==
skeleton.js
static.adsafeprotected.com/ Frame 9B9C
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/931897/61009684/skeleton.js?adsafe_url=https%3A%2F%2Fwww.hawtcelebs.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.hawtcelebs.com%2F&adsafe_type=c&adsafe_url=h...
  • https://static.adsafeprotected.com/skeleton.js
17 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:2156:2800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
age
823813
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
1jpgOeCrszckZJjhfP4kXtM3TqLM4Ot0o0601zyC0R_aiyXTJ-GTRA==

Redirect headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:16 GMT
x-server-name
app09.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 397A 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
content-encoding
gzip
age
823813
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
FRA50-C1
content-type
application/javascript
x-amz-cf-id
zQ6NaEbtm1AE-Nyj0Mc_agXLOjkE0D7wEE7zwYTfP_DoORm4dz3OBg==
dt
dt.adsafeprotected.com/ Frame C4F6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=931897&asId=2ba9820c-ddce-1dcd-3320-8da4932c8952&tv=%7Bc:5chgVx,pingTime:-3,time:419,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:339%7D,%7Bpiv:0,vs:o,r:l,t:418%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:419,n:418,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:338,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B91~1,1~0%5D,as:%5B92~160.600%5D%7D%7D,%7Bsl:o,t:418,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYpTTAU+11%7C12%7C131%7C1321%7C133%7C141%7C1421%7C143%7C1511%7C15121%7C1513%7C16*.931897-61009656%7C161%7C1621%7C171%7C172%7C1811%7C18121%7C1813%7C19,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.29.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-29-211.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:17 GMT
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame C4F6 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=931897&asId=2ba9820c-ddce-1dcd-3320-8da4932c8952&tv=%7Bc:5chgVy,pingTime:-6,time:420,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:420,n:418,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:338,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B91~1,1~0%5D,as:%5B92~160.600%5D%7D%7D,%7Bsl:o,t:418,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYpTTAU+11%7C12%7C131%7C1321%7C133%7C141%7C1421%7C143%7C1511%7C15121%7C1513%7C16*.931897-61009656%7C161%7C1621%7C171%7C172%7C1811%7C18121%7C1813%7C19,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs%7D&tpiLookup=ao:www.hawtcelebs.com*&br=c
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.29.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-29-211.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:17 GMT
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 9B9C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=931897&asId=2ab3c509-3cc4-9695-ae7e-362c1d75c34f&tv=%7Bc:5chgVL,pingTime:-3,time:428,type:v,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:352%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:428,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:352,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B82~0%5D,as:%5B82~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYpTTAU+11%7C12%7C131%7C1321%7C133%7C141%7C1421%7C143%7C1511%7C15121%7C1513%7C16.931897-61009656%7C161%7C1621%7C163%7C171%7C172%7C181*.931897-61009684%7C1811%7C18121%7C1813%7C19,idMap:181*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.29.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-29-211.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:17 GMT
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 9B9C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=931897&asId=2ab3c509-3cc4-9695-ae7e-362c1d75c34f&tv=%7Bc:5chgVO,pingTime:-6,time:431,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:431,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:352,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B84~0%5D,as:%5B84~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYpTTAU+11%7C12%7C131%7C1321%7C133%7C141%7C1421%7C143%7C1511%7C15121%7C1513%7C16.931897-61009656%7C161%7C1621%7C163%7C171%7C172%7C181*.931897-61009684%7C1811%7C18121%7C1813%7C19,idMap:181*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:www.hawtcelebs.com*%2Cc79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com*&br=c
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.29.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-29-211.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:17 GMT
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame C4F6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=931897&asId=2ba9820c-ddce-1dcd-3320-8da4932c8952&tv=%7Bc:5chgWl,pingTime:-2,time:469,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:299,bdZ:451,beA:572,beZ:573,mfA:897,cmA:898,inA:898,inZ:901,prA:901,prZ:907,si:912,poA:912,poZ:923,cmZ:923,mfZ:923,loA:992,loZ:994,ltA:1042,ltZ:1042%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:160.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:339%7D,%7Bpiv:0,vs:o,r:l,t:418%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:470,n:418,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:338,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B91~1,1~0%5D,as:%5B92~160.600%5D%7D%7D,%7Bsl:o,t:418,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B51~0%5D,as:%5B51~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYpTTAU+11%7C12%7C131%7C1321%7C133%7C141%7C1421%7C143%7C1511%7C15121%7C1513%7C16*.931897-61009656%7C161%7C1621%7C171%7C172%7C181.931897-61009684%7C1811%7C18121%7C1813%7C19,idMap:16*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:129,readyFired:true%7D&br=c
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.29.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-29-211.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:17 GMT
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame C4F6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=931897&asId=2ba9820c-ddce-1dcd-3320-8da4932c8952&tv=%7Bc:5chgWo,pingTime:0,time:472,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:339%7D,%7Bpiv:0,vs:o,r:l,t:418%7D,%7Bpiv:100,vs:i,r:,t:471%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1,o:471,n:418,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:338,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B91~1,1~0%5D,as:%5B92~160.600%5D%7D%7D,%7Bsl:o,t:418,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B52~0%5D,as:%5B52~160.600%5D%7D%7D,%7Bsl:i,t:471,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~160.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYpTTAU+11%7C12%7C131%7C1321%7C133%7C141%7C1421%7C143%7C1511%7C15121%7C1513%7C16*.931897-61009656%7C161%7C1621%7C171%7C172%7C181.931897-61009684%7C1811%7C18121%7C1813%7C19,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.29.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-29-211.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:17 GMT
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 9B9C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=931897&asId=2ab3c509-3cc4-9695-ae7e-362c1d75c34f&tv=%7Bc:5chgWp,pingTime:-2,time:468,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:126,bdZ:267,beA:393,beZ:395,mfA:740,cmA:741,inA:741,inZ:741,prA:741,prZ:744,si:746,poA:747,poZ:752,cmZ:752,mfZ:752,loA:824,loZ:825,ltA:862,ltZ:862%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:320.480,dom:img%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r.h,w:0,h:0,t:352%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:468,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:352,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B121~0%5D,as:%5B121~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYpTTAU+11%7C12%7C131%7C1321%7C133%7C141%7C1421%7C143%7C1511%7C15121%7C1513%7C16.931897-61009656%7C161%7C1621%7C163%7C171%7C172%7C181*.931897-61009684%7C1811%7C18121%7C1813%7C19,idMap:181*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,sinceFw:115,readyFired:true%7D&br=c
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.29.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-29-211.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:17 GMT
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
728x90_OMAC_2016_Launch%20(4).jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame 35C5 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/advertiser/32995/creativesup/728x90_OMAC_2016_Launch%20(4).jpg
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=59150400009604200757585011881027&a=d115444c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.69.161 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.161.69.99.88.clients.your-server.de
Software
nginx /
Resource Hash
e8ec2a4d84f51a4860526181c3822b954b3a134dc14446ba753b37708470171d

