urlscan.io logo urlscan.io
SecurityTrails logo

www.hawtcelebs.com Open in urlscan Pro
2606:4700:3036::ac43:b893  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.hawtcelebs.com/
Submission: On July 20 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 158 IPs in 9 countries across 151 domains to perform 1165 HTTP transactions. The main IP is 2606:4700:3036::ac43:b893, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hawtcelebs.com. The Cisco Umbrella rank of the primary domain is 170215.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 6th 2022. Valid for: a year.
This is the only time www.hawtcelebs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 2606:4700:303... 13335 (CLOUDFLAR...)
5 2607:f8b0:400... 15169 (GOOGLE)
41 2606:4700::68... 13335 (CLOUDFLAR...)
10 68.71.249.118 20093 (ZEROLAG)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 6 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
37 2607:f8b0:400... 15169 (GOOGLE)
10 142.251.40.130 15169 (GOOGLE)
2 151.101.65.194 54113 (FASTLY)
5 2600:9000:216... 16509 (AMAZON-02)
2 8 2620:116:800b... 14618 (AMAZON-AES)
10 11 68.67.161.182 29990 (ASN-APPNEX)
18 20 104.36.113.35 62713 (AS-PUBMATIC)
40 54 142.251.41.2 15169 (GOOGLE)
22 56 104.36.115.109 62713 (AS-PUBMATIC)
3 11 104.36.113.24 62713 (AS-PUBMATIC)
8 48 104.18.19.126 13335 (CLOUDFLAR...)
8 2607:f8b0:400... 15169 (GOOGLE)
3 2600:9000:220... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 46.105.202.126 16276 (OVH)
23 2607:f8b0:400... 15169 (GOOGLE)
10 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
32 2607:f8b0:400... 15169 (GOOGLE)
10 142.250.80.34 15169 (GOOGLE)
1 35.201.74.200 15169 (GOOGLE)
1 3 35.190.52.204 15169 (GOOGLE)
8 10 141.95.98.68 16276 (OVH)
16 45 68.67.160.76 29990 (ASN-APPNEX)
2 142.251.40.134 15169 (GOOGLE)
2 2600:9000:216... 16509 (AMAZON-02)
1 46.105.201.240 16276 (OVH)
6 2606:4700:303... 13335 (CLOUDFLAR...)
3 158.69.139.230 16276 (OVH)
2 2607:f8b0:400... 15169 (GOOGLE)
3 13 129.159.70.95 31898 (ORACLE-BM...)
132 3.92.156.8 14618 (AMAZON-AES)
5 69.166.1.15 27630 (AS-XFERNET)
5 2602:803:c002... 26667 (RUBICONPR...)
1 26 145.40.88.5 54825 (PACKET)
1 6 54.243.214.150 14618 (AMAZON-AES)
5 34.149.20.76 15169 (GOOGLE)
1 67.202.94.86 32748 (STEADFAST)
1 2607:f8b0:400... 15169 (GOOGLE)
14 108.138.109.24 16509 (AMAZON-02)
1 192.99.0.58 16276 (OVH)
5 18.116.122.191 16509 (AMAZON-02)
2 104.18.36.173 13335 (CLOUDFLAR...)
1 2600:9000:212... 16509 (AMAZON-02)
4 3.224.73.141 14618 (AMAZON-AES)
12 151.139.128.11 20446 (STACKPATH...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 158.69.139.238 16276 (OVH)
4 99.84.126.46 16509 (AMAZON-02)
2 45.55.120.93 14061 (DIGITALOC...)
2 2606:4700:303... 13335 (CLOUDFLAR...)
9 9 51.222.80.231 16276 (OVH)
20 22 15.197.193.217 16509 (AMAZON-02)
2 19 52.73.102.235 14618 (AMAZON-AES)
6 8 3.233.22.19 14618 (AMAZON-AES)
3 34.197.4.79 14618 (AMAZON-AES)
8 23.219.17.240 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 67.202.105.32 32748 (STEADFAST)
43 2606:4700:303... 13335 (CLOUDFLAR...)
8 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:402... 15169 (GOOGLE)
22 67.226.210.221 26120 (RHYTHMONE)
20 74.119.119.129 19750 (AS-CRITEO)
11 52.7.193.118 14618 (AMAZON-AES)
1 61 2606:4700:10:... 13335 (CLOUDFLAR...)
11 100.25.229.211 14618 (AMAZON-AES)
2 13 172.98.26.125 399668 (E-PLANNING-)
11 185.184.10.30 203690 (RTB-HOUSE...)
9 23.64.60.212 16625 (AKAMAI-AS)
1 8.2.111.123 46636 (NATCOWEB)
1 14 104.22.69.131 13335 (CLOUDFLAR...)
4 5 192.96.200.41 30633 (LEASEWEB-...)
1 34.149.139.129 15169 (GOOGLE)
2 18 52.46.128.147 16509 (AMAZON-02)
3 2600:9000:21d... 16509 (AMAZON-02)
5 68.67.160.186 29990 (ASN-APPNEX)
2 34.117.239.71 15169 (GOOGLE)
1 52.7.73.102 14618 (AMAZON-AES)
4 68.71.249.120 20093 (ZEROLAG)
8 54.88.217.144 14618 (AMAZON-AES)
1 5 18.217.183.114 16509 (AMAZON-02)
8 10 35.190.60.146 15169 (GOOGLE)
5 8 107.178.254.65 15169 (GOOGLE)
3 3 54.164.129.77 14618 (AMAZON-AES)
2 3 34.232.140.51 14618 (AMAZON-AES)
1 2 34.111.234.236 15169 (GOOGLE)
9 14 104.126.112.185 16625 (AKAMAI-AS)
5 5 2620:1ec:21::14 8068 (MICROSOFT...)
2 7 104.18.100.194 13335 (CLOUDFLAR...)
1 2 99.84.126.66 16509 (AMAZON-02)
12 14 107.178.246.49 15169 (GOOGLE)
2 54.92.156.105 14618 (AMAZON-AES)
1 1 130.211.9.179 15169 (GOOGLE)
1 35.226.42.89 396982 (GOOGLE-CL...)
4 4 67.202.105.24 32748 (STEADFAST)
1 104.18.35.34 13335 (CLOUDFLAR...)
12 12 52.2.125.196 14618 (AMAZON-AES)
2 4 2606:4700:10:... 13335 (CLOUDFLAR...)
1 169.47.141.243 36351 (SOFTLAYER)
1 23.5.229.102 16625 (AKAMAI-AS)
1 5.135.142.36 16276 (OVH)
7 151.101.129.108 54113 (FASTLY)
6 6 2600:9000:214... 16509 (AMAZON-02)
6 51.222.39.185 16276 (OVH)
5 5 169.55.104.49 36351 (SOFTLAYER)
8 23 52.70.74.97 14618 (AMAZON-AES)
10 23.4.226.82 16625 (AKAMAI-AS)
10 10 52.45.33.138 14618 (AMAZON-AES)
1 1 199.187.193.202 47043 (SMARTADSE...)
16 16 2606:ae80:145... 26762 (CNVR-US-EAST)
10 38 35.71.139.29 16509 (AMAZON-02)
1 2 104.19.136.78 13335 (CLOUDFLAR...)
1 1 3.225.46.53 14618 (AMAZON-AES)
1 8 104.36.113.23 62713 (AS-PUBMATIC)
1 13.33.60.25 16509 (AMAZON-02)
1 104.16.108.154 13335 (CLOUDFLAR...)
2 3 52.0.156.250 14618 (AMAZON-AES)
1 1 52.23.75.135 14618 (AMAZON-AES)
3 3 52.70.163.135 14618 (AMAZON-AES)
1 1 64.58.232.179 13649 (ASN-VINS)
1 64.58.232.180 13649 (ASN-VINS)
3 3 44.196.137.234 14618 (AMAZON-AES)
6 6 216.200.232.249 30419 (MEDIAMATH...)
6 6 207.198.113.88 13768 (COGECO-PEER1)
6 11 69.173.151.100 26667 (RUBICONPR...)
10 10 151.101.130.49 54113 (FASTLY)
2 6 143.204.146.34 16509 (AMAZON-02)
1 1 2620:112:f002... 6336 (TURN-US-ASN)
3 7 2a02:2638:1::13 44788 (ASN-CRITE...)
3 3 8.43.72.98 26667 (RUBICONPR...)
2 2620:100:a001::4 19750 (AS-CRITEO)
10 11 50.31.142.95 22075 (AS-OUTBRAIN)
25 25 35.211.178.172 19527 (GOOGLE-2)
2 2 35.211.141.197 19527 (GOOGLE-2)
3 3 35.207.24.140 15169 (GOOGLE)
2 35.241.31.249 15169 (GOOGLE)
1 135.125.180.61 16276 (OVH)
5 74.119.119.139 19750 (AS-CRITEO)
2 35.211.20.91 19527 (GOOGLE-2)
12 74.119.119.73 19750 (AS-CRITEO)
1 1 204.62.13.72 46636 (NATCOWEB)
3 3 141.226.224.48 200478 (TABOOLA-AS)
4 34.225.144.85 14618 (AMAZON-AES)
3 34.197.185.21 14618 (AMAZON-AES)
1 3.225.53.134 14618 (AMAZON-AES)
1 5 69.166.1.10 27630 (AS-XFERNET)
4 4 198.148.27.139 19189 (PULSEPOINT)
2 2 199.38.167.130 54312 (ROCKETFUEL)
1 2 37.157.6.245 198622 (ADFORM)
2 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 23.205.61.25 16625 (AKAMAI-AS)
1 1 199.187.193.192 47043 (SMARTADSE...)
2 7 34.98.64.218 15169 (GOOGLE)
4 2620:1ec:c11:... 8068 (MICROSOFT...)
6 12 2600:1f18:4e9... 14618 (AMAZON-AES)
6 6 35.190.90.30 15169 (GOOGLE)
10 10 96.46.183.20 7979 (SERVERS-COM)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 9 185.167.164.49 198622 (ADFORM)
2 2 35.211.233.246 19527 (GOOGLE-2)
4 4 54.81.150.202 14618 (AMAZON-AES)
11 11 69.175.41.15 32475 (SINGLEHOP...)
4 4 23.221.200.79 16625 (AKAMAI-AS)
4 8 199.127.204.142 26120 (RHYTHMONE)
4 4 104.105.42.146 16625 (AKAMAI-AS)
1 1 35.211.118.13 15169 (GOOGLE)
1 1 199.187.193.182 47043 (SMARTADSE...)
1 104.36.115.123 62713 (AS-PUBMATIC)
1 52.54.161.46 14618 (AMAZON-AES)
1 1 34.111.151.213 15169 (GOOGLE)
7 104.18.18.126 13335 (CLOUDFLAR...)
1 1 54.157.54.2 14618 (AMAZON-AES)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
5 5 23.3.125.39 16625 (AKAMAI-AS)
2 5 2606:4700:440... 13335 (CLOUDFLAR...)
2 2 54.144.223.251 14618 (AMAZON-AES)
5 5 54.84.62.20 14618 (AMAZON-AES)
3 4 169.197.150.7 398989 (DEEPINTENT)
1 2 52.45.92.187 14618 (AMAZON-AES)
1 1 63.251.28.219 26558 (FREEWHEEL)
1 1 23.235.251.213 19437 (SS-ASH)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
9 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 199.187.193.185 47043 (SMARTADSE...)
2 2 54.90.233.89 14618 (AMAZON-AES)
1 52.95.126.138 16509 (AMAZON-02)
2 2 69.12.8.74 11742 (SPOTX-IAD)
5 5 173.231.178.115 29791 (VOXEL-DOT...)
2 2 135.148.35.198 16276 (OVH)
1 1 3.138.233.59 16509 (AMAZON-02)
2 3 54.144.189.197 14618 (AMAZON-AES)
3 3 74.119.119.150 19750 (AS-CRITEO)
3 3 69.90.254.78 13768 (COGECO-PEER1)
6 6 35.201.96.126 15169 (GOOGLE)
3 162.248.18.10 62713 (AS-PUBMATIC)
3 6 50.57.31.206 19994 (RACKSPACE)
3 6 38.67.14.233 174 (COGENT-174)
3 3 34.102.253.54 15169 (GOOGLE)
1 1 104.45.178.220 8075 (MICROSOFT...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2a04:4e42:200... 54113 (FASTLY)
1 151.101.129.44 54113 (FASTLY)
1 1 172.105.221.29 63949 (LINODE-AP...)
3 3 74.222.140.126 18672 (EVOCATIVE1)
1 2 52.2.65.122 14618 (AMAZON-AES)
1 54.243.198.75 14618 (AMAZON-AES)
1 52.206.113.215 14618 (AMAZON-AES)
3 142.250.176.194 ()
1165 158
16    2606:4700:3036::ac43:b893 (United States)