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://hal900027.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:48:17 GMT
Last-Modified
Mon, 20 Jun 2016 09:28:47 GMT
Server
nginx
ETag
"5767b74f-af88"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
44936
viewability
hal900027.redintelligence.net/ Frame 35C5 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900027.redintelligence.net/viewability?s=59150400009604200757585011881027&a=3c4ff5ba&vb=m
Requested by
Host: hal900027.redintelligence.net
URL: https://hal900027.redintelligence.net/request_content.php?s=59150400009604200757585011881027&a=d115444c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.106.111.46.78.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://hal900027.redintelligence.net/request_content.php?s=59150400009604200757585011881027&a=d115444c
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:48:17 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 35C5 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5C2C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbQpeb0MYYpj0NsjO7_UP3Naw4A0AAAAAOAHgBAI&bg=!QkGlQQXNAAas2QJZrNk7ACkAdvg8WlRv-f_gGeljCheFz3pKzstkqIDPOZlW4EzKyb0JEyo0_vOGVAIAAAHeUgAAAAJoAQeZA23ZfHC90woPo9_tOr7KVrB9aHKJ_S_l2FWjB0rDJ46F3GdqOH4DPP7VuRw-l_tKZOSf9F8ip9i-cH7Ble5IRTgZvAq924AdFvT6_KvDks82kANycwekSE9aN7jZfZgLrvHXVgiL2Yf7L9qJcPYXxWKw_HxWMGKdLhU56gOU9SACleTgxy-9q7mF9V-kijFl3rD5-OvTjTGn3h3u7t3frEP4--L9cf7g-UmhPENGs-lGAGpP2Q6Vo3ir0PQhawY4oLr98oEWa1H7OFpoOHNF8orHsenxu2c7K-VQ0V7ec8MqXNn_fNCCPlVYXP7WVLB-fyjE5ZsOyRTpY4UiNN1aBwXBlyhEEHS4V8e29rWCZqBho5cIMlFI1Wtp3I2_5EHCscyBV1zt_UAvb6BPlMWUs6wo05rbP1hv0OPhyjnLvGxQBlnscqAuwyLcIHceIK9hpXWVw95HD5KfjoMDcn7SpsxKM7K9gqcDPBf1zxGJYzGW8KO4Tnk21rXrqgZNhO3MtNflyJMaAoSb0p4XowSb2gvBuHK_ztxGzyNiEvDqdoIOYk_g_yUA7WXG683U8hpIOTYtroI_0jhtz2Ej3yB_aTv0EWqu-93L8_IzxwgbgYqvjqHzKGCjmMFRKzCDyjTlNmXwNfpjUIH_UtRdIYZx0rQt2YBs__ffOcMjlV4bZ7a-YRQdZV6iaQSzAThuO3uSDOIrKgQgUJkV30HQWVy5iJ87Ur-PbnbztKxhvhHBWEKViMawdBdLwzylJsgEQzZ28GqaxPuwmKn9MrAVSd_-p1QSfywnjxMx2KoZ4fk6V3O1BSc4IiwZuv0ktMGpDphTm56-ZGpdEcg75gjaxGu90YbbFm9WyLfPnll0HSH0QucsUw0GXr6gW0RzbTKD8i9o63Pcg6F9booIK4_mm3CTyRd9IBKuAKU_3OPAR0r_2t3mBr5dzmGVMiEl_A0SflkN5O7TWwbGQLy3TYgp2t7yzfqXikpk2uhGDfh97qYpLwrJ1kuwOiQ6jKbH81O5fQ6C3mXnTAjEgqof31RWa5XjaR5HkrPAENdBvC5pzU2ImfHVA_U8aklRhXvDdIic12YIFHFWAsNgBxS_MbgkMVvantQstR7kXT2qvhf8Ne2BifuTh4Y77ME44f9h8KHvh6RLno91GbAGbb1fyQhAyCWa
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D23C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1dlFb0MYYo7AMoGRrATdqJKgBgAAAAA4AeAEAg&bg=!o6CloOTNAAas2QJZrNk7ACkAdvg8Wg7MWQGU_zRaPtijBxHxJW-6TYMnITWi1xPtaODyTRt6yd-oKQIAAAHaUgAAAAJoAQcKACjbQT_Y3Xc2hRuqex7LHtoLT8smko2DZc9RhHGSJOFq6sZG_JpDt12dmQNLxc8quA3f-p0MvhfwfbgYKzkvvg3BpU8emI5qvVnbiYrZ7v_297Idwk_LfclFa4HjFQSZd3sPAorNaO3gkSNm-lb1lrHGnQvY0pSFR1_WI5H0ISeKQ9qhXS1Z0D8goxTOIwp3_6p5U2D56VnjSD1rSuSg9HVOOJlomh1bseDx2CxWdlMUbpK7G8QZMxybaGyzC3UCz0fAE7gLQTluIXwR4EyUD1ZT-cQ_UeCG51og6Scbr7Q7RPY8b-U3GQjQ4WbGKnvQIuCk4n-PRPV1sNCwrDeIFZWSS4P8wjERCKjB2-TVtSuqU0Gp85U9PhAYkBdKtLXvzfbouKvBc4IopgZI0lf1xK7xFoWH6gfnSzAacsaDzloTbdfEtRTVBk1OCPozevgTcPSb9EqkxQUPROWAOWTgS8ceo-sedv_1qZLy9BAdu1RdgspzFxVA4WxhBNlITOy98EdF-xyhq_A2nFrw-h3Y8TpsIO1lgh_ZI_7qTRI6FmPw4FYuK1BYK1E2adrf1s0OmhOc5YZJbh6hXrpvH7yX-t_nDjAmVzi2JBRRN8OtZRo9WpKm2WtD4pvBm7iy1_vWd0JwuX7Yuir3qjZ0mvkS5rKSoKCluvO7LRY21vlOTIi4bVd2brAsNGCgra4-qP5e3OnBJYdvdssroa3PL_qXJ23E5E8gfFXcUAybqAQl0DHbEph0c8heK6DwiiwtNyeHawTleGiJaCaFHhwYXrXcQ6RXtCBYQcBHOjOJiS3DL286Oq6pjZ2Y6XcircOs49cRd8VqlKqtn3JaXWjieYf9VqjZ_pV8AkqbwgZPldq2lHxaACwNUMVzu_qi00nfvETSD8uEPZUDW1KJri1M7BWab9fu6mLiFKzGYy7YLDKuX0LvDrK1ZfxUkCHPeBZ891xjE3pfdwR0S-FFytvGGo9dL80X118t8egVhOeVDNcTSVCLnlkHL4RF3mgcUoRdlBRDUqMk7DXDdZR1y_LjHIeX11zf0Fod7LrRbfw22hh_CTNhEmzC88SGKwZrS66CidzaCoz7KD9e6i8C4gs7dF-ehUSrdRF_GTLdnSXJbi6jhnjdu4W-IQecTfoLTcho9n3hU0SCpE4GwF9j5XoFCKIYXq35GsqCTETX
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D26B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B62y8cEMYYtx20OqAB67eh8gBAAAAADgB4AQC&bg=!xMelx4PNAAas2QJZrNk7ACkAdvg8WgynbIww8kfoa845H4YRlkS0mQwhcTUMOVD2jkH_u3bLqf68xQIAAAF_UgAAAAJoAQeZAz_tvMyDkzPiQtwubi9GzU0kFi0YtqLFKk7_7sarq5BXlBS2NEWh9Rh-VHL8F7NtLlmevuWXV6qVW408mWsJvJGk8bpo7UCFEVD95mwJKZaLJ8uOigc7vehkjNn5SdTO-dlEtrmntkJaO4VRavSFUx9J5wT80IVQXoeWGvt51wbrK46ZgvXkYbOecU_oi11h6xT0bDJq6quHAjlYehAO60ZnV6kSdk_hINuoZla1HDGM98JoFiOu54DY0s1ZsUGE7b-3mQymIxqVCmUcTB_SpuKnQQA06noCMZIu-CSiJ0Ei20Iv_ByS9Zpn1_vweZ8R4LFxdgvUKQ-6ND_u8h-I1qfieUJDVy1ZrCvfH9ksjO4VNkY5rIpKiYVgbQFLkhgc8MV06qKpF8ZHTJtN-Marwqa3B1mx9YXTQ5r_MUaulkb8HfDPy8AFkSgCqDETsLhMmWZ3oTwct9dozQDNqgq1EzdzXlKpR--Nvv5BXQqmORVlK9YQrgcUTaYm4Dr7-jpfvPfNblo65knZFp81kj3vGP_NC9XpwMDgMUSoQsbLydaL2w6U7wLWTdHVdosX_xqas0tc3q9s3CaZz6gpY_W-mvoucNOhIW6bSfDAlah08g_b4n155EqFLmHv1-zWJdwmKYCexSu-m2T-gvcPKNjKaUggUw13SvZcxAiXoJxbl5P3sTv5kfJXEckO1W5Yemb5W-IBVfbZt4UHKGcKd_xklmc0s15h8YenaUO2ZJFWsvhah7hZsK_Y_jwxb-627K2ufezF0rVT23xjT3tqklNn8b2kpvxkFJ5zrsNDF-APGn6dJ9zISf99Wovppxs_bg6jPk0SoL8o_tXM8NrctTi3wfbvleuQbi-WHQAkeLNN244JK-hmy_7_4lFhymjBG6iF5OOj-enDlMhgyqEoEyqBdhjuoZPH6HI-O1XDb0FhgpU2ZwmggSHDKxqDnxw50DCdxjwLXt1YHVmpSF1yog9ZG70JdGY5AJ8RP0fK5rvqNuYjHnmzAjjvr3iFM1lSPuzGWB-IhvNeI3Dn71PMq6Iib4GUNmUNxNgED7XqgqGfH53PLkb0kMLF4rJH28S_0LggDFnv2__0LbM1ny5nZjQHy6A
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 755B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Ba01CcEMYYobaA9OR7_UP-JCViAkAAAAAOAHgBAI&bg=!ZGelZyPNAAas2QJZrNk7ACkAdvg8Wi_yduqNOeEhEpgmhj0Ss31v_5wJedWzQvkc7UpLxMr5QpmPRQIAAAGIUgAAAAJoAQeZA4esZHfBHXRd4DCmdQyq3DS0F8RfUHQNpJoAVQ729mHEn23XEfa89jciAuFVGSbWi3HIVslC03G_GOyrV9GHLEQ39OuyMn5zm40EMY7Cl3L-Ncs339PmfQD4xJihO6nyOS8FrqXiJiCpMSofccCdG0UYQfO4OKx6znn-YJTkh27yFLNvrgQ7SHKH0lWZ9Q0xEu-LITpq4JWB9uOZO3ALzm8qz8OybwcCohhZoPm85hBrQGznFi-kb6C_SIQt14JII2dzTrt4LsuquSr9t-OgBIU4oMi1oPMT18tyRw1Q1e3YanhoKHGpCQdaJMvMbMbz3FXx0hOH0ym2ajgAGtvG4rzAn3ZhwZsBMtas6FP9nWE8HCQLL1SivKDtAcnSLNQ7fWn-amB39qqmW3p4XrGoyRnsUJoNVnrad79l7lIxh-wpsgxPdL2-2bL3F9uYBcPwCVreTBFXLY1u8yVP3xJ9afHhMYuVTs0ZxSjM-KuXAQIJPqaAplN3kslOwm4oyZquZu5W1cU-39KcGcMSLetlHIWf0eiGxDZMIOCJL4t9BkfUVecjcjHDS0jukg6RI385gPFJ7A0j_pAxIii_DeFV2quvcbcRwIdiHMv_M52zD4P5Tgpcpbo_Jf33wnJEMdyrzh1qn1pmgRXnJ6TadzvYOIvG3AkHVBe-OaDlTJt0MWL5ci3HmmswjY6DBVfoJDnsTiMX5pVYXbPYsgPni-GtU0gWT4QFwt_Zl7viAoDhK_R9oYrpYkQpWvo6JL_O0hnbXD0tdT4d7MGMbaKhzA6cWbNmltmQnSjUGfvOojpHvDLg-s1FGlJQOOcd9H-nPZzME7nqdoKyTDI4EqnuduoRzjCsFJcUwQhs6nngG-HyIwCxi05xXiGkFv36pwe3FXZVhYP5R2cNxgR35N3HaD4PE16l_M6Mey6fJwjZPF5z9b63xOlmXVRTsoHJOrr-hPhowyndwonKEH5OXI1WBhcMQlBEBmG09yqrXr5NnJsC6xzL-SPQrciKEmQPCYHT_qRnLaAyP44IfYycPtM_B1J97HCwj_IFKCjSX3Yew_tsLhrxE9gwaAYiVa4J0YzdrUoHZOXCI2BbVUbO2AF4-oYfvaOSaDQtazIW-9XUEVhJr-WygED44y5zXq35qi7ajQ5GOMgBymkUKbE8wBO-Q8nfw8atUxwR4lPlyPlera5WhAG5Uy9VyLLHVdw
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E4DD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bnj0Hb0MYYoa6M9Cv7_UPx_2ciAMAAAAAOAHgBAI&bg=!6-il6KzNAAas2QJZrNk7ACkAdvg8WhHQkwEYIjJ6waRMb9bThWezdC8P19RqQJroF2Cm8mrI-8CaLgIAAAHZUgAAAAFoAQeZAzUwUsoCsJYqWSAJxln35h_sdw7uwUGwiYRflsRhakI_Z5TQayNztuYwbC2Mj6S4jzx1tWqm_cpTj02dV5OzLTPGPhMUft1VKicZoRFMfbhWItmL7nJPNg2yXY6EN45OFc8-YKkTt70Pu3VaXBcZVoI31sH45RhinBI1LcsYSE2u8jwUsEBFhD9sx-apjSeV6so7artLhSpf_reYMvyYHzq4EHCiQifC2KZTNWn9T-twFlXMTX3UgXxla4c_ganVOuFXarYJ2jqp2xhui0P0nIB7GjwfQYdq1RwV4-zKZ804ve__ADm40EA_QI16tuQhWENyThmPO2aDPoIPPMMr88mbpAXTEO97QFVI6A-wRzSTEQzYTEzUKu7XbCjzXr0mvcy0kSmRXEbyKuo4MS2kTyngVck1e8lO-q0dLhXMy5geLvCTfjaJ6cb8eJwk0i1rLV1VS02GoiXh-7O2G95S9Mz6SUdg84QX_ZljFw2pj834moIhPEpsJ47Trq9yiu4DYaLRT6UvRT8iNpreHXNAknRNTpyDjoEPojfEojb5wvQ3KCKYmiljm3z7FYYX1JKs1oY11xX8ae-h5t7XhuHSfaSk3cKQVkJKVjuiUuLJgZxGhUJ5kljcU2oSlKahQg1d06P5IaV53VvjiMcQwl9WYsknNSOvhw9F31KKiRX3cp9N5s2oUPKehJbVCHBf37vF5iCrMxQQjfzfeCPvY_zW3ejexhEkTXh2UXxNR2MOnFl7A8Fyf1hjIsos-k7n69vmxeWhaen5csOkNJntoWlVgqWiLb3tVPBiG9E-IvYWAFex8DRFj2fqOxKgqjAnDhX4k7alHojFA3eVxIMcNV5WE5ZsJnSVCrFoU78o52Rnr3-5bPTgkyZBDZ90_4qQ24vHhr4d1INsK21-VuqYSV9OG-hwNa1K2LtEGoRmiPOMZFex7X9mKz-aUcu26RV4BZX6FH9guHBQYB0lSBdoxHz-Trosa8EScJyhjbDpLrlNbbFUuWRZAYFfAONNAEH5FopM65V7dwRyXUzLy87lYSFYU6aCISXcqIQm-UDDuoFvMnGkSvBt7L8_L1QCtibP-0kkzVTSvXK3Gw
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame C4F6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=931897&asId=2ba9820c-ddce-1dcd-3320-8da4932c8952&tv=%7Bc:5chgZ6,time:640,type:e,im:%7Bimprf:%7Bttecl:853,ecd:22,tsecr:107%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:169,o:471,n:418,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:338,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B91~1,1~0%5D,as:%5B92~160.600%5D%7D%7D,%7Bsl:o,t:418,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B52~0%5D,as:%5B52~160.600%5D%7D%7D,%7Bsl:i,t:471,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B169~100%5D,as:%5B169~160.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYpTTAU+11%7C12%7C131%7C1321%7C133%7C141%7C1421%7C143%7C1511%7C15121%7C1513%7C16*.931897-61009656%7C161%7C1621%7C171%7C172%7C181.931897-61009684%7C1811%7C18121%7C1813%7C19,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.29.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-29-211.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:17 GMT
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame 9B9C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=931897&asId=2ab3c509-3cc4-9695-ae7e-362c1d75c34f&tv=%7Bc:5chgZ7,time:636,type:e,im:%7Bimprf:%7Bttecl:843,ecd:22,tsecr:98%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:636,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:352,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:sp,cc:0.0.0.0,piv:0,obst:0,th:0,reas:r.h,bkn:%7Bpiv:%5B289~0%5D,as:%5B289~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYpTTAU+11%7C12%7C131%7C1321%7C133%7C141%7C1421%7C143%7C1511%7C15121%7C1513%7C16.931897-61009656%7C161%7C1621%7C163%7C171%7C172%7C181*.931897-61009684%7C1811%7C18121%7C1813%7C19,idMap:181*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by
Host: c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
URL: https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.29.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-29-211.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:17 GMT
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame 8600 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWsC98NVZmJGx5Hgizkay-wl2PeWuo7VHbaB8sBulwYhJhXLSCnLYd5rdURuqxe5mxedw5AXMPHnvr-514RJzdO5cr1fUDhOqnq2XtcIYI4sJBijdtdA&sai=AMfl-YR-hSNMbuoHnZDyu7XyWATto9ZTcbRcrIIZSi0qY8NlBz3ZjhiaPrSsPKSHJKKTfEfBIBYA-3TuICNfLKZVTaWgEhN7jG3TCdqK_kULJOFca005DpnHku4Ggl6qnwU&sig=Cg0ArKJSzIYONpBqkI4MEAE&cid=CAASFeRocikCbhNyQMotuH0soZYZ7StcZQ&id=lidar2&mcvt=1000&p=380,1029,630,1329&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220223&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3757809261&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645757295782&rpt=317&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 8E3E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucb9GofUhuCDkYVyLagy9vrP7vRj8JKHJ6jx1aiaLtTUPLUmJ5pC3KlS7UR_TPVI7fFWYaI9YFa3D0JGdpHQVCqQynCt-kyegAtDEgr2Kz4oy5R0APHA&sai=AMfl-YTNc0W1VY9O_kRluejNUxgYs6g7pUxm-ya0Lpc08_Gu-mgk06J6b_I-00LrGKURuu4BeZn-yyB7NXJ7izpXOb3fnc2N-ZThmYvjO_wqw7JYgu4evWSOsXLQnNjR0Y4&sig=Cg0ArKJSzBhE96DXf9BOEAE&cid=CAASFeRoJ43zZvyk0zFoWs4itKodC7t--g&id=lidar2&mcvt=1002&p=760,1288,800,1329&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220223&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3161547873&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645757295708&rpt=370&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame C4F6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=931897&asId=2ba9820c-ddce-1dcd-3320-8da4932c8952&tv=%7Bc:5chh1F,pingTime:-10,time:799,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OC4wLjQ3NTguODAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1645757297219%7C%7C66f4dbb47cad22f1e2d55eed973ce31f%7C%7C920bd99aa4265c459f442b819dba176b%7C%7C0aaf411b5a13c99a79aca5981afe2dbf%7C%7Cc8a678105064bbf9cf4efaf12db55b33%7C%7C2a5357f07f878a9e15f6b91d28318aa7%7C%7Cb8effa6b41cb0e63b3b5df83b5435a60%7C%7Ccd1c324baee8549d3a0cf265c5443329%7C%7C1629390669%7D
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.29.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-29-211.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:17 GMT
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame C4F6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvNL57Ac9cz1fwQ_AeYjQhLd63GefP2xhkzwF8N3z83CZU1ZXtgBX5RbT31O6ctqe08qZEMCyfdSE1XnONDrtnZDExtX2XNH46R7imJEW88La06xMRpPQ&sai=AMfl-YQXEzWswS0RezbBlzd8OXvZFgHmjL2gN-iO1p9XeXdwkrT_3L9H_KnorrhsEEVU85NhCU0U_z0TlGUC88Gwae__4jieeWAUceeq71Ma0KWvqJg-2fN7VnH550SVI53_&sig=Cg0ArKJSzD2T21yMPMDuEAE&cid=CAASFeRoa4pYmBZ46IOXJmLtNfiB-Nu1AQ&id=lidar2&mcvt=1001&p=400,272,1000,432&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220223&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=308638017&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1645757295848&rpt=447&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
choice.js
quantcast.mgr.consensu.org/choice/274pYeudnKvDs/www.hawtcelebs.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/274pYeudnKvDs/www.hawtcelebs.com/choice.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:fa00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
747e8f5454d77ac3ee2339c3490cb7b805d59d7fedd4cc0682ae6ed9c33b7d25