ASN13335 (CLOUDFLARENET, US)
www.hawtcelebs.com
5    2607:f8b0:4006:809::200a (New York, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
41    2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)
live.demand.supply
api.demand.supply
10    68.71.249.118 (Toronto, Canada)

ASN20093 (ZEROLAG, US)
udmserve.net
1    2606:4700:20::681a:507 (United States)

ASN13335 (CLOUDFLARENET, US)
waust.at
4    2606:4700:3033::6815:3c4d (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.whizzco.com
api.whizzco.com
6    2606:4700::6812:1c79 (United States)

ASN13335 (CLOUDFLARENET, US)
services.vlitag.com
tag.vlitag.com
assets.vlitag.com
media.vlitag.com
1    2607:f8b0:4006:81f::2008 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2607:f8b0:4006:80d::2003 (New York, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
37    2607:f8b0:4006:822::2002 (New York, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
10    142.251.40.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net
securepubads.g.doubleclick.net
2    151.101.65.194 (United States)

ASN54113 (FASTLY, US)
confiant-integrations.global.ssl.fastly.net
5    2600:9000:2162:8e00:5:c4ab:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
bid.underdog.media
8    2620:116:800b:21:a021:b886:81cc:55cf (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
11    68.67.161.182 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
20    104.36.113.35 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
54    142.251.41.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net
cm.g.doubleclick.net
56    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
11    104.36.113.24 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
48    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
8    2607:f8b0:4006:824::2002 (New York, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2600:9000:2209:600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2607:f8b0:4006:80b::2002 (New York, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2607:f8b0:4006:823::2001 (New York, United States)

ASN15169 (GOOGLE, US)
fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
23    2607:f8b0:4006:816::2001 (New York, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
10    2607:f8b0:4006:81f::2002 (New York, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    2607:f8b0:4006:816::2004 (New York, United States)

ASN15169 (GOOGLE, US)
www.google.com
32    2607:f8b0:4006:817::2006 (New York, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
10    142.250.80.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net
googleads4.g.doubleclick.net
1    35.201.74.200 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 200.74.201.35.bc.googleusercontent.com
ag.yieldoptimizer.com
3    35.190.52.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.52.190.35.bc.googleusercontent.com
tag.yieldoptimizer.com
10    141.95.98.68 (France)

ASN16276 (OVH, FR)
PTR: ns3216657.ip-141-95-98.eu
id5-sync.com
45    68.67.160.76 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    142.251.40.134 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f6.1e100.net
ad.doubleclick.net
2    2600:9000:2162:7600:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
6    2606:4700:3036::ac43:c1dd (United States)

ASN13335 (CLOUDFLARENET, US)
api.whizzco.com
3    158.69.139.230 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip230.ip-158-69-139.net
t.dtscout.com
2    2607:f8b0:4006:809::200e (New York, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
13    129.159.70.95 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
underdog.technoratimedia.com
sync.technoratimedia.com
132    3.92.156.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-156-8.compute-1.amazonaws.com
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
5    69.166.1.15 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
5    2602:803:c002:200::116 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
26    145.40.88.5 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
6    54.243.214.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-214-150.compute-1.amazonaws.com
d.adroll.com
5    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    67.202.94.86 (Chicago, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us
whos.amung.us
1    2607:f8b0:4006:81c::200a (New York, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
14    108.138.109.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-109-24.jfk50.r.cloudfront.net
c.amazon-adsystem.com
1    192.99.0.58 (Canada)

ASN16276 (OVH, FR)
PTR: ns500326.ip-192-99-0.net
s4.histats.com
5    18.116.122.191 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-116-122-191.us-east-2.compute.amazonaws.com
pd.sharethis.com
2    104.18.36.173 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
1    2600:9000:2120:6e00:3:7df3:55c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn2.decide.dev
4    3.224.73.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-73-141.compute-1.amazonaws.com
prebid-server.rubiconproject.com
12    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
assets.revcontent.com
img.revcontent.com
cdn.revcontent.com
images.revcontent.com
2    2607:f8b0:4004:c09::9b (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    158.69.139.238 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip238.ip-158-69-139.net
e.dtscout.com
4    99.84.126.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-126-46.ewr52.r.cloudfront.net
tags.crwdcntrl.net
2    45.55.120.93 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
t.dtscdn.com
2    2606:4700:3032::ac43:dc33 (United States)

ASN13335 (CLOUDFLARENET, US)
a.dtssrv.com
9    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-1.cloudy.ovh
pixel.onaudience.com
22    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
19    52.73.102.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-102-235.compute-1.amazonaws.com
sync.crwdcntrl.net
bcp.crwdcntrl.net
8    3.233.22.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-22-19.compute-1.amazonaws.com
ps.eyeota.net
3    34.197.4.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-4-79.compute-1.amazonaws.com
apis.cmp.quantcast.com
8    23.219.17.240 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-219-17-240.deploy.static.akamaitechnologies.com
t.sharethis.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
ic.tynt.com
de.tynt.com
43    2606:4700:3037::ac43:9e3b (United States)

ASN13335 (CLOUDFLARENET, US)
px.vliplatform.com
8    2606:4700::6812:1d79 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.vlitag.com
tag.vlitag.com
1    2607:f8b0:4006:821::200e (New York, United States)

ASN15169 (GOOGLE, US)
redirector.googlevideo.com
1    2607:f8b0:4021:7::9 (United States)

ASN15169 (GOOGLE, US)
r4---sn-hp57kn6y.googlevideo.com
22    67.226.210.221 (United States)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
20    74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com
bidder.criteo.com
11    52.7.193.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-193-118.compute-1.amazonaws.com
btlr.sharethrough.com
61    2606:4700:10::ac43:2ac9 (United States)

ASN13335 (CLOUDFLARENET, US)
useast.quantumdex.io
sync.quantumdex.io
ss-pbs.quantumdex.io
11    100.25.229.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-229-211.compute-1.amazonaws.com
tlx.3lift.com
13    172.98.26.125 (Ashburn, United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
11    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
prebid-us.creativecdn.com
9    23.64.60.212 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-60-212.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    8.2.111.123 (United States)

ASN46636 (NATCOWEB, US)
colossusssp.com
14    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
5    192.96.200.41 (West Mifflin, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
sync.aralego.com
1    34.149.139.129 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 129.139.149.34.bc.googleusercontent.com
decide.dev
18    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    2600:9000:21dd:2400:9:d7ff:bd00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn1.decide.dev
5    68.67.160.186 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
nym1-ib.adnxs.com
2    34.117.239.71 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 71.239.117.34.bc.googleusercontent.com
lbs-event.gcp.lineate-33x.net
cms-xch.33across.com
1    52.7.73.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-73-102.compute-1.amazonaws.com
protected-by.clarium.io
4    68.71.249.120 (Toronto, Canada)

ASN20093 (ZEROLAG, US)
PTR: underdogmedia.com
edge.udmserve.net
8    54.88.217.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-217-144.compute-1.amazonaws.com
trends.revcontent.com
5    18.217.183.114 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-217-183-114.us-east-2.compute.amazonaws.com
sync.sharethis.com
10    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
rc.rlcdn.com
id.rlcdn.com
8    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
3    54.164.129.77 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-129-77.compute-1.amazonaws.com
usermatch.krxd.net
3    34.232.140.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-140-51.compute-1.amazonaws.com
tag.crsspxl.com
2    34.111.234.236 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com
14    104.126.112.185 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-112-185.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
7    104.18.100.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
2    99.84.126.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-126-66.ewr52.r.cloudfront.net
map.go.affec.tv
14    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
2    54.92.156.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-92-156-105.compute-1.amazonaws.com
beacon.krxd.net
1    130.211.9.179 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 179.9.211.130.bc.googleusercontent.com
sync.graph.bluecava.com
1    35.226.42.89 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 89.42.226.35.bc.googleusercontent.com
p.alcmpn.com
4    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
dp2.33across.com
dp1.33across.com
ssc-cms.33across.com
1    104.18.35.34 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-tc.33across.com
12    52.2.125.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-125-196.compute-1.amazonaws.com
match.prod.bidr.io
4    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    169.47.141.243 (Ashburn, United States)

ASN36351 (SOFTLAYER, US)
PTR: f3.8d.2fa9.ip4.static.sl-reverse.com
i.simpli.fi
1    23.5.229.102 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-5-229-102.deploy.static.akamaitechnologies.com
tags.bkrtx.com
1    5.135.142.36 (Chasne-sur-Illet, France)