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 25 Feb 2022 02:48:17 GMT
content-encoding
gzip
last-modified
Tue, 09 Feb 2021 19:08:19 GMT
server
AmazonS3
age
58
etag
W/"9de17307c4f74768ad3438dca5916747"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
w-1I7_BB4REvJIouLKp3MRBP_q2xsIjzrVm5GLKnIOXAbujZbs7xfA==
/
services.vlitag.com/uv/ 		12 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/uv/?page_url=https%3A%2F%2Fwww.hawtcelebs.com%2F&mtk=78
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=036e05035cbef88431e89138f2969605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bd89d0776acdb8565abd79559d140909e68570f7d74a6f0141d21aed4122f4

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:17 GMT
cf-cache-status
DYNAMIC
last-modified
Fri, 25 Feb 2022 02:48:17 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/json
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
6e2d9d260d0b9969-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12
x-robots-tag
noindex, nofollow, noarchive, nosnippet
expires
on, 01 Jan 1970 00:00:00 GMT
036e05035cbef88431e89138f2969605.js
tag.vlitag.com/v1/1645695160/ 		517 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.vlitag.com/v1/1645695160/036e05035cbef88431e89138f2969605.js
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=036e05035cbef88431e89138f2969605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88a1c45bf18eb251b2cc58cd55a9a08e409a733f304e547504531fd0caf9b78b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 24 Feb 2022 09:32:44 GMT
server
cloudflare
age
61242
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000, immutable
cf-ray
6e2d9d25e8b79a09-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-bgj
minify
d3d3Lmhhd3RjZWxlYnMuY29t
tcheck.outbrainimg.com/tcheck/check/ 		15 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3Lmhhd3RjZWxlYnMuY29t
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:48:17 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=6241
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
1dd77f1164c167dfe510fcfeb4cb506b
Content-Length
15
Expires
Fri, 25 Feb 2022 04:32:18 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=6.620302098062864
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:17 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Sun, 27 Mar 2022 02:48:17 GMT
img.fetch
udmserve.net/udm/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=17047;tid=1;ev=1;dt=8;
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/inpageLoader.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:48:17 GMT
Connection
Keep-Alive
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Length
1
Content-Type
application/x-javascript
outbrain.js
widgets.outbrain.com/ 		197 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
db9c2689cb3193a507d3fcf98b5fdb685a8c790caad4461656fc9937180dcc36

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:17 GMT
content-encoding
gzip
last-modified
Thu, 24 Feb 2022 19:23:09 GMT
etag
"16-FRz2tE08McRbxNyDL+equ0vFEPY"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
367c58d7cc812603377060366c1e58ca
timing-allow-origin
*, *
content-length
69336
js15_as.js
s10.histats.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:45:19 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
51.254.41.128/25
etag
"-375139978"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
4364
x-request-id
111643249
e.js
live.demand.supply/x/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v14.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-nf-request-id
01FNYKY797TTYDF53H2H4D6FE9
date
Fri, 25 Feb 2022 02:48:17 GMT
cf-cache-status
HIT
age
156770
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"1e7512eab4ec94e546e05bc6561a8453-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
6e2d9d25fd2c5c8c-FRA
rrv7.js
bid.underdog.media/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/rrv7.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d800:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc50d017b2657878ca200cfbdf8ad6ddcdfd1021b0cf19d97c9fb231eec0aabb

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 01:36:11 GMT
content-encoding
gzip
last-modified
Fri, 25 Feb 2022 01:30:04 GMT
server
AmazonS3
age
4327
etag
"f1bea9931ab3e67e6ef34a5113a5c957"
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
cache-control
max-age=7200
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
3125
x-amz-cf-id
FwSX7y7EkD2Uirs0j7_Ko--fsq-R1z-tQtsBLgcHDd08GfQDxUTthA==
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022021701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7cab521abbbddbaeba4f0c7525cbf67c5d1e8b56ef8a4a11e9ec62f978032368
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 25 Feb 2022 02:48:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9789
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-10995097-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4404
date
Fri, 25 Feb 2022 01:34:53 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 25 Feb 2022 03:34:53 GMT
/
t.dtscout.com/i/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Requested by
Host: waust.at
URL: https://waust.at/c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.238 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip238.ip-158-69-139.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
9285a80d8ab5865b3c84926cf203f1b3d15667d275a88f64dcfeb83d9ed2d316

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:48:17 GMT
X-T
0.96
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
X-S
mtl2
Expires
Fri, 25 Feb 2022 02:48:16 GMT
/
whos.amung.us/pingjs/ 		29 B
145 B 		Script
General
Check archive.org
Download Go to
Full URL
https://whos.amung.us/pingjs/?k=a9etg89wet&t=HawtCelebs%20%E2%80%93%20Latest%20Celebrities%20Pictures&c=c&x=https%3A%2F%2Fwww.hawtcelebs.com%2F&y=&a=0&d=1.046&v=27&r=4073
Requested by
Host: waust.at
URL: https://waust.at/c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.202.94.86 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
amung.us
Software
/
Resource Hash
5034b1e8b66908c5b5ab086669ec8a8fb784cd338345d3b199757153b1adbaac

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:17 GMT
content-encoding
gzip
content-type
text/javascript;charset=UTF-8
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022021701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 25 Feb 2022 02:48:17 GMT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/274pYeudnKvDs/www.hawtcelebs.com/choice.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:17 GMT
content-encoding
gzip
etag
"yoD6mq4JTyPdtDBolW+GUg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Fri, 04 Mar 2022 02:48:17 GMT
rules-p-274pYeudnKvDs.js
rules.quantcount.com/ 		3 B
439 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-274pYeudnKvDs.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 03:26:20 GMT
via
1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
age
84118
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 19:47:21 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
XBbNBqtnaneMO7IPiDncS97iVR6xZfKYCulwSA3rx3Ob9IqRkDISJw==
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		178 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.hawtcelebs.com
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/274pYeudnKvDs/www.hawtcelebs.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:fa00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32ed95b190974ab3c06dcbfe84decbe46ba5bf9ef759aaad201b053d06342d9e

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:17 GMT
content-encoding
br
age
22
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Thu, 03 Feb 2022 15:12:49 GMT
server
AmazonS3
etag
W/"654a79dfaa26ade386414ddc75ea4b75"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
0poD3AdfY-GrxNUKXMGXsEpkMQ2YGo8MGErPYmhaf-hC3wg6hXHvgw==
pixel;r=1871440066;source=choice;rf=3;a=p-274pYeudnKvDs;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=0;fpa=P0-1600553470-1645757296163;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1871440066;source=choice;rf=3;a=p-274pYeudnKvDs;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=0;fpa=P0-1600553470-1645757296163;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;ref=;d=hawtcelebs.com;je=0;sr=1600x1200x24;dst=0;et=1645757297650;tzo=0;ogl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:17 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
placement_invocation
ob.cheqzone.com/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-117.fra50.r.cloudfront.net
Software
Caddy /
Resource Hash
55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 22:59:24 GMT
content-encoding
gzip
server
Caddy
age
13733
etag
"bf83-flSXooGsmrmYNlxSK09toJAtNHc"
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
cache-control
max-age=43200
x-amz-cf-pop
FRA50-C1
content-length
18458
x-amz-cf-id
iWKaaVS8muKZoMGOj86ZsbIV-XjXw1XIROy9jB_2p6FpEXdVvS0uEQ==
expires
Fri, 25 Feb 2022 10:59:24 GMT
0.php
s4.histats.com/stats/ 		52 B
186 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?1890596&@f16&@g1&@h1&@i1&@j1645757297665&@k0&@l1&@mHawtCelebs%20%E2%80%93%20Latest%20Celebrities%20Pictures&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:110978650&@b3:1645757298&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.hawtcelebs.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.34 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns501383.ip-192-99-8.net
Software
/
Resource Hash
b083f5c629605ca218ade301d38dab4e7a94c1a2c533141205175f1fcc27637a

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:48:17 GMT
Connection
close
Content-Length
52
Content-Type
text/html;charset=UTF-8
prebid-6.10.0.js
assets.vlitag.com/prebid/default/ 		521 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1645695160/036e05035cbef88431e89138f2969605.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf557425d76a8c36ddb621c3de7eb8dd392709ab6f9352b4fb97ae380cb78adc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1691476
cf-polished
origSize=534024
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Fri, 04 Feb 2022 05:27:50 GMT
server
cloudflare
etag
W/"61fcb956-82608"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
cf-ray
6e2d9d26a9809a09-FRA
expires
Fri, 04 Feb 2022 05:57:58 GMT
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1645695160/036e05035cbef88431e89138f2969605.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63850e8afff0b10c7e217b8b6ae8f9b6c1c0ca16bbb0e3a900c6ae521bfb778d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27846
x-xss-protection
0
server
sffe
etag
"1142 / 379 of 1000 / last-modified: 1645743960"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 25 Feb 2022 02:48:17 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		367 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1645695160/036e05035cbef88431e89138f2969605.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b9019b46768d884816f34f0572435e6b9060ff9d0ef785996285a9b7d97a715
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124251
x-xss-protection
0
expires
Fri, 25 Feb 2022 02:48:17 GMT
sf_host.min.js
assets.vlitag.com/plugins/safeframe/src/js/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1645695160/036e05035cbef88431e89138f2969605.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:15e3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1665205
cf-ray
6e2d9d26a9819a09-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
etag
W/"5dbbbcf2-9806"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=16070400
x-robots-tag
noindex, nofollow
expires
Tue, 18 Jan 2022 19:05:08 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B5FA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 24 Feb 2022 22:08:59 GMT
expires
Fri, 24 Feb 2023 22:08:59 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
16758
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame AC8F 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ed2bf6f63c5ac50c4879e79af4b5bf0aead4b3a4b8a1292f82f90a9e3a25abb2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Guaf+3d4fBFRjaoW8mAhJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 25 Feb 2022 02:48:17 GMT
date
Fri, 25 Feb 2022 02:48:17 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Guaf+3d4fBFRjaoW8mAhJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cmp-list.json
test.quantcast.mgr.consensu.org/GVL-v2/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.hawtcelebs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:9e00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21588ff06c8d62213aeb662895a415609340053243492e0c8255388e969eca0e