ASN16276 (OVH, FR)
PTR: js07.adlooxtracking.com
j.adlooxtracking.com
7    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
acdn.adnxs.com
6    2600:9000:2140:1800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
6    51.222.39.185 (Canada)

ASN16276 (OVH, FR)
PTR: ip185.ip-51-222-39.net
onetag-sys.com
5    169.55.104.49 (Ashburn, United States)

ASN36351 (SOFTLAYER, US)
PTR: 31.68.37a9.ip4.static.sl-reverse.com
um.simpli.fi
23    52.70.74.97 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-74-97.compute-1.amazonaws.com
match.sharethrough.com
10    23.4.226.82 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-4-226-82.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
10    52.45.33.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    199.187.193.202 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync-us.smartadserver.com
16    2606:ae80:1451:13::2330 (United States)

ASN26762 (CNVR-US-EAST, US)
amazon-tam-match.dotomi.com
stx-match.dotomi.com
casale-match.dotomi.com
pubmatic-match.dotomi.com
38    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)
cm.mgid.com
1    3.225.46.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-46-53.compute-1.amazonaws.com
sync.ipredictive.com
8    104.36.113.23 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    13.33.60.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-25.ewr52.r.cloudfront.net
audex.userreport.com
1    104.16.108.154 (None, )

ASN13335 (CLOUDFLARENET, US)
dmp.truoptik.com
3    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loadus.exelator.com
loadm.exelator.com
1    52.23.75.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-75-135.compute-1.amazonaws.com
px.surveywall-api.survata.com
3    52.70.163.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-163-135.compute-1.amazonaws.com
dpm.demdex.net
1    64.58.232.179 (United States)

ASN13649 (ASN-VINS, US)
global.ib-ibi.com
1    64.58.232.180 (United States)

ASN13649 (ASN-VINS, US)
ib.mookie1.com
3    44.196.137.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-137-234.compute-1.amazonaws.com
sync.srv.stackadapt.com
6    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    207.198.113.88 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
11    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
10    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
6    143.204.146.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-146-34.ewr52.r.cloudfront.net
aa.agkn.com
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
7    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
11    50.31.142.95 (Lincolnwood, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
25    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
us-east-sync.bidswitch.net
2    35.211.141.197 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 197.141.211.35.bc.googleusercontent.com
m.fg8dgt.com
3    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
2    35.241.31.249 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 249.31.241.35.bc.googleusercontent.com
data00.adlooxtracking.com
1    135.125.180.61 (France)

ASN16276 (OVH, FR)
PTR: f34.adventori.com
adventori.com
5    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
2    35.211.20.91 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 91.20.211.35.bc.googleusercontent.com
prod-use.perf-serving.com
12    74.119.119.73 (United States)

ASN19750 (AS-CRITEO, US)
ssp-sync.criteo.com
1    204.62.13.72 (Clifton, United States)

ASN46636 (NATCOWEB, US)
inv-nets.admixer.net
3    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
4    34.225.144.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-144-85.compute-1.amazonaws.com
yeet.revcontent.com
3    34.197.185.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-185-21.compute-1.amazonaws.com
tk.airfrance.fr
1    3.225.53.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-53-134.compute-1.amazonaws.com
id.crwdcntrl.net
5    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
4    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
2    2606:4700:3037::ac43:9a47 (United States)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
2    2606:4700:20::681a:567 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
1    23.205.61.25 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-61-25.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    199.187.193.192 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
7    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
u.openx.net
4    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
12    2600:1f18:4e9:5a02:357b:502f:f800:1eb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
6    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
10    96.46.183.20 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    2606:4700::6813:9e13 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
9    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    35.211.233.246 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 246.233.211.35.bc.googleusercontent.com
a.sportradarserving.com
4    54.81.150.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-150-202.compute-1.amazonaws.com
ssp.disqus.com
11    69.175.41.15 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: sovrn-193627-chi03-placeholder
ap.lijit.com
4    23.221.200.79 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-200-79.deploy.static.akamaitechnologies.com
hbx.media.net
8    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
usermatch.targeting.unrulymedia.com
sync.1rx.io
sync.targeting.unrulymedia.com
4    104.105.42.146 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-105-42-146.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    35.211.118.13 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 13.118.211.35.bc.googleusercontent.com
r.bidswitch.net
1    199.187.193.182 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync-global.smartadserver.com
1    104.36.115.123 (United States)

ASN62713 (AS-PUBMATIC, US)
ow.pubmatic.com
1    52.54.161.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-161-46.compute-1.amazonaws.com
pb-server.ezoic.com
1    34.111.151.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
7    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum.casalemedia.com
r.casalemedia.com
1    54.157.54.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-54-2.compute-1.amazonaws.com
nep.advangelists.com
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
5    23.3.125.39 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-3-125-39.deploy.static.akamaitechnologies.com
px.owneriq.net
5    2606:4700:4400::ac40:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    54.144.223.251 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-223-251.compute-1.amazonaws.com
sync.extend.tv
5    54.84.62.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-62-20.compute-1.amazonaws.com
pm.w55c.net
4    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    52.45.92.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-92-187.compute-1.amazonaws.com
um2.eqads.com
1    63.251.28.219 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
1    23.235.251.213 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
9    2606:4700:10::ac43:8ae (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.connectad.io
sync-eu.connectad.io
sync.connectad.io
2    199.187.193.185 (Canada)

ASN47043 (SMARTADSERVER, CA)
sync.smartadserver.com
2    54.90.233.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-233-89.compute-1.amazonaws.com
ice.360yield.com
1    52.95.126.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    69.12.8.74 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
5    173.231.178.115 (United States)

ASN29791 (VOXEL-DOT-NET, US)
PTR: lga-delivery-7.sys.adgear.com
cm.adgrx.com
2    135.148.35.198 (United States)

ASN16276 (OVH, FR)
PTR: ns1015826.ip-135-148-35.us
gu.dyntrk.com
1    3.138.233.59 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-138-233-59.us-east-2.compute.amazonaws.com
sync.adotmob.com
3    54.144.189.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-189-197.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
3    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
3    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
6    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
3    162.248.18.10 (United States)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
6    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
6    38.67.14.233 (Rockport, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
3    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    2606:4700::6813:ad6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
1    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
1    172.105.221.29 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1875-29.members.linode.com
gocm.c.appier.net
3    74.222.140.126 (United States)

ASN18672 (EVOCATIVE1, US)
PTR: 74.222.140.126.CUSTOMER.VPLS.NET
match.bnmla.com
2    52.2.65.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-65-122.compute-1.amazonaws.com
io.narrative.io
1    54.243.198.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-198-75.compute-1.amazonaws.com
rtb.adentifi.com
1    52.206.113.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-113-215.compute-1.amazonaws.com
rtb.gumgum.com
3    142.250.176.194 (None, )