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.hawtcelebs.com/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 03:00:35 GMT
content-encoding
gzip
age
85663
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Fri, 18 Feb 2022 19:52:29 GMT
server
AmazonS3
etag
W/"68deec44da0ca2810e7c67d67eec39ee"
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-version-id
6Hh9ZDukV2IFPYmvxSd.QbCotU.Q.Hfx
via
1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA50-C1
content-type
application/json
x-amz-cf-id
BPmXDewcPaypUDYUbBBVW1y2xIb8ezEnklvLiIos2y-kaN7bYPyBrg==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=667320807&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hawtcelebs.com%2F&ul=en-us&de=UTF-8&dt=HawtCelebs%20%E2%80%93%20Latest%20Celebrities%20Pictures&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=541771272&gjid=1157871088&cid=519396531.1645757295&tid=UA-10995097-8&_gid=395833814.1645757298&_r=1&gtm=2ou2n0&z=1378208511
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_pla
obs.cheqzone.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=14265087156287720860277730811219245226171627820201512090051293829501&nc=0&tsf=0&tsfmi=&pv=0&cb=1645757297792&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=3312777366&at=&bid=e30%3D&di=W1siZWYiLDI1NzNdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImdvb2dsZSBpbmMu%0D%0AIChnb29nbGUpXCIsXCJyXCI6XCJhbmdsZSAoZ29vZ2xlLCB2dWxrYW4gMS4yLjAgKHN3aWZ0c2hh%0D%0AZGVyIGRldmljZSAoc3ViemVybykgKDB4MDAwMGMwZGUpKSwgc3dpZnRzaGFkZXIgZHJpdmVyLTUu%0D%0AMC4wKVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMu%0D%0AMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1%0D%0AbSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6NyxcIndnbFwiOjEsXCJncmVuXCI6XCJ3%0D%0AZWJraXQgd2ViZ2xcIixcInNlZlwiOjM1Nzc1Njc1NTgsXCJzZWNcIjpcIlwifSJdLFstMSwiLSJd%0D%0ALFstMiwiNixlWUc5WDEvWDF0WmxTMjJkNTF4OFlOWTlNeEpRRU1DZFVCSEpMODZMMjNBQ0dVaEJJ%0D%0Ad0lTU0VFQWNJSmZSZUFnUUlFRm9JbmRDeHdRWGpobzI3MTk2bU1qT3Yvcjg3MHV4cUZ4Il0sWy0z%0D%0ALCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2ll%0D%0AaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYs%0D%0AIntcIndcIjpbXCIwXCIsXCJjaHJvbWVcIixcIl9fcm9ja2V0TG9hZGVyRXZlbnRDdG9yXCIsXCJf%0D%0AX3JvY2tldExvYWRlckxvYWRQcm9ncmVzc1NpbXVsYXRvclwiLFwiX19jZlFSXCIsXCJkZW1hbmRT%0D%0AdXBwbHlTY1wiLFwiZGVtYW5kU3VwcGx5Q3JcIixcImRlbWFuZFN1cHBseVNyXCIsXCJob3VzZUFk%0D%0AQ2FtcGFpZ25zXCIsXCJkZW1hbmRTdXBwbHlUaVwiLFwiZGVtYW5kU3VwcGx5QXBcIixcImRlbWFu%0D%0AZFN1cHBseVRjXCIsXCJkZW1hbmRTdXBwbHlcIixcImRzcGJqc1wiLFwiX2FwcFwiLFwiZ29vZ2xl%0D%0AdGFnXCIsXCJnZ2VhY1wiLFwiZ29vZ2xlX2pzX3JlcG9ydGluZ19xdWV1ZVwiLFwiZ29vZ2xlX3Ny%0D%0AdFwiLFwiZ29vZ2xlX2xvZ2dpbmdfcXVldWVcIixcInRtb2RcIixcImdvb2dsZV9hZF9tb2RpZmlj%0D%0AYXRpb25zXCIsXCJnb29nbGVfbWVhc3VyZV9qc190aW1pbmdcIixcImdvb2dsZV9yZWFjdGl2ZV9h%0D%0AZHNfZ2xvYmFsX3N0YXRlXCIsXCJfZ2ZwX2FfXCIsXCJhZHNieWdvb2dsZVwiLFwiZ29vZ2xlX3Vz%0D%0AZXJfYWdlbnRfY2xpZW50X2hpbnRcIixcImdvb2dfcHZzaWRcIixcImdvb2dsZVRva2VuXCIsXCJn%0D%0Ab29nbGVJTVN0YXRlXCIsXCJwcm9jZXNzR29vZ2xlVG9rZW5cIixcImdvb2dsZV91bmlxdWVfaWRc%0D%0AIixcImdhR2xvYmFsXCIsXCJnb29nX3Nkcl9sXCIsXCJhbXBJbmFib3hJZnJhbWVzXCIsXCJhbXBJ%0D%0AbmFib3hQZW5kaW5nTWVzc2FnZXNcIixcInVkbV9hZHNfcXVldWVcIixcInVkbV9lZGdlX2luaXRc%0D%0AIixcIl9xb3B0aW9uc1wiLFwiX3FldmVudHNcIixcInVkbV9yM0NodW5rXCIsXCJ1ZG1fcjNcIixc%0D%0AIl9wYmpzR2xvYmFsc1wiLFwiX19jb3JlLWpzX3NoYXJlZF9fXCIsXCJlbmRlZEhhbmRsZXJcIixc%0D%0AInVkbV9wcm9jZXNzX2Fkc19xdWV1ZVwiLFwiZGVsZXRlX3VkbV9lZGdlXCIsXCJyZWxvYWRfdWRt%0D%0AX2VkZ2VcIixcInF1YW50c2VydmVcIixcIl9fcWNcIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy03%0D%0ALCItIl0sWy04LCItIl0sWy05LCIrIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwi%0D%0AOltcImRlc2NyaXB0aW9uXCJdfSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0xNCwie1wib1wi%0D%0AOjAuMDQ2MTUzODQ2MTUzODQ2MTU2fSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNCJdLFst%0D%0AMTgsIlswLDAsMCwxXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIw%0D%0AMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiXSJdLFst%0D%0AMjAsIjUxOTM5NjUzMS4xNjQ1NzU3Mjk1Il0sWy0yMSwid2k5UDhHcXgiXSxbLTIyLCJbXCJuXCIs%0D%0AXCJuXCJdIl0sWy0yMywiKyJdLFstMjQsIltdIl0sWy0yNSwiLSJdLFstMjYsIntcInRqaHNcIjo2%0D%0ANDAwMDAwMCxcInVqaHNcIjozNzMwMDAwMCxcImpoc2xcIjozNzYwMDAwMDAwfSJdLFstMjcsIlsw%0D%0ALDkuOCwwLFwiNGdcIixudWxsXSJdLFstMjgsImVuLVVTIl0sWy0yOSwie1widlwiOlsyLDIsMiwy%0D%0ALDAsMCwwLDIsMCwyLDAsMiwwLDAsMiwyLDIsMiwwXX0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMx%0D%0ALCJmYWxzZSJdLFstMzIsIjIiXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjQ1NzU3Mjk3%0D%0ANzg2LDBdIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxb%0D%0ALTM4LCJjLC0xLC0xLDYwLDAsMCwwLDAsNDQsODA0LDIwLDEsMTA1NiwxMDU2LDM3NjMsMzc2MyJd%0D%0ALFstMzksIltcIjIwMDMwMTA3XCIsMCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwi%0D%0ALG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCwwXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFst%0D%0ANDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMCJdLFstNDQs%0D%0AIjAsMCwwLDUiXSxbLTQ1LCItIl0sWy00NiwiMCJdLFstNDcsIkV0Yy9Vbmtub3duLGVuLVVTLGxh%0D%0AdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbImJuY2giLDQ0XV0%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A451%2C%22y%22%3A1422%2C%22w%22%3A537%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=aJMnuUIb4b&sdd=%7B%7D&pto=3768
Requested by
Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
c04eb5749b569c0054bac1771581bd24e4f44d7908aed5208f284f83b8e973e1

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:18 GMT
content-encoding
gzip
cache-control
no-cache, no-store, must-revalidate
content-type
text/javascript
content-length
1425
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-10995097-8&cid=519396531.1645757295&jid=541771272&gjid=1157871088&_gid=395833814.1645757298&_u=YAhAAUAAAAAAAC~&z=1395229036
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 25 Feb 2022 02:48:17 GMT
content-type
text/plain
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js
pagead2.googlesyndication.com/bg/ Frame B5FA 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
484c9dc906528d1a062bb6bafbadaf374c145503a4c3de6826c967c642ddcff6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 04:14:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
81210
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13759
x-xss-protection
0
last-modified
Wed, 23 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 24 Feb 2023 04:14:47 GMT
cmp2ui-en.js
quantcast.mgr.consensu.org/tcfv2/39/ 		227 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/39/cmp2ui-en.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.hawtcelebs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:fa00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6bdf620e64f6f9481b0b273e6365a133ce173c2feb8839cfb99542f0f7f518e

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 15:59:49 GMT
content-encoding
br
age
38909
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Thu, 03 Feb 2022 15:12:35 GMT
server
AmazonS3
etag
W/"58b24098a17406b31f4f22592394578b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
k7qoY6y4EJ4Lp6hz79BW6_8wI7in6XvUwZ-RRol3fvBZRgz1ohoueg==
vendor-list-trimmed-v1.json
quantcast.mgr.consensu.org/GVL-v2/ 		283 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.hawtcelebs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:fa00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c2991dd569d370103846b2fcac07f52a3914e59fdd33e39bb3c8b2a57b6f6e2

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 03:00:43 GMT
content-encoding
br
age
85655
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Thu, 24 Feb 2022 03:00:32 GMT
server
AmazonS3
etag
W/"b1407904a04b85a098386847616eb336"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
cache-control
max-age=172800
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
p5tsfmpxth-wLoqGqWCfx5ur1j78gh8oYtI9_XBSg9YttLX0nYzTYw==
google-atp-list.json
quantcast.mgr.consensu.org/tcfv2/ 		153 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.hawtcelebs.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:fa00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
95045347f438c2512764824b7bd997e68b8c18b06ef5c234962eba3b3024f6e8