ASN- ()
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
154 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 905
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1033
ups.analytics.yahoo.com — Cisco Umbrella Rank: 285
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 473
24 KB
108 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 587
image2.pubmatic.com — Cisco Umbrella Rank: 875
image4.pubmatic.com — Cisco Umbrella Rank: 891
ads.pubmatic.com — Cisco Umbrella Rank: 485
image6.pubmatic.com — Cisco Umbrella Rank: 634
ow.pubmatic.com — Cisco Umbrella Rank: 4028
simage2.pubmatic.com — Cisco Umbrella Rank: 604
simage4.pubmatic.com — Cisco Umbrella Rank: 1208
aud.pubmatic.com — Cisco Umbrella Rank: 5607
153 KB
86 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
googleads.g.doubleclick.net — Cisco Umbrella Rank: 56
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 296
ad.doubleclick.net — Cisco Umbrella Rank: 202
stats.g.doubleclick.net — Cisco Umbrella Rank: 117
408 KB
68 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 430
ib.adnxs.com — Cisco Umbrella Rank: 234
nym1-ib.adnxs.com — Cisco Umbrella Rank: 1185
cdn.adnxs.com — Cisco Umbrella Rank: 1318
acdn.adnxs.com — Cisco Umbrella Rank: 566
199 KB
68 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
ade.googlesyndication.com
429 KB
61 quantumdex.io
useast.quantumdex.io — Cisco Umbrella Rank: 11926
sync.quantumdex.io — Cisco Umbrella Rank: 4782
ss-pbs.quantumdex.io — Cisco Umbrella Rank: 50210
11 KB
55 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 460
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531
ssum.casalemedia.com — Cisco Umbrella Rank: 1354
dsum.casalemedia.com — Cisco Umbrella Rank: 1250
r.casalemedia.com — Cisco Umbrella Rank: 770
50 KB
49 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 635
eb2.3lift.com — Cisco Umbrella Rank: 400
30 KB
47 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 722
gum.criteo.com — Cisco Umbrella Rank: 397
mug.criteo.com — Cisco Umbrella Rank: 2751
ssp-sync.criteo.com — Cisco Umbrella Rank: 1458
dis.criteo.com — Cisco Umbrella Rank: 713
22 KB
43 vliplatform.com
px.vliplatform.com — Cisco Umbrella Rank: 20229
23 KB
41 demand.supply
live.demand.supply — Cisco Umbrella Rank: 38208
api.demand.supply — Cisco Umbrella Rank: 62517
41 KB
37 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 516
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1108
eus.rubiconproject.com — Cisco Umbrella Rank: 598
token.rubiconproject.com — Cisco Umbrella Rank: 703
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 943
pixel.rubiconproject.com — Cisco Umbrella Rank: 333
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1045
73 KB
34 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1326
match.sharethrough.com — Cisco Umbrella Rank: 523
16 KB
33 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 323
s.amazon-adsystem.com — Cisco Umbrella Rank: 287
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1294
61 KB
32 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 273
582 KB
27 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 864
usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 3147
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1214
2 KB
27 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1317
assets.a-mo.net — Cisco Umbrella Rank: 3945
10 KB
26 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
us-east-sync.bidswitch.net — Cisco Umbrella Rank: 1787
r.bidswitch.net — Cisco Umbrella Rank: 6983
12 KB
24 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1361
sync.crwdcntrl.net — Cisco Umbrella Rank: 720
bcp.crwdcntrl.net — Cisco Umbrella Rank: 841
id.crwdcntrl.net — Cisco Umbrella Rank: 1472
38 KB
24 revcontent.com
assets.revcontent.com — Cisco Umbrella Rank: 5291
trends.revcontent.com — Cisco Umbrella Rank: 2658
img.revcontent.com — Cisco Umbrella Rank: 7801
cdn.revcontent.com — Cisco Umbrella Rank: 6267
images.revcontent.com — Cisco Umbrella Rank: 5647
yeet.revcontent.com — Cisco Umbrella Rank: 5737
127 KB
22 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 362
13 KB
18 sharethis.com
pd.sharethis.com — Cisco Umbrella Rank: 10436
t.sharethis.com — Cisco Umbrella Rank: 5991
sync.sharethis.com — Cisco Umbrella Rank: 3148
33 KB
16 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 5658
stx-match.dotomi.com — Cisco Umbrella Rank: 2090
casale-match.dotomi.com — Cisco Umbrella Rank: 2938
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3775
5 KB
16 hawtcelebs.com
www.hawtcelebs.com — Cisco Umbrella Rank: 170215
733 KB
14 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 451
1007 B
14 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 471
stags.bluekai.com — Cisco Umbrella Rank: 504
6 KB
14 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 6181
csync.smilewanted.com — Cisco Umbrella Rank: 4954
static.smilewanted.com — Cisco Umbrella Rank: 10367
19 KB
14 creativecdn.com
prebid-us.creativecdn.com — Cisco Umbrella Rank: 11765
creativecdn.com — Cisco Umbrella Rank: 632
3 KB
14 vlitag.com
services.vlitag.com — Cisco Umbrella Rank: 22622
tag.vlitag.com — Cisco Umbrella Rank: 27059
assets.vlitag.com — Cisco Umbrella Rank: 26620
media.vlitag.com — Cisco Umbrella Rank: 37455
1 MB
14 udmserve.net
udmserve.net — Cisco Umbrella Rank: 3539
edge.udmserve.net — Cisco Umbrella Rank: 23164
23 KB
13 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 7426
10 KB
13 technoratimedia.com
underdog.technoratimedia.com — Cisco Umbrella Rank: 32475
sync.technoratimedia.com — Cisco Umbrella Rank: 1149
5 KB
12 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 481
5 KB
11 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 699
6 KB
11 adform.net
cm.adform.net — Cisco Umbrella Rank: 1608
c1.adform.net — Cisco Umbrella Rank: 606
5 KB
11 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 534
6 KB
11 33across.com
ssc.33across.com — Cisco Umbrella Rank: 1871
dp2.33across.com — Cisco Umbrella Rank: 9683
dp1.33across.com — Cisco Umbrella Rank: 6501
cdn-tc.33across.com — Cisco Umbrella Rank: 19001
cms-xch.33across.com — Cisco Umbrella Rank: 7772
ssc-cms.33across.com — Cisco Umbrella Rank: 924
16 KB
11 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1450
id5-sync.com — Cisco Umbrella Rank: 546
24 KB
10 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2101
7 KB
10 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 640
3 KB
10 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 324
rc.rlcdn.com — Cisco Umbrella Rank: 4065
api.rlcdn.com Failed
id.rlcdn.com — Cisco Umbrella Rank: 622
1 KB
10 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 2234
sync.go.sonobi.com — Cisco Umbrella Rank: 1017
13 KB
10 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 181
299 KB
10 whizzco.com
cdn.whizzco.com — Cisco Umbrella Rank: 53469
api.whizzco.com — Cisco Umbrella Rank: 51890
9 KB
9 connectad.io
cdn.connectad.io — Cisco Umbrella Rank: 4184
sync-eu.connectad.io — Cisco Umbrella Rank: 3163
sync.connectad.io — Cisco Umbrella Rank: 4090
3 KB
9 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3919
4 KB
8 pippio.com
pippio.com — Cisco Umbrella Rank: 800
1 KB
8 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 945
5 KB
8 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 991
pixel.quantserve.com — Cisco Umbrella Rank: 452
21 KB
7 openx.net
us-u.openx.net — Cisco Umbrella Rank: 391
u.openx.net — Cisco Umbrella Rank: 718
1 KB
7 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 474
pixel.mathtag.com — Cisco Umbrella Rank: 971
4 KB
7 mookie1.com
ib.mookie1.com — Cisco Umbrella Rank: 2124
odr.mookie1.com — Cisco Umbrella Rank: 926
2 KB
7 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 493
1 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 96
www.google.com — Cisco Umbrella Rank: 10
1 KB
6 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 5897
3 KB
6 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1065
4 KB
6 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 5000
1 KB
6 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 447
4 KB
6 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 579
4 KB
6 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 811
4 KB
6 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 675
3 KB
6 simpli.fi
i.simpli.fi — Cisco Umbrella Rank: 3384
um.simpli.fi — Cisco Umbrella Rank: 850
3 KB
6 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1475
627 B
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 72
imasdk.googleapis.com — Cisco Umbrella Rank: 434
128 KB
5 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1512
4 KB
5 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 792
4 KB
5 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 813
s.tribalfusion.com — Cisco Umbrella Rank: 2171
3 KB
5 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1003
4 KB
5 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 933
trc.taboola.com — Cisco Umbrella Rank: 629
match.taboola.com — Cisco Umbrella Rank: 2360
2 KB
5 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6402
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 626
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1949
sync.smartadserver.com — Cisco Umbrella Rank: 1510
2 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 371
1 KB
5 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1248
beacon.krxd.net — Cisco Umbrella Rank: 462
1 KB
5 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 15148
sync.aralego.com — Cisco Umbrella Rank: 1734
2 KB
5 decide.dev
cdn2.decide.dev — Cisco Umbrella Rank: 35778
decide.dev — Cisco Umbrella Rank: 21757
cdn1.decide.dev — Cisco Umbrella Rank: 23684
74 KB
5 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 9530
ic.tynt.com — Cisco Umbrella Rank: 4813
de.tynt.com — Cisco Umbrella Rank: 1594
16 KB
5 underdog.media
bid.underdog.media — Cisco Umbrella Rank: 13257
347 KB
5 gstatic.com
fonts.gstatic.com
93 KB
4 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 935
1 KB
4 media.net
hbx.media.net — Cisco Umbrella Rank: 1399
2 KB
4 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 2647
1 KB
4 bing.com
c.bing.com — Cisco Umbrella Rank: 192
1 KB
4 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 541
3 KB
4 turn.com
d.turn.com — Cisco Umbrella Rank: 915
ad.turn.com — Cisco Umbrella Rank: 824
2 KB
4 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1792
mwzeom.zeotap.com — Cisco Umbrella Rank: 1448
1 KB
4 dtscout.com
t.dtscout.com — Cisco Umbrella Rank: 13986
e.dtscout.com — Cisco Umbrella Rank: 16511
18 KB
4 yieldoptimizer.com
ag.yieldoptimizer.com — Cisco Umbrella Rank: 20626
tag.yieldoptimizer.com — Cisco Umbrella Rank: 4347
2 KB
3 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 2296
2 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 543
2 KB
3 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4289
887 B
3 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1349
2 KB
3 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1442
953 B
3 airfrance.fr
tk.airfrance.fr — Cisco Umbrella Rank: 29810
6 KB
3 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 897
1 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 762
1 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 186
3 KB
3 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1138
loadm.exelator.com — Cisco Umbrella Rank: 1287
3 KB
3 adlooxtracking.com
j.adlooxtracking.com — Cisco Umbrella Rank: 9058
data00.adlooxtracking.com — Cisco Umbrella Rank: 8423
70 KB
3 crsspxl.com
tag.crsspxl.com — Cisco Umbrella Rank: 4873
1 KB
3 quantcast.com
apis.cmp.quantcast.com — Cisco Umbrella Rank: 8300
457 B
3 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 942
1 KB
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 4113
643 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1358
1 KB
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 508
1007 B
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1794
646 B
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 4115
563 B
2 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1666
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2790
971 B
2 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 4734
2 KB
2 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 7098
1 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 771
1 KB
2 perf-serving.com
prod-use.perf-serving.com — Cisco Umbrella Rank: 9685
293 B
2 fg8dgt.com
m.fg8dgt.com — Cisco Umbrella Rank: 5172
772 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 615
57 KB
2 mgid.com
cm.mgid.com — Cisco Umbrella Rank: 2086
1015 B
2 affec.tv
map.go.affec.tv — Cisco Umbrella Rank: 6876
1 KB
2 ml314.com
ml314.com — Cisco Umbrella Rank: 1474
469 B
2 googlevideo.com
redirector.googlevideo.com — Cisco Umbrella Rank: 804
r4---sn-hp57kn6y.googlevideo.com — Cisco Umbrella Rank: 121656
1 KB
2 dtssrv.com
a.dtssrv.com — Cisco Umbrella Rank: 23988
1 KB
2 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 15505
813 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 16862
s4.histats.com — Cisco Umbrella Rank: 14287
5 KB
2 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2537
45 KB
2 fastly.net
confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1362
68 KB
1 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1289
209 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1224
35 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2368
396 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 952
402 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 4242
350 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1419
706 B
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 5175
612 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 633
579 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 2428
234 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1893
349 B
1 ezoic.com
pb-server.ezoic.com — Cisco Umbrella Rank: 6888
454 B
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2646
586 B
1 adventori.com
adventori.com — Cisco Umbrella Rank: 3873
17 KB
1 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 1739
513 B
1 survata.com
px.surveywall-api.survata.com — Cisco Umbrella Rank: 2915
783 B
1 truoptik.com
dmp.truoptik.com — Cisco Umbrella Rank: 1711
545 B
1 userreport.com
audex.userreport.com — Cisco Umbrella Rank: 3266
433 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1038
448 B
1 bkrtx.com
tags.bkrtx.com — Cisco Umbrella Rank: 3349
16 KB
1 alcmpn.com
p.alcmpn.com — Cisco Umbrella Rank: 4970
165 B
1 bluecava.com
sync.graph.bluecava.com — Cisco Umbrella Rank: 2437
771 B
1 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1784
329 B
1 lineate-33x.net
lbs-event.gcp.lineate-33x.net — Cisco Umbrella Rank: 5509
298 B
1 colossusssp.com
colossusssp.com — Cisco Umbrella Rank: 1637
245 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 424
2 KB
1 amung.us
whos.amung.us — Cisco Umbrella Rank: 15230
145 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 93
41 KB
1 waust.at
waust.at — Cisco Umbrella Rank: 41719
7 KB
1165 151
Domain Requested by
118 c2shb.pubgw.yahoo.com bid.underdog.media
assets.vlitag.com
54 cm.g.doubleclick.net 40 redirects googleads.g.doubleclick.net
bcp.crwdcntrl.net
eb2.3lift.com
eus.rubiconproject.com
u.openx.net
49 sync.quantumdex.io 1 redirects assets.vlitag.com
sync.quantumdex.io
ssum-sec.casalemedia.com
ads.pubmatic.com
45 ib.adnxs.com 16 redirects googleads.g.doubleclick.net
bid.underdog.media
assets.vlitag.com
acdn.adnxs.com
prebid.a-mo.net
csync.smilewanted.com
43 px.vliplatform.com
38 eb2.3lift.com 10 redirects assets.vlitag.com
eb2.3lift.com
38 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