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.hawtcelebs.com/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 24 Feb 2022 03:00:29 GMT
content-encoding
br
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age
85669
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 24 Feb 2022 03:00:27 GMT
server
AmazonS3
etag
W/"e095029eba3dbb82040530a0e49b05ed"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
via
1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
OLnEychAzHTarqOSYyj8E_cf0tX2Qi0t28h3NJzL3UWabVODT-K2ew==
dt
dt.adsafeprotected.com/ Frame 9B9C 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=931897&asId=2ab3c509-3cc4-9695-ae7e-362c1d75c34f&tv=%7Bc:5chhbB,pingTime:-10,time:1410,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OC4wLjQ3NTguODAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1645757297219%7C%7C66f4dbb47cad22f1e2d55eed973ce31f%7C%7C920bd99aa4265c459f442b819dba176b%7C%7C0aaf411b5a13c99a79aca5981afe2dbf%7C%7Cc8a678105064bbf9cf4efaf12db55b33%7C%7C2a5357f07f878a9e15f6b91d28318aa7%7C%7Cb8effa6b41cb0e63b3b5df83b5435a60%7C%7Ccd1c324baee8549d3a0cf265c5443329%7C%7C1629390669,sca:%7Bspg:2ba9820c-ddce-1dcd-3320-8da4932c8952%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.29.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-29-211.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:17 GMT
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ Frame AC8F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022021701&jk=3444597273946705&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220225
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-6.10.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97299033768eedf6439d2cc8c33935b8e17770a77ead11300385c295757c9878
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hawtcelebs.com/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 25 Feb 2022 02:48:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
42432
x-jsd-version
1.0.1263
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19171-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"69a-UlpkowxZ+2bc19upm2tUQnLamdc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6e2d9d281f6c8fe0-FRA
1572962830.jpg
assets.vlitag.com/widget/2019/11/05/ 		192 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2019/11/05/1572962830.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:17 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
75536
cf-polished
degrade=85, origSize=227959, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
196267
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Tue, 05 Nov 2019 14:07:11 GMT
server
cloudflare
etag
"5dc1820f-37a77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Tue, 18 Jan 2022 18:59:03 GMT
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6e2d9d283c5e9a11-FRA
cf-bgj
imgq:85,h2pri
1596163502.jpg
assets.vlitag.com/widget/2020/07/30/ 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2020/07/30/1596163502.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:17 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1311078
cf-polished
qual=85, origFmt=jpeg, origSize=140376
content-disposition
inline; filename="1596163502.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
106784
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Fri, 31 Jul 2020 02:45:02 GMT
server
cloudflare
etag
"5f2385ae-22458"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Wed, 09 Feb 2022 22:33:27 GMT
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6e2d9d283c5d9a11-FRA
cf-bgj
imgq:85,h2pri
1635928361.png
assets.vlitag.com/widget/2021/11/03/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2021/11/03/1635928361.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d59625b6564d07e0b7bb8808f2273a0f930a1cbbe622ad9b4eb911abdb56ef5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:17 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1920234
cf-polished
origFmt=png, origSize=154658
content-disposition
inline; filename="1635928361.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
97154
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Wed, 03 Nov 2021 08:32:41 GMT
server
cloudflare
etag
"61824929-25c22"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Wed, 02 Feb 2022 19:56:52 GMT
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6e2d9d283c5c9a11-FRA
cf-bgj
imgq:85,h2pri
1635928418.png
assets.vlitag.com/widget/2021/11/03/ 		130 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2021/11/03/1635928418.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a2a95a3a1132f723ce3e0491f8ffff068d48e038449074b52494e552e894996
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:17 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1832772
cf-polished
origFmt=png, origSize=219844
content-disposition
inline; filename="1635928418.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
132702
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Wed, 03 Nov 2021 08:33:38 GMT
server
cloudflare
etag
"61824962-35ac4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Thu, 03 Feb 2022 21:48:08 GMT
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6e2d9d283c5b9a11-FRA
cf-bgj
imgq:85,h2pri
1592801729.jpg
assets.vlitag.com/widget/2020/06/22/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2020/06/22/1592801729.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:17 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1311725
cf-polished
qual=85, origFmt=jpeg, origSize=103053
content-disposition
inline; filename="1592801729.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75514
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Mon, 22 Jun 2020 04:55:29 GMT
server
cloudflare
etag
"5ef039c1-1928d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Tue, 18 Jan 2022 19:23:14 GMT
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6e2d9d283c609a11-FRA
cf-bgj
imgq:85,h2pri
1572962870.jpg
assets.vlitag.com/widget/2019/11/05/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2019/11/05/1572962870.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6816:3bc7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:17 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
628827
cf-polished
qual=85, origFmt=jpeg, origSize=151033
content-disposition
inline; filename="1572962870.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
109336
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Tue, 05 Nov 2019 14:07:50 GMT
server
cloudflare
etag
"5dc18236-24df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Wed, 09 Feb 2022 19:00:14 GMT
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
6e2d9d283c5f9a11-FRA
cf-bgj
imgq:85,h2pri
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-10995097-8&cid=519396531.1645757295&jid=541771272&_u=YAhAAUAAAAAAAC~&z=1674625515
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-10995097-8&cid=519396531.1645757295&jid=541771272&_u=YAhAAUAAAAAAAC~&z=1674625515
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame C4F6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=931897&asId=2ba9820c-ddce-1dcd-3320-8da4932c8952&tv=%7Bc:5chhdg,pingTime:1,time:1518,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:339%7D,%7Bpiv:0,vs:o,r:l,t:418%7D,%7Bpiv:100,vs:i,r:,t:471%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1047,o:471,n:418,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:338,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B91~1,1~0%5D,as:%5B92~160.600%5D%7D%7D,%7Bsl:o,t:418,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B52~0%5D,as:%5B52~160.600%5D%7D%7D,%7Bsl:i,t:471,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1047~100%5D,as:%5B1047~160.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:336,fm:sYpTTAU+11%7C12%7C131%7C1321%7C133%7C141%7C1421%7C143%7C1511%7C15121%7C1513%7C16*.931897-61009656%7C161%7C1621%7C171%7C172%7C181.931897-61009684%7C1811%7C18121%7C1813%7C19,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.29.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-29-211.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:18 GMT
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame C4F6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=931897&asId=2ba9820c-ddce-1dcd-3320-8da4932c8952&tv=%7Bc:5chhdg,pingTime:1,time:1518,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:339%7D,%7Bpiv:0,vs:o,r:l,t:418%7D,%7Bpiv:100,vs:i,r:,t:471%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1047,o:471,n:418,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:338,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B91~1,1~0%5D,as:%5B92~160.600%5D%7D%7D,%7Bsl:o,t:418,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B52~0%5D,as:%5B52~160.600%5D%7D%7D,%7Bsl:i,t:471,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1047~100%5D,as:%5B1047~160.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:336,fm:sYpTTAU+11%7C12%7C131%7C1321%7C133%7C141%7C1421%7C143%7C1511%7C15121%7C1513%7C16*.931897-61009656%7C161%7C1621%7C171%7C172%7C181.931897-61009684%7C1811%7C18121%7C1813%7C19,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.29.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-29-211.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:18 GMT
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
/
audit-tcfv2.quantcast.mgr.consensu.org/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22274pYeudnKvDs%22%2C%22domain%22%3A%22www.hawtcelebs.com%22%2C%22publisher%22%3A%22HawtCelebs%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.39%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%224rHc6iLEBI7fi7DodmBOXQ%22%2C%22clientTimestamp%22%3A1645757297951%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-bjqy1lx1cj4mujdkr6a%22%7D
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/39/cmp2ui-en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.18.111 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-18-111.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.hawtcelebs.com/
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 25 Feb 2022 02:48:18 GMT
content-length
2
content-type
text/plain; charset=utf-8
/
t.dtscout.com/pv/ 		50 B
318 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=hawtcelebs.com&_ss=7grzh42ekp&_pv=1&_ls=0&_u1=1&_u3=1&_cc=nl&_pl=d&_cbid=6q6l&_cb=_dtspv.c
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.238 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip238.ip-158-69-139.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
419e81fa6734737a10a435c8e18e18dcfdd01de005ba6a31567b46300a09d03b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:48:18 GMT
X-T
0.187
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
X-C
0
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
Expires
Fri, 25 Feb 2022 02:48:17 GMT
tc.js
cdn.tynt.com/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/tc.js
Requested by
Host: waust.at
URL: https://waust.at/c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.28.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 27 Aug 2021 20:58:51 GMT
server
cloudflare
age
67974
etag
W/"6129520b-431d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6e2d9d292fce5b8c-FRA
expires
Mon, 28 Feb 2022 02:48:18 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/gif
generate_204
tpc.googlesyndication.com/ Frame B5FA 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?8H6LVg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
imp.gif
obs.cheqzone.com/tracker/ 		43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e00136eebc030ed4583959225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163343714593d75332fd78abe6d4e3471ebd4a8bbd30e026dc61c45085052aae2d05f91e46042cc85b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c0240616e96568ad980a6ceec89825d957bd1fad811bc551c8c96dd82a77c3d835d277c2d0eff086bcb51d7ca726b2bca92f5462eed66a92e241e7141502de5b0cd3d4c38681eb923bce6a88de93a349cd5c5513a23771c3c4904a74d4b328ff57e192179222fc7b104a57986cb95fdbc1a97feb86688752a798ccd527d6195178e8121e506b5f7fc0a264b45498cd8a2be8de2bbd962b9adabab03d9fb7e44e6b72c8b10f0a9ba7071a5acdbdac65a43386e95ee9fc2db774bc329450c809d1a83ddb0721e4aa8e7b3c39601f370d5c15c7fd9e3fc008a53b325135eae65dd599041ebbe9cdb0b870d0aeb1bec0aded82140a62bf1ed8e14b64c701204ecb711e317efc7be2&cb=1645757298147&cri=aJMnuUIb4b
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:18 GMT
cache-control
no-cache, no-store, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
content-length
43
content-type
image/gif
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1645757298147&sessionId=46652c62-0651-0451-48f5-d6db8c8c7404&url=www.hawtcelebs.com&cheqSource=1&cheqEvent=0&exitReason=4
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:18 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
007ccb1e609c3760b6cdfd58251d56ec
Content-Length
4
Expires
0
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!a9etg89wet&lm=0&ts=1645757298155&dn=TC&iso=0&t=HawtCelebs%20%E2%80%93%20Latest%20Celebrities%20Pictures
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:18 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
get
odb.outbrain.com/utils/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=%20&idx=0&rand=57755&key=NANOWDGT01&widgetJSId=TF_6&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&clss=YHLCh4n3MsuweIFcBWBOjNDXHH7t7YxY7Mkz%2B3VqokNtr16HXj9qN%2FzKzswt%2FXbFw%2BXbVbt%2Fe8KwNxht&px=451&py=1437&vpd=237&cw=537&activeTab=true&darkMode=false&settings=true&recs=true&version=2000615&sig=wi9P8Gqx&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=1&ccpa=1---&ccpaStat=1&ogn=https%3A%2F%2Fwww.hawtcelebs.com%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dad2f6159abb9de9e578e7f7d642e74f2204e21970621104b7d36e88bbb9a253

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:18 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
CHIDC2, MDW, FRA, Europe2
x-timer
S1645757298.295691,VS0,VE119
accept-ranges
bytes
x-served-by
cache-mdw17325-MDW, cache-fra19153-FRA
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
f6d6c31739645b822dca370e35a0be44
content-encoding
gzip
content-length
2451
expires
Thu, 01 Jan 1970 00:00:00 GMT
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=bc738646c6186d0be86688092521318d&pvId=bc738646c6186d0be86688092521318d&sid=6155583&pid=34839&idx=0&wId=1155&pad=0&org=0&tm=850&eT=0&cnsnt=no_consent&widgetWidth=537&widgetHeight=0&widgetX=452&widgetY=1437&wRV=2000615&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&cheq=1&rtt=187&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:18 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
3fdffd1e2ab199f53513beb5dcc16132
Content-Length
4
Expires
0
streamFeed.js
widgets.outbrain.com/nanoWidget/2000615/module/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000615/module/streamFeed.js?e=2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
f867f9dec1dd7c5e338e024001d9de4e7f25cbdb033358e0f11994d11ca472ad

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:18 GMT
content-encoding
gzip
last-modified
Thu, 24 Feb 2022 19:21:51 GMT
server
AkamaiNetStorage
etag
"1a16baa6168301bc9278ee5c319cfa65:1645733311.366597"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
13567
expires
Fri, 25 Feb 2022 06:48:18 GMT
get
odb.outbrain.com/utils/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=undefined&idx=1&rand=42589&key=NANOWDGT01&widgetJSId=SB_1&va=true&et=true&format=html&pdobuid=-1&t=YmM3Mzg2NDZjNjE4NmQwYmU4NjY4ODA5MjUyMTMxOGQ=&adblck=false&abwl=false&clss=YHLCh4n3MsuweIFcBWBOjNDXHH7t7YxY7Mkz%2B3VqokNtr16HXj9qN%2FzKzswt%2FXbFw%2BXbVbt%2Fe8KwNxht&px=271&py=1035&vpd=0&cw=160&activeTab=true&darkMode=false&settings=true&recs=true&version=2000615&sig=wi9P8Gqx&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=1&ccpa=1---&ccpaStat=1&ogn=https%3A%2F%2Fwww.hawtcelebs.com%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b1722ccf7c846edbf97d882446d452454df0335647272838502e2d1bde3f32f3