um2.eqads.com
ssum.casalemedia.com
37 simage2.pubmatic.com 10 redirects ads.pubmatic.com
sync.quantumdex.io
37 pagead2.googlesyndication.com live.demand.supply
fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
www.hawtcelebs.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
ad.doubleclick.net
securepubads.g.doubleclick.net
www.googletagservices.com
s0.2mdn.net
33 live.demand.supply www.hawtcelebs.com
live.demand.supply
32 s0.2mdn.net www.hawtcelebs.com
s0.2mdn.net
fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
26 prebid.a-mo.net 1 redirects bid.underdog.media
assets.vlitag.com
prebid.a-mo.net
ads.pubmatic.com
24 x.bidswitch.net 24 redirects ads.pubmatic.com
23 match.sharethrough.com 8 redirects s.amazon-adsystem.com
match.sharethrough.com
23 tpc.googlesyndication.com fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
www.hawtcelebs.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
s0.2mdn.net
22 targeting.unrulymedia.com assets.vlitag.com
22 match.adsrvr.org 20 redirects ads.pubmatic.com
bid.underdog.media
20 bidder.criteo.com assets.vlitag.com
static.criteo.net
20 image8.pubmatic.com 18 redirects sync.quantumdex.io
19 image2.pubmatic.com 12 redirects sync.quantumdex.io
ads.pubmatic.com
18 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
match.sharethrough.com
eb2.3lift.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
16 www.hawtcelebs.com www.hawtcelebs.com
14 pixel.tapad.com 12 redirects
14 c.amazon-adsystem.com tag.vlitag.com
c.amazon-adsystem.com
14 c2shb.ssp.yahoo.com bid.underdog.media
13 pbjs.e-planning.net 2 redirects assets.vlitag.com
12 pr-bh.ybp.yahoo.com 6 redirects ssum-sec.casalemedia.com
sync.quantumdex.io
u.openx.net
ssum.casalemedia.com
12 csync.smilewanted.com 1 redirects assets.vlitag.com
csync.smilewanted.com
sync-eu.connectad.io
ads.pubmatic.com
12 ssp-sync.criteo.com static.criteo.net
12 match.prod.bidr.io 12 redirects
12 sync.crwdcntrl.net 1 redirects bcp.crwdcntrl.net
11 ap.lijit.com 11 redirects
11 b1sync.zemanta.com 10 redirects
11 prebid-us.creativecdn.com assets.vlitag.com
11 tlx.3lift.com assets.vlitag.com
11 useast.quantumdex.io assets.vlitag.com
11 btlr.sharethrough.com assets.vlitag.com
11 secure.adnxs.com 10 redirects
10 ads.betweendigital.com 10 redirects
10 sync-tm.everesttech.net 10 redirects
10 ups.analytics.yahoo.com 10 redirects
10 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
sync.quantumdex.io
10 underdog.technoratimedia.com bid.underdog.media
10 id5-sync.com 8 redirects cdn.id5-sync.com
assets.vlitag.com
10 googleads4.g.doubleclick.net www.hawtcelebs.com
ad.doubleclick.net
10 www.googletagservices.com fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
www.hawtcelebs.com
www.googletagservices.com
tag.vlitag.com
10 securepubads.g.doubleclick.net live.demand.supply
securepubads.g.doubleclick.net
10 udmserve.net www.hawtcelebs.com
bid.underdog.media
9 c1.adform.net 8 redirects ads.pubmatic.com
9 ads.pubmatic.com assets.revcontent.com
s.amazon-adsystem.com
sync.quantumdex.io
csync.smilewanted.com
sync-eu.connectad.io
9 pixel.onaudience.com 9 redirects
9 assets.vlitag.com tag.vlitag.com
8 image6.pubmatic.com 1 redirects ads.pubmatic.com
8 tags.bluekai.com 4 redirects de.tynt.com
bcp.crwdcntrl.net
sync.quantumdex.io
8 pippio.com 5 redirects sync.quantumdex.io
8 trends.revcontent.com assets.revcontent.com
8 t.sharethis.com pd.sharethis.com
t.sharethis.com
8 ps.eyeota.net 6 redirects
8 api.whizzco.com cdn.whizzco.com
8 googleads.g.doubleclick.net pagead2.googlesyndication.com
fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
www.hawtcelebs.com
8 ssum-sec.casalemedia.com 3 redirects sync.quantumdex.io
ssum-sec.casalemedia.com
8 api.demand.supply live.demand.supply
7 gum.criteo.com 3 redirects assets.revcontent.com
static.criteo.net
7 p.adsymptotic.com 2 redirects eb2.3lift.com
7 idsync.rlcdn.com 5 redirects
7 bcp.crwdcntrl.net 1 redirects tags.crwdcntrl.net
bcp.crwdcntrl.net
6 pmp.mxptint.net 3 redirects sync.quantumdex.io
6 uipglob.semasio.net 3 redirects sync.quantumdex.io
6 visitor.fiftyt.com 6 redirects
6 simage4.pubmatic.com ads.pubmatic.com
6 sync.connectad.io sync-eu.connectad.io
u.openx.net
ssum.casalemedia.com
ads.pubmatic.com
6 pubmatic-match.dotomi.com 6 redirects
6 odr.mookie1.com 6 redirects
6 us-u.openx.net 2 redirects u.openx.net
6 pixel.rubiconproject.com 3 redirects eus.rubiconproject.com
6 images.revcontent.com
6 acdn.adnxs.com www.hawtcelebs.com
assets.vlitag.com
6 stags.bluekai.com 5 redirects tags.bkrtx.com
6 aa.agkn.com 2 redirects bcp.crwdcntrl.net
ads.pubmatic.com
6 pixel-sync.sitescout.com 6 redirects
6 sync.mathtag.com 6 redirects
6 onetag-sys.com s.amazon-adsystem.com
sync.quantumdex.io
sync-eu.connectad.io
6 s.ad.smaato.net 6 redirects
6 d.adroll.com 1 redirects bid.underdog.media
6 www.google.com fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
www.hawtcelebs.com
tpc.googlesyndication.com
6 pixel.quantserve.com 2 redirects www.hawtcelebs.com
5 cm.adgrx.com 5 redirects
5 pm.w55c.net 5 redirects
5 px.owneriq.net 5 redirects
5 dsum.casalemedia.com ssum-sec.casalemedia.com
5 sync.go.sonobi.com 1 redirects
5 mug.criteo.com
5 token.rubiconproject.com 3 redirects bcp.crwdcntrl.net
eus.rubiconproject.com
5 um.simpli.fi 5 redirects
5 px.ads.linkedin.com 5 redirects
5 sync.sharethis.com 1 redirects bcp.crwdcntrl.net
5 nym1-ib.adnxs.com www.hawtcelebs.com
cdn.adnxs.com
5 pd.sharethis.com t.dtscout.com
e.dtscout.com
t.sharethis.com
5 ssc.33across.com bid.underdog.media
5 fastlane.rubiconproject.com bid.underdog.media
5 apex.go.sonobi.com bid.underdog.media
5 fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 image4.pubmatic.com 3 redirects sync.quantumdex.io
5 bid.underdog.media udmserve.net
bid.underdog.media
5 fonts.gstatic.com fonts.googleapis.com
5 fonts.googleapis.com www.hawtcelebs.com
s0.2mdn.net
4 match.deepintent.com 3 redirects ssum-sec.casalemedia.com
4 casale-match.dotomi.com 4 redirects
4 a.tribalfusion.com 1 redirects ads.pubmatic.com
4 sync.aralego.com 4 redirects
4 secure-assets.rubiconproject.com 4 redirects
4 usermatch.targeting.unrulymedia.com sync.quantumdex.io
4 hbx.media.net 4 redirects
4 ssp.disqus.com 4 redirects
4 c.bing.com eb2.3lift.com
4 stx-match.dotomi.com 4 redirects
4 bh.contextweb.com 4 redirects
4 yeet.revcontent.com assets.revcontent.com
4 edge.udmserve.net bid.underdog.media
4 tags.crwdcntrl.net t.dtscout.com
tags.crwdcntrl.net
cdn-tc.33across.com
4 assets.revcontent.com cdn.whizzco.com
assets.revcontent.com
4 prebid-server.rubiconproject.com bid.underdog.media
prebid.a-mo.net
3 ade.googlesyndication.com
3 match.bnmla.com 3 redirects
3 sync.1rx.io 3 redirects
3 ads.playground.xyz 3 redirects
3 aud.pubmatic.com sync.quantumdex.io
3 ums.acuityplatform.com 3 redirects
3 dis.criteo.com 3 redirects
3 beacon.lynx.cognitivlabs.com 2 redirects ads.pubmatic.com
3 creativecdn.com 3 redirects
3 ad.turn.com 3 redirects
3 sync.technoratimedia.com 3 redirects
3 tk.airfrance.fr s0.2mdn.net
tk.airfrance.fr
3 sync.taboola.com 3 redirects
3 rtb.mfadsrvr.com 3 redirects
3 pixel-us-east.rubiconproject.com 3 redirects
3 sync.srv.stackadapt.com 3 redirects
3 dpm.demdex.net 3 redirects
3 tag.crsspxl.com 2 redirects
3 usermatch.krxd.net 3 redirects
3 cdn1.decide.dev decide.dev
3 apis.cmp.quantcast.com quantcast.mgr.consensu.org
3 t.dtscout.com waust.at
t.dtscout.com
3 tag.yieldoptimizer.com 1 redirects fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
3 rules.quantcount.com secure.quantserve.com
2 io.narrative.io 1 redirects
2 gu.dyntrk.com 2 redirects
2 sync.search.spotxchange.com 2 redirects
2 sync-eu.connectad.io cdn.connectad.io
sync-eu.connectad.io
2 ice.360yield.com 2 redirects
2 sync.smartadserver.com 2 redirects
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 sync.extend.tv 2 redirects
2 r.casalemedia.com ssum-sec.casalemedia.com
2 loadm.exelator.com 2 redirects
2 ssum.casalemedia.com 1 redirects sync-eu.connectad.io
2 a.sportradarserving.com 2 redirects
2 cdn.aralego.net assets.vlitag.com
cdn.aralego.net
2 id.a-mx.com assets.vlitag.com
prebid.a-mo.net
2 cm.adform.net 1 redirects
2 p.rfihub.com 2 redirects
2 prod-use.perf-serving.com
2 data00.adlooxtracking.com j.adlooxtracking.com
2 m.fg8dgt.com 2 redirects
2 static.criteo.net assets.vlitag.com
static.criteo.net
2 cm.mgid.com 1 redirects bcp.crwdcntrl.net
2 amazon-tam-match.dotomi.com 2 redirects
2 mwzeom.zeotap.com
2 spl.zeotap.com 2 redirects
2 rc.rlcdn.com 2 redirects
2 dp2.33across.com 2 redirects
2 beacon.krxd.net bcp.crwdcntrl.net
2 map.go.affec.tv 1 redirects
2 ml314.com 1 redirects
2 de.tynt.com cdn.tynt.com
2 a.dtssrv.com t.dtscout.com
e.dtscout.com
2 t.dtscdn.com t.dtscout.com
e.dtscout.com
2 stats.g.doubleclick.net www.google-analytics.com
decide.dev
2 cdn.tynt.com waust.at
e.dtscout.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 tag.vlitag.com services.vlitag.com
tag.vlitag.com
2 quantcast.mgr.consensu.org www.hawtcelebs.com
quantcast.mgr.consensu.org
2 ad.doubleclick.net www.googletagservices.com
www.hawtcelebs.com
2 secure.quantserve.com udmserve.net
quantcast.mgr.consensu.org
2 confiant-integrations.global.ssl.fastly.net udmserve.net
confiant-integrations.global.ssl.fastly.net
2 services.vlitag.com www.hawtcelebs.com
services.vlitag.com
2 cdn.whizzco.com www.hawtcelebs.com
1 rtb.gumgum.com
1 rtb.adentifi.com
1 sync.targeting.unrulymedia.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 csync.loopme.me 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 sync.adotmob.com 1 redirects
1 u.openx.net sync-eu.connectad.io
1 id.rlcdn.com 1 redirects
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 ss-pbs.quantumdex.io eus.rubiconproject.com
1 cdn.connectad.io csync.smilewanted.com
1 server.cpmstar.com 1 redirects
1 ads.stickyadstv.com 1 redirects
1 s.tribalfusion.com 1 redirects
1 nep.advangelists.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 static.smilewanted.com csync.smilewanted.com
1 pb-server.ezoic.com prebid.a-mo.net
1 ow.pubmatic.com prebid.a-mo.net
1 ssbsync-global.smartadserver.com 1 redirects
1 r.bidswitch.net 1 redirects
1 assets.a-mo.net prebid.a-mo.net
1 rtb-csync.smartadserver.com 1 redirects
1 ssc-cms.33across.com 1 redirects
1 pixel.mathtag.com 1 redirects
1 id.crwdcntrl.net ads.pubmatic.com
1 inv-nets.admixer.net 1 redirects
1 us-east-sync.bidswitch.net 1 redirects
1 cdn.revcontent.com
1 adventori.com s0.2mdn.net
1 img.revcontent.com
1 d.turn.com 1 redirects
1 ib.mookie1.com bcp.crwdcntrl.net
1 global.ib-ibi.com 1 redirects
1 px.surveywall-api.survata.com 1 redirects
1 loadus.exelator.com bcp.crwdcntrl.net
1 dmp.truoptik.com bcp.crwdcntrl.net
1 audex.userreport.com bcp.crwdcntrl.net
1 sync.ipredictive.com 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 cdn.adnxs.com www.hawtcelebs.com
1 j.adlooxtracking.com www.hawtcelebs.com
1 tags.bkrtx.com pd.sharethis.com
1 i.simpli.fi
1 cms-xch.33across.com
1 cdn-tc.33across.com de.tynt.com
1 dp1.33across.com 1 redirects
1 p.alcmpn.com
1 sync.graph.bluecava.com 1 redirects
1 protected-by.clarium.io www.hawtcelebs.com
1 lbs-event.gcp.lineate-33x.net www.hawtcelebs.com
1 decide.dev cdn2.decide.dev
1 hb.aralego.com assets.vlitag.com
1 prebid.smilewanted.com assets.vlitag.com
1 colossusssp.com assets.vlitag.com
1 r4---sn-hp57kn6y.googlevideo.com
1 redirector.googlevideo.com 1 redirects
1 media.vlitag.com 1 redirects
1 ic.tynt.com
1 cdn.jsdelivr.net assets.vlitag.com
1 e.dtscout.com s4.histats.com
1 cdn2.decide.dev www.hawtcelebs.com
1 s4.histats.com s10.histats.com
1 imasdk.googleapis.com tag.vlitag.com
1 whos.amung.us waust.at
1 s10.histats.com www.hawtcelebs.com
1 ag.yieldoptimizer.com fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 www.googletagmanager.com www.hawtcelebs.com
1 waust.at www.hawtcelebs.com
0 api.rlcdn.com Failed ads.pubmatic.com
1165 263
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
demand.supply
Cloudflare Inc ECC CA-3		 2022-03-21 -
2023-03-21		 a year crt.sh
udmserve.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-25 -
2023-06-25		 a year crt.sh
whizzco.com
Cloudflare Inc ECC CA-3		 2022-04-30 -
2023-04-30		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-05-04 -
2023-06-05		 a year crt.sh
underdog.media
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-25 -
2023-06-25		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
cdn.id5-sync.com
R3		 2022-06-22 -
2022-09-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
*.yieldoptimizer.com
Go Daddy Secure Certificate Authority - G2		 2021-12-14 -
2023-01-15		 a year crt.sh
*.id5-sync.com
R3		 2022-05-31 -
2022-08-29		 3 months crt.sh
*.cmp.quantcast.com
R3		 2022-06-24 -
2022-09-22		 3 months crt.sh
histats.com
R3		 2022-07-11 -
2022-10-09		 3 months crt.sh
*.dtscout.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-28 -
2022-11-27		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.a-mo.net
R3		 2022-07-11 -
2022-10-09		 3 months crt.sh
adroll.mgr.consensu.org
Amazon		 2021-09-10 -
2022-10-09		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2022-07-17 -
2022-10-15		 3 months crt.sh
*.amung.us
Sectigo RSA Domain Validation Secure Server CA		 2022-05-18 -
2023-06-17		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
sharethis.com
Amazon		 2022-06-21 -
2023-07-20		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.decide.dev
Amazon		 2022-01-24 -
2023-02-22		 a year crt.sh
assets.revcontent.com
R3		 2022-07-16 -
2022-10-14		 3 months crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.dtscdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-11-04 -
2022-12-04		 a year crt.sh
cert1.a1.atm.aqfer.net
R3		 2022-07-19 -
2022-10-17		 3 months crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-05-09		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2021-11-07 -
2022-11-07		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
decide.dev
GTS CA 1D4		 2022-07-14 -
2022-10-12		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
lbs-event.gcp.lineate-33x.net
GTS CA 1D4		 2022-05-30 -
2022-08-28		 3 months crt.sh
protected-by.clarium.io
Gandi Standard SSL CA 2		 2022-04-10 -
2023-04-26		 a year crt.sh
revcontent.com
Amazon		 2021-12-21 -
2023-01-19		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.bkrtx.com
DigiCert SHA2 Secure Server CA		 2022-02-07 -
2023-02-06		 a year crt.sh
*.adlooxtracking.com
R3		 2022-07-07 -
2022-10-05		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.userreport.com
Amazon		 2022-01-19 -
2023-02-17		 a year crt.sh
*.truoptik.com
Entrust Certification Authority - L1K		 2021-10-22 -
2022-10-22		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-10		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
img.revcontent.com
R3		 2022-07-16 -
2022-10-14		 3 months crt.sh
*.adventori.com
R3		 2022-05-28 -
2022-08-26		 3 months crt.sh
*.e-planning.net
R3		 2022-05-17 -
2022-08-15		 3 months crt.sh
cdn.revcontent.com
R3		 2022-07-12 -
2022-10-10		 3 months crt.sh
prod-use.perf-serving.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-22 -
2023-03-22		 a year crt.sh
images.revcontent.com
R3		 2022-07-09 -
2022-10-07		 3 months crt.sh
tk.airfrance.fr
R3		 2022-07-07 -
2022-10-05		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-29 -
2022-08-29		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-06-10 -
2022-12-10		 6 months crt.sh
*.ezoic.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-11 -
2023-05-18		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
um3.eqads.com
Amazon		 2022-06-11 -
2023-07-09		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-06-23 -
2023-06-22		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.gumgum.com
Amazon		 2021-10-15 -
2022-11-12		 a year crt.sh

This page contains 147 frames:

Primary Page: https://www.hawtcelebs.com/
Frame ID: 18D6C678A8E6A52726DF5855FBE9CEC9
Requests: 528 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20190131/zrt_lookup.html
Frame ID: B14C9B609729A8AB98A11D60F12C2CE3
Requests: 1 HTTP requests in this frame

Frame: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E7835490525DDC55DB75F0C00C321099
Requests: 1 HTTP requests in this frame

Frame: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 74FF60AA3FF91FBB3AE3B2DC07F536D9
Requests: 16 HTTP requests in this frame

Frame: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 47D8DF9C64E5ACC99B00D318B6C875E1
Requests: 16 HTTP requests in this frame

Frame: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 57265D2C09E9BCC57F1259895F4CEA1A
Requests: 1 HTTP requests in this frame

Frame: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5E5E81999CD9D30D7F3B992F7B28E706
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYlZKoywEwAQ&v=APEucNW4cqm2-OomguBA3O7iJM1sR6EcwkySbz_DlLPPqZFdWjYuCxkdvcgdFnAz4MXt7_vk-XC7PXQpSGyyWvBl1KQM3om6rw
Frame ID: 6AE5EB420871C75C8DF1EDC8CD254247
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYvJaoywEwAQ&v=APEucNWvA7FfXQzICE1C7VrggOluQQ4srgRqG6tutVKFysiTYJs8wHKMg2IvyPVdd4Jid0ar9976-ye4CQGq8UPOBUXJ9fLnuQ
Frame ID: C15DBC1D18CB66CB990A4F47AF423179
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHJsb0CENP816YDGPDPw84BMAE&v=APEucNUSu2XvjdNvdmdSQGkMAjnMTdjWF49UY_mLgLcaXF5w_mIQW1_vTFqRTlBJyaDtpHASHk-6dAczPdc11UdGbxRz8T0jyA
Frame ID: 9FADC2EF6111B601E979E094A7406C7D
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20220718/r20110914/abg_lite_fy2021.js
Frame ID: 0DD148EAF5D6304FAB6D0F85CE4C1ADA
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6EFBDboaEBGMSZx8sBMAE&v=APEucNW_k9BmP28jNwvOMWY43QCEoY3HxBlEhdgLPDrwmmOha3rMoa3MyNDo9j7saX0ZkBC9uaNmSY95VRRFEe_RGRPAxwJePg
Frame ID: 82F8D7E3AA79F3173CA5283EF0431393
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 02C236347C15D07F9B465A781D31A0B8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CBF53EBA9D9B0C7B9A10FFBF7D00A90D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 77F40941AFE6880B5D62BC4D58B248E9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CE85BDDA485D00E61FC65D107CD9A305
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4174954331676773194/index.html
Frame ID: 2B780F5BD0C0BA452A0926AC6B28250A
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12012745418877302203/index.html
Frame ID: 395B3E5AB27FCEA0D0B272A23A07C2DB
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 145DB94BAC16779741A1EF13F288F21B
Requests: 3 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=4C3016583327209843EADB3AECDD644B
Frame ID: C1F63EF5C9BD860F585622E72242F129
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 82D2D469EB264A5E0FFBCF1729F6EE14
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C97AD1DCAA81A426E02E9061E222BC05
Requests: 2 HTTP requests in this frame