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:18 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
CHIDC2, MDW, FRA, Europe2
x-timer
S1645757298.444481,VS0,VE121
accept-ranges
bytes
x-served-by
cache-mdw17329-MDW, cache-fra19153-FRA
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
1538cee3c5559a62415b9c717a3667d3
content-encoding
gzip
content-length
2853
expires
Thu, 01 Jan 1970 00:00:00 GMT
v2
de.tynt.com/deb/ 		4 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=w!a9etg89wet&dn=TC&cc=1&r=&us_privacy=1---
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:18 GMT
cache-control
max-age=86400
content-type
application/javascript
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
4
expires
Sat, 26 Feb 2022 02:48:18 GMT
get
mv.outbrain.com/Multivac/api/ 		12 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=%20&settings=true&recs=true&widgetJSId=TF_6&key=NANOWDGT01&version=2000615&apv=false&sig=wi9P8Gqx&format=html&rand=73122&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=1&ccpa=1---&ccpaStat=1&scrW=1600&scrH=1200&t=YmM3Mzg2NDZjNjE4NmQwYmU4NjY4ODA5MjUyMTMxOGQ=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=1&lastCardIdx=0&fAB=no_abtest&clss=YHLCh4n3MsuweIFcBWBOjNDXHH7t7YxY7Mkz%2B3VqokNtr16HXj9qN%2FzKzswt%2FXbFw%2BXbVbt%2Fe8KwNxht&dpr=1&cw=537&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.hawtcelebs.com%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000615/module/streamFeed.js?e=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2acece9b39453a0356e9b6f3abf4a01d9a6f72d5e8c6aa69ac8c23112c69715a

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:18 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
CHIDC2, MDW, HHN, Europe2
x-timer
S1645757299.523358,VS0,VE176
accept-ranges
bytes
x-served-by
cache-mdw17338-MDW, cache-hhn4034-HHN
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
b221037cf180ea91c470816ab2069a04
content-encoding
gzip
content-length
2055
expires
Thu, 01 Jan 1970 00:00:00 GMT
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!a9etg89wet&lm=0&ts=1645757298155&dn=TC&iso=0&t=HawtCelebs%20%E2%80%93%20Latest%20Celebrities%20Pictures
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:18 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:18 GMT
last-modified
Mon, 20 Dec 2021 10:37:08 GMT
server
AkamaiNetStorage
etag
"af7be0711fb1cf2f41bb793256c8f148:1639997225.362315"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
13687
expires
Sun, 27 Mar 2022 02:48:18 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:18 GMT
last-modified
Mon, 20 Dec 2021 10:37:08 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1639997209.278109"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Sun, 27 Mar 2022 02:48:18 GMT
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=87933ae561909ec6deba805d9b4c2878&pvId=bc738646c6186d0be86688092521318d&sid=6155583&pid=34839&idx=1&wId=102&pad=0&org=0&tm=999&eT=0&cnsnt=no_consent&widgetWidth=160&widgetHeight=25&widgetX=272&widgetY=1035&wRV=2000615&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&rtt=113&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:18 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
804286656410683d97f689816a6698e6
Content-Length
4
Expires
0
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!a9etg89wet&lm=0&ts=1645757298155&dn=TC&iso=0&t=HawtCelebs%20%E2%80%93%20Latest%20Celebrities%20Pictures
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:18 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=87933ae561909ec6deba805d9b4c2878&pvId=bc738646c6186d0be86688092521318d&sid=6155583&pid=34839&idx=1&wId=102&pad=0&org=0&tm=1009&eT=3&cnsnt=no_consent&wRV=2000615&pVis=0&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:18 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
b3742c6ec97711b938aa0a04e36a2d1e
Content-Length
4
Expires
0
img.fetch
udmserve.net/udm/ 		1 B
470 B 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=6;gdprApplies=true;consentGiven=false;consentData=
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_Tue_2_22_13_17_31_2022.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Fri, 25 Feb 2022 02:48:18 GMT
Connection
Keep-Alive
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Length
1
Content-Type
application/x-javascript
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022021701&jk=3444597273946705&bg=!DA-lD0vNAAas2QJZrNk7ACkAdvg8WmzAIHWVHH75wWA_dAOs1au22wBMEnVrPxpnGODdRoSL1T7c6wIAAAD2UgAAAAJoAQcKAMfSsO8XF1DjA6zjYqCILDIy71Z690eUb3vlY5K7BP7dtQEE6XMbWM0WPXijn15yf8ooCD0eeuoGns8VMVW3hSEtgftJRb8PC2cWM_yi71h0-hXTQTFn8oGr2FmdyNntt94dyCCN_MLYIabp3r2QcQw1v41rBHNZOsQ_cuxdpVjs2j-nKXEEYuTPzcB4ySfim-zm32ISPLSFGvpwsAJ6OscA83bdZrZ3UJhapB2W3G69WaphBAO91dsj7CB86V6UtWQ-b9seEP6vmQLFqpvn6_v1EaWqCTHPNBuIGJohuJusjZfcOwfXOmNyy9n_9rhZhRUo83MJiWdUj4moB3qN7bYOKoJYW3xMrL6vrkqT_EnrByqiJaFhFZNEkU1TeWZ0xpXgTHJEP02QD3_yo_ecy-aj_iYmZs-zbPom2cKqbyeCzk33mm-lN9l-ZtsTh4vaf5HKCHD2psTwEv68Pbg8jTMBMQaXeYSG7GgW7ked7G8Fd0L1DWbj28Zl7RyMZB1Um2dJ-lPieFH-hWcoxSAi-Lh10QgVnj0vyQ0FcMI6Dts7BbOTCtew3Ijuvhr4YniQ2JWq3nCRIetwBcj55llvqX8BqrnKmDa6GNfA5yvHUjF1oBSLL4yPHrDAK0b7ksW1Gqt8MTwG-6TuyBG2nZ-vkTlftk08LIJrBDIFB1oC4pKNA1oCE4aD9e9r8OcZ2bBhMteLzvjKpzSusSTr6CwrKY2jOFHoVjxBXyWe8g-xBBG-4CxMLVLNNYJsjfETRYGNCzET-VUOvCSBHUxyH2HjalcX2KXUocSweH1h8zV8HO5-vNToxo7RSgAhoC6mXE10xSzXkMFHJG7XuJ5BDUwyio2j9pqk_qDBp4UQd4TUZzisylbB65WwrJSxVbOgehKGvglQt-9-N0mEkSFMf53N4pSVaIA1fDd0nCGzN3KMQMsmj9Z-wWRiiPsU4KtAejsCm8F4fREtIfKHgAYhpg3egVuVIQ1911GQSwcak9uGnFgtNzyxIIkbDrCIwny_t9nV8u7MXPHAZ4-l-ElTorjJrZmIv4wl-iLNrFei9T0SVSnrApcPvvkhUFdeT05u1ckECSHyH88OZ2cIPdhUzSNZ6bIgE2TTJAsub8CR_mVGa8NlLSF00YRYrn5DQp1nFwpqoQv4SLgNYUyO7MMinmU-4E6XiWoLRHF0u_KZI3mLCWWurM9XsgpUSt8eN0-o7M1FHg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!a9etg89wet&lm=0&ts=1645757298155&dn=TC&iso=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:18 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
singleAnimationOnFeed.js
widgets.outbrain.com/nanoWidget/2000615/module/ 		503 B
666 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000615/module/singleAnimationOnFeed.js?e=2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
651fa87b8ab0da2e4d72b3a97116502b1d0256585e8c98d2d49e7022215a6ac2

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:18 GMT
content-encoding
gzip
last-modified
Thu, 24 Feb 2022 19:21:51 GMT
server
AkamaiNetStorage
etag
"11a483e50171879a5e804858b52b913e:1645733309.769993"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
337
expires
Fri, 25 Feb 2022 06:48:18 GMT
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=408e87fc277f080a49e7739c2dc83846&pvId=bc738646c6186d0be86688092521318d&sid=6155583&pid=34839&idx=3&wId=1096&pad=0&org=0&tm=1134&eT=0&cnsnt=no_consent&widgetWidth=537&widgetHeight=0&widgetX=452&widgetY=1437&wRV=2000615&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&rtt=247&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:18 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
b08b014940d6e0422319cea4e0f27c74
Content-Length
4
Expires
0
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=dd87b63964addd43cb93d6aa47414fc4&pvId=bc738646c6186d0be86688092521318d&sid=6155583&pid=34839&idx=4&wId=1096&pad=0&org=0&tm=1135&eT=0&cnsnt=no_consent&widgetWidth=537&widgetHeight=0&widgetX=452&widgetY=1437&wRV=2000615&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&rtt=247&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:18 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
d13106b4927b0bde3c12d22e4f6fe00e
Content-Length
4
Expires
0
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=f4db9fd139e4eabc20c9168085c7f4be&pvId=bc738646c6186d0be86688092521318d&sid=6155583&pid=34839&idx=5&wId=1096&pad=0&org=0&tm=1136&eT=0&cnsnt=no_consent&widgetWidth=537&widgetHeight=0&widgetX=452&widgetY=1437&wRV=2000615&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&rtt=247&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:18 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
62f5a6bfadb9df73a5174998d3bb092c
Content-Length
4
Expires
0
get
mv.outbrain.com/Multivac/api/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=undefined&settings=true&recs=true&widgetJSId=SB_1&key=NANOWDGT01&version=2000615&apv=false&sig=wi9P8Gqx&format=html&rand=3574&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=1&ccpa=1---&ccpaStat=1&scrW=1600&scrH=1200&t=YmM3Mzg2NDZjNjE4NmQwYmU4NjY4ODA5MjUyMTMxOGQ=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=1&lastIdx=5&lastCardIdx=0&fAB=no_abtest&clss=YHLCh4n3MsuweIFcBWBOjNDXHH7t7YxY7Mkz%2B3VqokNtr16HXj9qN%2FzKzswt%2FXbFw%2BXbVbt%2Fe8KwNxht&dpr=1&cw=160&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.hawtcelebs.com%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000615/module/streamFeed.js?e=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
17aa38822a6fc2ac643413bb81c2d337585af96cecdf954250d9583b6a99be09

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:18 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
CHIDC2, MDW, HHN, Europe2
x-timer
S1645757299.726495,VS0,VE150
accept-ranges
bytes
x-served-by
cache-mdw17364-MDW, cache-hhn4034-HHN
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
x-cache-hits
0, 0
x-traceid
086e5eb09faa0d2f2618cf225109b477
content-encoding
gzip
content-length
1633
expires
Thu, 01 Jan 1970 00:00:00 GMT
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!a9etg89wet&lm=0&ts=1645757298155&dn=TC&iso=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:18 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=8023ce5853759dbdd095594d6cdf3e08&pvId=bc738646c6186d0be86688092521318d&sid=6155583&pid=34839&idx=7&wId=1987&pad=0&org=0&tm=1310&eT=0&cnsnt=no_consent&widgetWidth=160&widgetHeight=0&widgetX=272&widgetY=1060&wRV=2000615&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&rtt=172&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:18 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
babf47e2dd4fd29e77625f4ef33df546
Content-Length
4
Expires
0
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!a9etg89wet&lm=0&ts=1645757298155&dn=TC&iso=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:18 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=8023ce5853759dbdd095594d6cdf3e08&pvId=bc738646c6186d0be86688092521318d&sid=6155583&pid=34839&idx=7&wId=1987&pad=0&org=0&tm=1326&eT=3&cnsnt=no_consent&wRV=2000615&pVis=0&lsd=-1&eIdx=1&oo=true&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Feb 2022 02:48:18 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
532ad4b443dbc2718601989f604eb376
Content-Length
4
Expires
0
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!a9etg89wet&lm=0&ts=1645757298155&dn=TC&iso=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 02:48:19 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
daxot-condbold-webfont.woff2
s0.2mdn.net/sadbundle/6322940812012159067/ Frame 3CB3 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/6322940812012159067/daxot-condbold-webfont.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ce25b6c8b21a75763485d1f9fc2a87f669919790e3dd954803f4fa2116d11b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/6322940812012159067/index.html
Origin
https://s0.2mdn.net
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 25 Feb 2022 00:27:05 GMT
x-content-type-options
nosniff
age
8474
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21608
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 10:41:36 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 25 Feb 2023 00:27:05 GMT
daxot-condregular-webfont.woff2
s0.2mdn.net/sadbundle/1338021503599923470/ Frame 27EB 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/1338021503599923470/daxot-condregular-webfont.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c4ae2b5b4287cd7d94436feb3935a5eca3c0acf6064e39371a7edeffd4f760f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/1338021503599923470/index.html
Origin
https://s0.2mdn.net
Accept-Language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 20 Feb 2022 08:17:01 GMT
x-content-type-options
nosniff
age
412279
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21692
x-xss-protection
0
last-modified
Thu, 17 Feb 2022 16:24:41 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 20 Feb 2023 08:17:01 GMT
dt
dt.adsafeprotected.com/ Frame C4F6 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=931897&asId=2ba9820c-ddce-1dcd-3320-8da4932c8952&tv=%7Bc:5chif3,pingTime:5,time:5473,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:160,h:600,t:339%7D,%7Bpiv:0,vs:o,r:l,t:418%7D,%7Bpiv:100,vs:i,r:,t:471%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:5002,o:471,n:418,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:338,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B91~1,1~0%5D,as:%5B92~160.600%5D%7D%7D,%7Bsl:o,t:418,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B52~0%5D,as:%5B52~160.600%5D%7D%7D,%7Bsl:i,t:471,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~160.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:175,fm:sYpTTAU+11%7C12%7C131%7C1321%7C133%7C141%7C1421%7C143%7C1511%7C15121%7C1513%7C16*.931897-61009656%7C161%7C1621%7C171%7C172%7C181.931897-61009684%7C1811%7C18121%7C1813%7C19,idMap:16*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.29.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-29-211.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
nl-NL,nl;q=0.9
Referer
https://c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Feb 2022 02:48:21 GMT
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.inmobi.com
URL
https://sync.inmobi.com/gob?google_gid=CAESEHc13I-yxdZpb4ucaWqajRM&google_cver=1&google_push=AYg5qPKLesHzUuw4lRa7_lK3DOZTEamaS4lvLC5k_6wy03Yswu2RL93sURkeBfuetKswQKRg8XqpswxFdiOFOI7kyrVG9D9hjtkv