Frame: https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=7;p=1;rri=1658332717380_753048_38.132.118.68;mid=43264;zzz=1;version=v2.13.7-confiant;cb=0.8451975990707119;session=1;style=slider;vis=visible;traffic_info=%7B%7D;;radid=1658332717380_753048_38.132.118.68
Frame ID: 7FB9852CECB20BD50A189732D4FD9BC3
Requests: 1 HTTP requests in this frame

Frame: https://decide.dev/lad/14975484333070182?pubid=ld-3479-2787&pubo=https%3A%2F%2Fwww.hawtcelebs.com&rid=&width=160
Frame ID: EF41762EEF8F572DB8FC290730F59726
Requests: 8 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-sharethrough_n-LoopMe_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_smrt_cnv_3lift&dcc=t
Frame ID: 03629174A4317EFFFC29F2070D99740C
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1004.23341&cid=c010&cls=C
Frame ID: DD1934E08746EF4DCB69727CB901E760
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1004.23341/a/US/t_.js?cid=c010&cls=C
Frame ID: 65170EB44BBE4902586E99DC7A43CC05
Requests: 8 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1004.23341&cid=c010&cls=C
Frame ID: C142C0BC81874F3FBB842D43258641B5
Requests: 1 HTTP requests in this frame

Frame: https://udmserve.net/udm/img.fetch?sid=14863;tid=2;dt=7;p=1;rri=1658332720272_114644_38.132.118.68;mid=47859;zzz=%5B47859%2C1658332720%2C%22at5Qumv3CWShZ%2FgiFtMYEw%22%5D;version=v2.13.7-confiant;cb=0.7328291869422401;refresh=2;qqq=3.0303030303030303;style=reel;vis=visible;traffic_info=%7B%7D;
Frame ID: F91063E3A1557090B7143E606ED4ECF1
Requests: 23 HTTP requests in this frame

Frame: https://pd.sharethis.com/pd/test_oracle
Frame ID: 0D34C0E313A80235D925F18C2B74B3F1
Requests: 2 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: D80616644E1183D72CB0D21B73FB870C
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1004.23341/a/US/t_.js?cid=c010&cls=C
Frame ID: 5D6CCB7EC3933E9EACBCE3E242D2CE3F
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_smrt_cnv_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Frame ID: E58639F5FE6F80EC9D1CAF91B8CB6CFE
Requests: 4 HTTP requests in this frame

Frame: https://tags.bluekai.com/site/27519?id=117819492102226&ret=html&random=1658332721
Frame ID: F6B5A9AA8F2AF9165350F3F584E98365
Requests: 1 HTTP requests in this frame

Frame: https://cdn-tc.33across.com/lotame-sync.html
Frame ID: 0A51852F1419D67DD11BA4F3C0A7F6F6
Requests: 3 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C136%2C116%2C115%2C106%2C104%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Frame ID: 1C6EE581C6A6C17EF32F951E2F7D1B72
Requests: 24 HTTP requests in this frame

Frame: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Frame ID: 647F4AAA4B06A65D7FF65B3480B12E99
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Frame ID: 90AE9376E7F943607A2E5C53037BB5D5
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Frame ID: CB553B7BCE8F14D6870D3891F460DD12
Requests: 2 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0wOThOeDUxRTJ1SnVtbGFIMHVQekI3dV9lald6MkhMb35B&gdpr=0&gdpr_consent=
Frame ID: 83A61405086CA5B5A7D3CA04B27558D6
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1278341628099599906&gdpr=0&gdpr_consent=
Frame ID: 3A9BAAC832EEE85E9B91B12B48DF6FDD
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGZi4F71OfTAM2SYGuAAAAAAA&expiration=1658419121&is_secure=true&gdpr=0
Frame ID: CF9BF545C6437BC38BCF2785CE0115EF
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1862237872783926789061
Frame ID: 2CCE1CE0044E4EE355CE4FA5E0AD1D9B
Requests: 1 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHoABWLYJjAAAAAIUHkGAw%3D%3D&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1004.23341%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=26465930
Frame ID: DFE3335B92E32329FA1969FC5E468673
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 92500B8C495E5534AB0415671A7367C7
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.hawtcelebs.com&gdpr=0&gdpr_consent=
Frame ID: 51E7F7C2B32990A6003649DF3C41FD9C
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
Frame ID: 33719082F3797DF9B282656A0CCC1F16
Requests: 23 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10239&pub_id=2060307
Frame ID: 461F04D00496096A499B05FA90F2B2C6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
Frame ID: 4E120D12755283E907F180B0920ECEFB
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Frame ID: 5A0F0FD860B215D6EFBEC23597082E96
Requests: 10 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 88D3BE2C65FEC179ED1C4F1A99D44C59
Requests: 12 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: D5DB679A0D565BCAD10A6986A3AD6C38
Requests: 11 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html?usprivacy=1---
Frame ID: 4628253A746D248A3536834672C8DE8F
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2A55B6FCD5586B78867D538D8B6FD5E2
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: 8392BB85AC9B9F5A4756BB1A175009EA
Requests: 11 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Frame ID: 28341744347B392BD4780FCD58C73D4C
Requests: 10 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Frame ID: 8D1D7EE21C1C8BBB8FFC7338D0AEFB72
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C85B946B522144FE7818E779423D7A1E
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: EE6C266EA31C0D6FAF46093A434A296D
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: E017ED55F2D38ADE2C80271B24B8E876
Requests: 11 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: BFADB53C9F6C5ED72A2DCCC4F1FE4856
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AD9C33F77A57B5575F89E33C50F4CA8A
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/?us_privacy=1---
Frame ID: DF04331D69818CD93800C750FD3C84BE
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 883149E416C9500F8C8E62BF58471240
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Frame ID: 42421941DB85C6E1B36763158349CC8D
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 5C4EDDA57F2C5773A025745C8F66107E
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 78029DEAA31AF98E0E8A7FCE95D61202
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 59889B5CC5CC05FF9EE1D11AFF105B40
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 5CF16889EFF7C70EA56F3CB3ECC8BF56
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: 16EDFCCEFB5893A77EEDF6A7D027902A
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: FC5F6422973A69799D022A339B807F49
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: 6CBABD677A59A7C88E5753D915AB9432
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 737DCA3FE72B86E46E94A94BD99E9BC4
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: 98272F471F2A972B4252929BF7B2F8C4
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 8F035EF0165DEAA26180EC548F09B6D1
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: CB10E36E9D7E985ADB053B4AE89885C1
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: E758A35CD6005B4B19C06BE51827B492
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: 31D8FBCA224F521A00EE6A7676B7A2B9
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 554C93639ECB2B8360D13AE92F669B83
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: D7BA7126924E9856432B3B73ED4D7970
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 23C3CD061DA338CBE6216F9325C3E6C6
Requests: 10 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: C9DC83F179D58921D20DF2498086125E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 4EE8F6EB3527F798005F229C03351D93
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: 6F2B464291B4F86C29D7D368684799E2
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 578D354F9D49AF75195360BB275305D0
Requests: 1 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 8E324C670BE1BAF0FCBD94B1B8445AF8
Requests: 2 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 8E246F12117258A6364466F439ECDDA3
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/c7821dd282fafbbf98d2ebe5f9b7ebf
Frame ID: EA2A7FAB955262B0BDED29155761DC5E
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Frame ID: 273A143994704B773480E0DDD4AB0A13
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YtgmOgAAU8BlUwAK&gdpr=0&gdpr_consent=&_test=YtgmOgAAU8BlUwAK
Frame ID: 500C2068771444CA35A3EF641248A5DE
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/setuid?A=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&bidder=pubmatic&uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Frame ID: F0FD6C8D6C410A2724AFE0F282B80CA6
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=419&user_id=10593873702528322555&ssp=pubmatic&gdpr=0&gdpr_consent=
Frame ID: DE4B017E2DD09F92F93565601F4791F6
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Frame ID: B6CF4A9BCD1D88F029D4279C6335875F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/l5vyLtLLbMx5GDYxrFdU?pi=smilewanted&tc=1
Frame ID: 5947A00ADC2391E2FEA11E1302ED20EF
Requests: 1 HTTP requests in this frame

Frame: https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=e3a1798ec708f153e293dd67c43f5aac
Frame ID: 5CF967E6CE7F5A8991C3224807A3743C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 61CA59891CFF0A8B7D49DACCCF69EEAA
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/1278341628099599906
Frame ID: 0F436D18CE91A4531EE510041D280201
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/dd6578ab-4ece-4f4b-acad-7973cbec3b22&partner_id=1010
Frame ID: 2C70299BF679AE20DBA0DBEDDAD14F85
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rubicon/L5TSHGLI-U-ECYW?gdpr=0
Frame ID: 38FE23E572F24C06EDC4B187242AD500
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 785363B8B51C62DC98D9A098CE8610B6
Requests: 7 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YtgmLaNUKrapf3hd7CxpWwAA%26362
Frame ID: B86D63BFE1149FABD202583397090A4A
Requests: 1 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Frame ID: 3B7D8C64A651C50F02A2A4E16F0274EB
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/spotx/d5baf2a2-0844-11ed-8cf7-1f45e0b00203
Frame ID: 986759FDAA2E7E754F7A587D4E2CAD27
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Frame ID: 7CD4EE8424E094293B976CA610925A47
Requests: 4 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=622885e8-69bc-4dce-b7b7-33df6ad940af
Frame ID: 9823D2CE4163F6703E209661F1BDBF88
Requests: 1 HTTP requests in this frame

Frame: https://sync.connectad.io/umatch/1?bidder=adform&dataid=data4&uuid=7650510858995602230
Frame ID: 937089448A01B7072059105213B3BE8D
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Frame ID: 07EBA808BBBEDBF7BE539E365EF2BF58
Requests: 8 HTTP requests in this frame