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 function| structuredClone object| __cfQR string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns string| demandSupplyTi number| demandSupplyAp object| demandSupplyTc object| demandSupply object| dspbjs object| _app object| googletag object| ggeac object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| udm_ads_queue boolean| udm_edge_init object| _qoptions object| _qevents function| udm_r3Chunk object| udm_r3 object| _pbjsGlobals function| endedHandler function| udm_process_ads_queue function| delete_udm_edge function| reload_udm_edge function| quantserve function| __qc object| ezt function| qtrack object| udmCompiledBlockedCreativeIds object| udmDefinedBlockedCreativeIds undefined| $ function| jQuery function| gtag object| dataLayer object| menuItems object| trigger number| width object| bounding number| step function| slideMenu function| __tcfapi function| __uspapi object| google_tag_manager object| _VLIOBJ object| vitag number| udm_inpage_sid object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| scripts object| currentScript object| inpageDiv object| inpageScript object| udm_inpage_divs boolean| udm_inpage_initialized object| _Hasync object| _wau boolean| __cfRLUnblockHandlers object| udmRenderRates object| google_tag_data string| GoogleAnalyticsObject function| ga object| WAU_ren function| WAU_classic function| WAU_classic_request function| WAU_r_c function| WAU_insert function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady object| GoogleGcLKhOms function| chfh function| chfh2 string| _HST_cntval object| Histats string| tagApi object| viAPItag object| observeElementInViewport object| regeneratorRuntime function| __tcfapiui object| gaplugins object| gaData object| $sf object| __ctcg_65349_0_exec function| vlipbChunk object| vlipb object| mnet string| nobidVersion object| nobid object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google function| Splide object| viSplide object| _dtspv object| x string| x1 string| x2 object| Tynt object| _HistatsCounterGraphics_0_setValues object| _33Across object| google_image_requests

55 Cookies

Domain/Path Name / Value
live.demand.supply/ Name: demandSupplyTi
Value: d0168911-350f-48b7-9612-942e5463832a
.udmserve.net/ Name: dt
Value: F055B7F3-E925-32FE-8DAF-122D8DDDC81C
.adnxs.com/ Name: uuid2
Value: 3237488638937098937
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: SyncRTB3
Value: 1646956800%3A220
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 5ED6885D-B7E3-409A-A2FA-28D7C2D954CF
m.exactag.com/ Name: exactag_new_gk
Value: b3e83e68979f46fc8511e7025bf0c81a%7c26.04.2022+02%3a48%3a15
m.exactag.com/ Name: exactag_new_uk
Value: 2d4cf5054d9b44e2992ee55568500a55%7c
m.exactag.com/ Name: session_session
Value: 2f8588cc12f24cc38ff97e94
www.hawtcelebs.com/ Name: udmsrc
Value: %7B%7D
.hawtcelebs.com/ Name: __gads
Value: ID=978a7c8f3414ca3f:T=1645757295:S=ALNI_MaoKHdjljC3-xPpE4kpKutpNGQvjA
.casalemedia.com/ Name: CMID
Value: YhhDb11T4iqGo90.2PC2xQAA
.casalemedia.com/ Name: CMPS
Value: 3230
.doubleclick.net/ Name: IDE
Value: AHWqTUloFSe9lNC-Lq0D9MxcHnK8Vk4gr9PbP6YTkp7bfmi4g8oY-pHVCMcs27_XrZA
.udmserve.net/ Name: apnid
Value: 3237488638937098937
.casalemedia.com/ Name: CMPRO
Value: 1187
.casalemedia.com/ Name: CMST
Value: YhhDcGIYQ3AA
.pubmatic.com/ Name: PUBMDCID
Value: 3
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?)u[z8N!A#Eh.TOKKnyW<U1`VROYQM+P8gQa?AfqO4<qX<::YE[68f`M><DL@m`^KSO/X%W#.wL4W1Qw1PovePN
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.pubmatic.com/ Name: pi
Value: 156505:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.casalemedia.com/ Name: CMRUM3
Value: 2d621843702760CAESEOKUJAlrgDkK3Ez0uAmR7DM
.quantserve.com/ Name: mc
Value: 62184370-2e06e-34d66-72160
.hawtcelebs.com/ Name: __qca
Value: P0-1600553470-1645757296163
.imrworldwide.com/ Name: SSCVER
Value: v1
.imrworldwide.com/ Name: IMRID
Value: 61d0dc50-95e5-11ec-a0a6-4561300b787c
.turn.com/ Name: uid
Value: 3272479557326890712
.w55c.net/ Name: wfivefivec
Value: 7xBIwNgH1NnqEw5
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 463f8261dd74b72c
.yahoo.com/ Name: A3
Value: d=AQABBHBDGGICEP-0BTLxtKos6A04vnjLEUcFEgEBAQGUGWIiYgAAAAAA_eMAAA&S=AQAAAhPd77uI7_3K3CqWggX7K3I
.udmserve.net/ Name: pmid
Value: 5ED6885D-B7E3-409A-A2FA-28D7C2D954CF
.w55c.net/ Name: matchgoogle
Value: 5
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~23fe
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YhhDcAAItOrdpAAy
fksnk.com/ Name: AWSALBCORS
Value: j0E+YzdhmFZfP4gYlL6JNZZH+xToJ542/niidV3HsCk/J9cUE0eeEiaGbCamHUunKINeNVODGeQcVK34ispHgoVGkBCahS4G51gE8JUv5D7dUrMU7Nco6Jucv/ni
.fksnk.com/ Name: f_001
Value: C094C77DF1487B54
.fksnk.com/ Name: g_001
Value: 1
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-7e2b6265-3b34-4251-5b2d-bf4c8b8640e8.k7JWlAaL6nGoc1xxy8Ph2jQkDHBLFF2ScawYutnuzHc
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AfitiZTs0QlFbLb9Mi4ZA6F_Tx5E.GgvB67Dy9rJ4RMHVvSK5uAd42FKZ%2BveUtk0sR4PuRrg
.tribalfusion.com/ Name: ANON_ID
Value: alnseFtZdPufm7SpBnA8t2DZdFMuViZdZcJeJZaRTnBpb0s3JaZaNHeoGHWfp0oN6SWX738n4BIIXkIYVqfUlhaKbB
www.hawtcelebs.com/ Name: HstCfa1890596
Value: 1645757297665
www.hawtcelebs.com/ Name: HstCla1890596
Value: 1645757297665
www.hawtcelebs.com/ Name: HstCmu1890596
Value: 1645757297665
www.hawtcelebs.com/ Name: HstPn1890596
Value: 1
www.hawtcelebs.com/ Name: HstPt1890596
Value: 1
www.hawtcelebs.com/ Name: HstCnv1890596
Value: 1
www.hawtcelebs.com/ Name: HstCns1890596
Value: 1
.hawtcelebs.com/ Name: _ga
Value: GA1.2.519396531.1645757295
.hawtcelebs.com/ Name: _gid
Value: GA1.2.395833814.1645757298
.hawtcelebs.com/ Name: _gat_gtag_UA_10995097_8
Value: 1
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: oa
Value: 1
.dtscout.com/ Name: df
Value: 1645757297
.udmserve.net/ Name: udmts
Value: 1645757298.0

1 Console Messages

Source Level URL
Text
network error URL: https://udmserve.net/udm/img.fetch?sid=17047;tid=1;ev=1;dt=8;
Message:
Failed to load resource: the server responded with a status of 412 (Precondition Failed)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
api.demand.supply
assets.vlitag.com
audit-tcfv2.quantcast.mgr.consensu.org
bid.underdog.media
c79a1e0e19bd29b6e5d17d81a2604f51.safeframe.googlesyndication.com
cat.nl.eu.criteo.com
cdn.contentspread.net
cdn.jsdelivr.net
cdn.tynt.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
csm.eu.criteo.net
de.tynt.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal900027.redintelligence.net
ib.adnxs.com
ic.tynt.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
live.demand.supply
log.outbrainimg.com
m.exactag.com
mv.outbrain.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
pagead2.googlesyndication.com
pix.eu.criteo.net
pixel.quantserve.com
pm.w55c.net
pr-bh.ybp.yahoo.com
quantcast.mgr.consensu.org
r.turn.com
rtb.fr.eu.criteo.com
rtb.openx.net
rules.quantcount.com
s.tribalfusion.com
s0.2mdn.net
s10.histats.com
s4.histats.com
secure-gg.imrworldwide.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
services.vlitag.com
ssbsync.smartadserver.com
ssp.adriver.ru
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.go.sonobi.com
sync.inmobi.com
sync.srv.stackadapt.com
sync.teads.tv
sync.technoratimedia.com
t.dtscout.com
tag.vlitag.com
tcheck.outbrainimg.com
test.quantcast.mgr.consensu.org
tpc.googlesyndication.com
udmserve.net
ups.analytics.yahoo.com
us-u.openx.net
waust.at
whos.amung.us
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.google.nl
www.googletagmanager.com
www.googletagservices.com
www.hawtcelebs.com
sync.inmobi.com
104.111.242.245
104.18.28.199
142.250.184.194
142.250.186.162
142.250.186.98
143.204.98.117
150.136.26.45
151.101.114.132
151.101.14.132
151.101.2.49
158.69.139.238
176.9.26.250
178.162.133.149
178.250.2.135
178.250.2.148
178.250.2.150
18.156.0.31
185.33.221.14
185.33.221.90
185.64.190.79
185.64.190.80
185.86.137.107
192.99.8.34
198.47.127.20
2.18.232.28
2.18.234.190
2.18.234.21
2001:678:cb4:bbbb::11
213.202.235.10
2600:1f18:e8a:cd04:9b88:a313:d24d:af44
2600:9000:2156:2800:8:48e:53c0:93a1
2600:9000:2156:5400:6:44e3:f8c0:93a1
2600:9000:2156:9e00:3:a4cd:8380:93a1
2600:9000:2156:d800:5:c4ab:c3c0:93a1
2600:9000:2156:fa00:9:46dc:4700:93a1
2606:4700:10::6816:3bc7
2606:4700:10::ac43:15e3
2606:4700:20::681a:507
2606:4700::6810:125e
2606:4700::6810:5514
2606:4700::6810:8516
2606:4700::6810:8616
2606:4700::6812:c05
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2001
2a00:1450:4001:812::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::2008
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2006
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9d
2a02:2638:1::11
2a02:2638::2
2a02:2638::3
2a05:d018:d29:3605:68cd:a251:4c84:bc1
2a06:98c1:3121::7
3.230.16.129
3.69.18.111
35.227.252.103
35.244.159.8
44.238.29.211
46.105.201.240
52.200.181.105
52.210.115.176
52.57.143.183
54.76.210.111
64.202.112.255
67.202.105.33
67.202.94.86
68.71.249.118
78.46.111.106
81.222.128.216
88.99.69.161
0268bdf254f22580db4e1006474490a0ed11ed3ed2cdb1766208dd2442e07f97
0416c19f69c2c2c67be8f9a781054c58c7e87a6fd39d4e46b2a2cb48f8c36503
04cd207f62c5c656bbb1e96c63ecca447e891a9b3112190a5a5e7a553105f67f
051b581511dacf32a993f681ddd02c67f3161b8fe080b4eb9bccdf3b02d5994b
096f13be32221731ae6e8f3f6d4badb74b9c1eab3c9eeb7d60bc81d548f61e0b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c66763e1e6d6b624d1b23dbc574730d2b180fead419e3f50ac9b0b4716d4eef
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0cfc8c9f300b392973df6b339e8ff094d943c98ef82dedaf1364b702097eabfa
0e6b1ef8d7d064b6c94d14c18562f5a43286b40b0903549f608bd9ee61ec42e2
107c338e0891c48ba74d94dc3aec5897bec91892538eaa333a91d5aa9671512b
122fac0ffbb44fb8bba0388baa11afc67faec3b223a06871a40dbcab4c6cc787
1231401973912d7f10a4de728b49f0cbde4d80729a1f6db64cc6567eb16ed4a3
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
17aa38822a6fc2ac643413bb81c2d337585af96cecdf954250d9583b6a99be09
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
192d72042d251a1635bef0af51fe4d9a83be4344e68828894d3da538143af358
1cd12d608cf6655515704c8e3595c9e0bed98eb8a4850696f7522b84f1073ee2
1d706d25e236ad9a2a39f53eaf7308ca57eccd735cb47713211f497b699bb0f9
1d9d0ead1b679662c919689dbc802d67f0eca75116481219d9bf17badfdda27b
21588ff06c8d62213aeb662895a415609340053243492e0c8255388e969eca0e
22059bd6a4ef367203dac63da10273128555834feca1a1df0478ceba110ccbdb
22e8cf24afa5a067266524cf92e90a091c1c1b03f7d3f9de6e97bb06fe1a03ed
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62
24a5dd0b54c65548d322ceb3ba5e3e6715024a9bad53e499a0e4471c1674b516
24bb4f60127410dd11384ecc39e888dc21974e7aa2e4596eade1d5e97ea008ba
2609e34941cca67263b05584f2a7113469f415acc3419ef3b9aaa9716847a16b
2612f99fcc82f68d2c0db67b389ad59c7e25d28e5c7865118724bb0da519f1b3
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2acece9b39453a0356e9b6f3abf4a01d9a6f72d5e8c6aa69ac8c23112c69715a
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb
313ed1d0ef5ef70fdbbae75e67aeed30c5893ec98ecb91151b60c5ab7838e8a0
31bf822302ba5c241966cbdf23c8e904c3fc8c4cf20758032774b8ffe8e1d69a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32ed95b190974ab3c06dcbfe84decbe46ba5bf9ef759aaad201b053d06342d9e
33bfb1f6f1a9cb9c6d14e5786dae3ae31ffdd74e6ebd963348e342218561699d
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37bd89d0776acdb8565abd79559d140909e68570f7d74a6f0141d21aed4122f4
396466f4a6f3b156f779b3f29b4d91112933863cde9a5227b67685f3d27a157b
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
3af1c358b938a4f5ce01ab2c79b48180d783e78b335431a9e0551ed6408ddcac
3c95abcc3b3b083dba8c06e98b890c137477b47fc38da3f2146f712877f4af29
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
3e31aa0ee8ca4361c0674619afabed0e76686039c28ee7ed4c9df9da684a3269
419e81fa6734737a10a435c8e18e18dcfdd01de005ba6a31567b46300a09d03b
421558717c78d73a75b61bfa6102202f99ca2a2d12952515e08e69efa36f1e77
43e333609c454bc9b4e46cd8883821b2b283c5a5a434792330515e1419a0244d
45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707
463d7ba54dcd6fb08d1cafa7e420401aeeeb269950986521c3605e0ec6dfc318
477343df44c11d9ad7663884d364459628cbd94770fe3763fe66067f4e98659e
47a00c205ac23427984e572961850c21efd9d16502680c3876904f4a9840e61d
484c9dc906528d1a062bb6bafbadaf374c145503a4c3de6826c967c642ddcff6
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4af3eb81151bd55414c67ecc463dc62bf30ca07d457c4b278c5769f111cd8212
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b9019b46768d884816f34f0572435e6b9060ff9d0ef785996285a9b7d97a715
4ce25b6c8b21a75763485d1f9fc2a87f669919790e3dd954803f4fa2116d11b8
4d13386635299e038737676bd7313d59a59742582e890ee3806e03f7df1be28d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f7b301bc78717404c91000f14bf0173518d3727878f41a7028ba79ec93bbb2a
5034b1e8b66908c5b5ab086669ec8a8fb784cd338345d3b199757153b1adbaac
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
510fb058fcdad3f92be54dba28f7aab43763c46965dc12688d3687884bf01ad1
51646d08a73320c1db3a30ac5e553a11d60e3de11d81c0fe2a001b6c983acda8
54bd9e1ff75e928d885b41f680efd1ebf427f1ab716ef054b3dab9741b8e8d99
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57b7f2b2bcdd983268775ebc6ee71d208510b285d79dd058f2717248079c59d1
5b571d25d3df8cf39b61b15c3a1d5f897fad2bbe0d2ada8e44bd7807f62cca6a
5ba684c3a6ccbf316d0ad92784045b47080968a760cd002a2e74617d4d248abe
5d59625b6564d07e0b7bb8808f2273a0f930a1cbbe622ad9b4eb911abdb56ef5
5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3
5e2e286ea34fc95498453634590b36fe9f7771ee59930d4c6da4b9ecc8fb27e3
5e56dfed176d4ebd61853de843789e0b9de308d33510a1d192ad1266ca2fb0ce
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63850e8afff0b10c7e217b8b6ae8f9b6c1c0ca16bbb0e3a900c6ae521bfb778d
64fdded9ab4b4066a71232c0d8c7e2416ec277f566adb122776af14c21831fc3
651fa87b8ab0da2e4d72b3a97116502b1d0256585e8c98d2d49e7022215a6ac2
6743840281f01d5c8c76705f98ef5ca06e815908c79590a2ecf485cd338d6d68
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
68b931411d1b32336caca78f0e52dc3a6f5d197c8d99d811dd5fae004f3a831a
6c2991dd569d370103846b2fcac07f52a3914e59fdd33e39bb3c8b2a57b6f6e2
747e8f5454d77ac3ee2339c3490cb7b805d59d7fedd4cc0682ae6ed9c33b7d25
75376d8f59370f5b6c6f1c70e79f33b3d7058dfd6d4ae06709ab26c7bf82bebf
787169fdb7e7dc589aaddbb0bdc446a0d505ec4cf2e358e9017297a448bdc08d
791491576d54ff82f5e9864d01865fa77d4d49e6a96631b698d369a91bdde7d1
7c4ae2b5b4287cd7d94436feb3935a5eca3c0acf6064e39371a7edeffd4f760f
7cab521abbbddbaeba4f0c7525cbf67c5d1e8b56ef8a4a11e9ec62f978032368
80df80639eff50b28f33ab6354c5f7448973e4f47c47fe0c3813c7dea361a7c8
87b3beae1d08bf029d04938bc1d76c7870d450fd75609a85dfafd761cd472047
87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
88a1c45bf18eb251b2cc58cd55a9a08e409a733f304e547504531fd0caf9b78b
8a2a95a3a1132f723ce3e0491f8ffff068d48e038449074b52494e552e894996
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
9285a80d8ab5865b3c84926cf203f1b3d15667d275a88f64dcfeb83d9ed2d316
95045347f438c2512764824b7bd997e68b8c18b06ef5c234962eba3b3024f6e8
97299033768eedf6439d2cc8c33935b8e17770a77ead11300385c295757c9878
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99102e527161666787f96e02feaaf9416de6b06d3fcea9635c500ef4662d238b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ea8618309c215bd7f95d8c07891c60bcc36fe0b4262a4a1f323ae3ab8ecffbb
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a2fb8432db997e3cc839797f5f5a3b6c7d27874c4bbab47720cebc452612b75a
a40dcd59c23d9ed6f0fbaeefeb57c78543b487ad93c49f5f74b89dd85b0ea278
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6bdf620e64f6f9481b0b273e6365a133ce173c2feb8839cfb99542f0f7f518e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab665fd42efb1585d9ebb070a1991a2b41d138cbae4fd0fed1aa857d79a5142e
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
adad15714faddc1c3cccf094517d3ed81a6f5680b159169cf74cbad346c95978
af0d6570462dee3c3937e8694b2ee98ea78313219976105080e94680c29769ad
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b048e01655cdf47f739c288fc4195c26de3883db4ebc4368242fa38b0ca0062d
b083f5c629605ca218ade301d38dab4e7a94c1a2c533141205175f1fcc27637a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1722ccf7c846edbf97d882446d452454df0335647272838502e2d1bde3f32f3
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6227515defa43493593661bd5eb5fa369c22843fab1cf4156d137ed5d7b439d
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
becd423da9f3528d52e150e09c4b32047f2fe870e8705e45c019cc6109dd48bc
bee4c3ddceefb6558b86e3d6bbe40326f6d67e1b0b535eb6949d570e7630d82d
bf557425d76a8c36ddb621c3de7eb8dd392709ab6f9352b4fb97ae380cb78adc
bf9550738787ac8f8b372c78c259e02c7f157206459135894923c7290850a2bb
c0372c58d2c88c2c3829721f2efa381e47d42bd26588518d8b3b511e3054ea07
c04eb5749b569c0054bac1771581bd24e4f44d7908aed5208f284f83b8e973e1
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf
c59699c3a2d074893c749ab16e8acaa40bc89391db9cbd30e12b16cf01242e5e
c68383395f4281743e04802b24c0499e6fc64c619594031ec21325ec37fce1e1
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc10e02f4c1daa00e6b2c098833c4cb62e147c160eb9466123644bd8728e9f85
cc50d017b2657878ca200cfbdf8ad6ddcdfd1021b0cf19d97c9fb231eec0aabb
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d608e388eb92365b06bc7383622c408c8c78782d629f0869cb8464537a8ee94d
d693011b73bd4873129478bd4739611deeb73fc078e1b419671ca79bed7f43c4
d72cab1ad4ff376552c86bfef25bb887ce2bc1308713cfd26c5b40560179b923
dad2f6159abb9de9e578e7f7d642e74f2204e21970621104b7d36e88bbb9a253
db91ff216f2baef1aed095aa025c03b404d2086b2b8c18c1214ca3417467ec28
db9c2689cb3193a507d3fcf98b5fdb685a8c790caad4461656fc9937180dcc36
dd4c1968239cd97688e2725ff0292fb788d1c752ac068c257df1823638f14a82
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def3e951dc3a97e6d1d3e52b737f0f77b46a7a715f0648e27e44326e5a76a82b
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2fd5454e78881c6473682a91be312322de22a2fb8e629e8ddb3157d0794456e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8ec2a4d84f51a4860526181c3822b954b3a134dc14446ba753b37708470171d
ea57eb2b36d4e651ef36f9304a5aa51d012cf5dd8ef15ac54d501f331ba4c5a9
eaa5443e4bb2284d9622d9d514ea9bf6f0501a78351eaf654718afa3f55ca3aa
ec3602b0a6c7bf513449055d8e1237dbc1c312d1b2bb28ff3d2515b02a279699
ed2bf6f63c5ac50c4879e79af4b5bf0aead4b3a4b8a1292f82f90a9e3a25abb2
ed32d7e02ff9ac490a517398da4808e389f81e47f62d316b8655ea23f306fc99
ed414136267bbd6ae5e05c28ba7bcb89a0a23df2990924254b25a0ace882c60f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effbe2af24ce6545f073003b4e4af6f5f7b866f6b64378cd59bc31c3eb100596
f1346360729e77380edf8f17fa421b76452289ae1b5f4be290b19c4d204e9587
f3c931fcf7dd0c4696d398d2d5c9e3d1b60bca8a8384d133fd2021c9c132fefb
f404bc24d3c7e2e7d810748a74672c6ebfbb16c07ea6df813ebd0240a74f1026
f58a4cb0962b0485bd2fc3d4f9d8435fc2ec7c1dfd2cd9e8953c17fce0e6d65b
f64fc7b1420b65cc4820a5fa115d93ffdfe6eb471cc27811806df52dcc52afc2
f867f9dec1dd7c5e338e024001d9de4e7f25cbdb033358e0f11994d11ca472ad
f94a0b25ed421e6643ca8ae21ccd63cf5630e8db8a3b64f63a669936d068c427
fb8ae618006941b6b9f90f644b3fffa993586c2ceb817a5fab715a0a7b543c47