Frame: https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=l5vyLtLLbMx5GDYxrFdU&pi=connectad
Frame ID: D78BD7A9C11870BEBCE716D3EEB71C28
Requests: 1 HTTP requests in this frame

Frame: https://sync.connectad.io/umatch/1?bidder=sovrn&dataid=data12&uuid=FAgeSLZHo8TuhUBRRuqMzo78
Frame ID: 83CAFB9F31D51CA8C8A45E7CB63D5611
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Frame ID: 38E3A2D34AE2F48DFCBA1609F288285B
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d4e109247a89f6
Frame ID: 44FB8313DC4B6BDBE6C93A6476ACBD3E
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/connectad/LQ1c1jeXDvqXCvD0pQRdcmiK5hnzgR9RYUHuBaf8
Frame ID: 98CB5ED1F6E8509B1E3582282D542496
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d5fbdb76-0844-11ed-b6d2-1ec24d012f91
Frame ID: 095A67FB8DA15B37C0FC578746E7A7C1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 802EC38A60BD7DCC2C805B6361CA7015
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_dfbf1dd067b6470997f89
Frame ID: D125197E018EBFD62964D24B683F6C46
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=681651561467
Frame ID: 57EB75CACD1DBB64C758F62FFF9FD1CC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jafXLkYk1Oec615&gdpr=0&gdpr_consent=
Frame ID: EC768396267838ED8A719B3A6C4D00E3
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 11C5D72119C52F5D374CED902B1565D6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7116191251797004622
Frame ID: 555337376A6183BD0C524033DA190BE0
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Frame ID: C51E953F5E1877C7F9A37E8AD12E16AA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d5fbdb76-0844-11ed-b6d2-1ec24d012f91
Frame ID: CC2B028EDF6F3E5F8934075252245107
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 6DECF6D3B674665815AF38E10B8D8A3D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_dfbf1dd067b6470997f89
Frame ID: 157AFC2B803BCB9FBACBD32FA24DEAAB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=681651419901
Frame ID: 967AF26FDD84D6567E9565E0F9126277
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jafXLkYk1Oec615&gdpr=0&gdpr_consent=
Frame ID: E1E1737A854FB30887B9AA1249D9D3D3
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 4E12D070A358A44767EFD5DAC9204114
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7116191251797004622
Frame ID: 466944C2D880227C81E770D6C48EF972
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Frame ID: 307FEC6448BF29144DEE4EE56D36AA02
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d5fbdb76-0844-11ed-b6d2-1ec24d012f91
Frame ID: A99AD4436C95914CE4FA71D75A34E3EF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: F1A92D7B790D446DDA91DFEBEA57ABBC
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_dfbf1dd067b6470997f89
Frame ID: E0D87354D6C7D1BD5BFDDFFD7F0193A3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=681651640284
Frame ID: BFC528F9464171CE48B4F4CAED6AC324
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jafXLkYk1Oec615&gdpr=0&gdpr_consent=
Frame ID: DF3ED9C8672D2FF83BAFB9C2D79FF775
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 10E244F2AD6F1830521F37496F521745
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7116191251797004622
Frame ID: B6B6EE2C402AEE654B8942412257ABE8
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Frame ID: C4652BD9668B1616AF4B19F85FC02D7F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=cb844d8b-4f63-4595-8e4d-3e27d4360236
Frame ID: 755DBC48443D81AD6A87A9999369A8DA
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Frame ID: AC22708CAF62E817D533E623816C8A72
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 31BAE70EBD291AD2895817184FC0EC23
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d297a475-8211-4841-8bbb-a8ce2d7a76bb-tuct9d1abb2&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 4D223B0E955F02E01FA6629554930362
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=DIDR9lcIDC653HBLOSbYYg
Frame ID: 2AFAE0E50926553D15B8CCCE1E166EE2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0424DC42359B4A23A341971B284D6076
Frame ID: 419784F697302F25589D71B853D8A567
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-dda1d952-238c-436b-9a13-dbfe3b5c8d58-005
Frame ID: 68AE356EA4B86B8AACEA697DA61BC206
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=a0757451-1b4f-4610-b8d3-413e52c2c291
Frame ID: CD2B1E00B0E8CC2B61C8483F7FDAF013
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Kcg54J60SfRs33ChgCt-6SaEdkQ
Frame ID: 4C0E421BABC0F92668B97BADA32ED9ED
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Frame ID: 4C7C6838537F23D2A4D917844E7E1CF1
Requests: 1 HTTP requests in this frame

Frame: https://sync.connectad.io/umatch/1?dataid=data1&uuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Frame ID: F26500D0FDECC6A7C022366B4130774E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HawtCelebs – Latest Celebrities Pictures

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

1165
Requests

79 %
HTTPS

23 %
IPv6

151
Domains

263
Subdomains

158
IPs

9
Countries

5816 kB
Transfer

12209 kB
Size

356
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.6325539 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.6325539 HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=8343254669216575683;cb=0.6325539
Request Chain 41
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.6325539 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.6325539&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0FDNUVDMEQtMDlGMi00Q0EzLTg2NzUtM0ZFQUNFRUZBNzA3&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0FDNUVDMEQtMDlGMi00Q0EzLTg2NzUtM0ZFQUNFRUZBNzA3&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3DCAC5EC0D-09F2-4CA3-8675-3FEACEEFA707;cb=0.6325539 HTTP 302
  • https://udmserve.net/udm/fetch.pix?pmid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707;cb=0.6325539
Request Chain 42
  • https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.6325539%3Bindx%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.6325539%3Bindx%3D&s=199174&C=1 HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;cb=0.6325539;indx=YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB
Request Chain 119
  • https://tag.yieldoptimizer.com/ps/analytics?pxid=120770& HTTP 302
  • https://tag.yieldoptimizer.com/ps/analytics?tc=524919801&pxid=120770&
Request Chain 125
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
Request Chain 126
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtgmLaNUKrapf3hd7CxpWwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
Request Chain 127
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKZrlcdFNokcOcOhNZrbgVg&google_cver=1
Request Chain 128
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM0MzI1NDY2OTIxNjU3NTY4Mw%3D%3D
Request Chain 129
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
Request Chain 130
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtgmLaNUKrapf3hd7CxpWwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
Request Chain 131
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKZrlcdFNokcOcOhNZrbgVg&google_cver=1
Request Chain 132
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM0MzI1NDY2OTIxNjU3NTY4Mw%3D%3D
Request Chain 133
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
Request Chain 134
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtgmLaNUKrapf3hd7CxpWwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
Request Chain 135
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKZrlcdFNokcOcOhNZrbgVg&google_cver=1
Request Chain 136
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM0MzI1NDY2OTIxNjU3NTY4Mw%3D%3D
Request Chain 137
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
Request Chain 138
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtgmLaNUKrapf3hd7CxpWwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
Request Chain 139
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKZrlcdFNokcOcOhNZrbgVg&google_cver=1
Request Chain 140
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM0MzI1NDY2OTIxNjU3NTY4Mw%3D%3D
Request Chain 319
  • https://pixel.onaudience.com/?partner=137085098&mapped=4C3016583327209843EADB3AECDD644B HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&icm&gdpr=0&gdpr_consent=&cver HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=cd2175c102830f52/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=23b3b44991744da7949e4f4ef5c970c5&gdpr=0 HTTP 302
  • https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
  • https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=f63871517374122b HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=f63871517374122b HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnFzZ1BFVzBoSUd1UmN5NW5zSG1yXzZHZWNwTXlKZy1QRlRubnVaeG4xMTA&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90 HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESENyfHxS6kN4Ej61QN2qj_mE&google_cver=1
Request Chain 343
  • https://media.vlitag.com/vid/?id=aOSRX0RXaas&t=y HTTP 302
  • https://redirector.googlevideo.com/videoplayback?expire=1658343349&ei=VfvXYo-5DcSDkwaF_JzICA&ip=184.164.141.146&id=o-AHrELxchHiFlErI4eaNnd2bsJjLk4QeyRzuhfJvTK_S1&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=3a&mm=31%2C26&mn=sn-a5mekn6s%2Csn-o097znsk&ms=au%2Conr&mv=m&mvi=2&pl=21&initcwndbps=478750&spc=lT-KhqPUij1E8NlmMGO9fJMEdaF_0Ds&vprv=1&mime=video%2Fmp4&ns=dnA96sftmSBK2UloVbRmZqkH&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&mt=1658321593&fvip=3&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=1GQdZHesJ6hp7xH3&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALuF4x1h7d71QFXRwiBaZvZGsfZ3EviBfRd7O1EbPdi9AiBwiFgW3btblgEZTYPM7JKhiGIj6WedDcxJA5LfDkQrmQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRQIgFkbqMK3dbsLuslLk7Hwnc0Rdb9iPD0zNVcdTkSm4n5kCIQD3MJ66dLVZ_IJMGUPPvfoybbkZjX_5mOyV50ufP_VJLw%3D%3D HTTP 302
  • https://r4---sn-hp57kn6y.googlevideo.com/videoplayback?expire=1658343349&ei=VfvXYo-5DcSDkwaF_JzICA&ip=184.164.141.146&id=o-AHrELxchHiFlErI4eaNnd2bsJjLk4QeyRzuhfJvTK_S1&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=lT-KhqPUij1E8NlmMGO9fJMEdaF_0Ds&vprv=1&mime=video%2Fmp4&ns=dnA96sftmSBK2UloVbRmZqkH&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=1GQdZHesJ6hp7xH3&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALuF4x1h7d71QFXRwiBaZvZGsfZ3EviBfRd7O1EbPdi9AiBwiFgW3btblgEZTYPM7JKhiGIj6WedDcxJA5LfDkQrmQ%3D%3D&cms_redirect=yes&mh=3a&mip=2001:550:1d05:1::12&mm=31&mn=sn-hp57kn6y&ms=au&mt=1658332394&mv=m&mvi=4&pl=48&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgVh5vtu3b1oyEB263fQjmMrt-62zQ6v7kpNKRuhawto0CIE6OY1mcmGyyURN58ozvGyK47TdDOIV6gQbht37csApQ
Request Chain 355
  • https://pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ROS?rnd=0.39745589516073365&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=7.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&ccpa=1---&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522hawtcelebs.com%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522gwqtxekeva_xon21058336769654%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=3e454c00-a647-473c-8fb6-cfd95d428962 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2c995/1/www.hawtcelebs.com/ROS?ct=1&r=pbjs&rnd=0.39745589516073365&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=7.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&ccpa=1---&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522hawtcelebs.com%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522gwqtxekeva_xon21058336769654%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=3e454c00-a647-473c-8fb6-cfd95d428962
Request Chain 369
  • https://pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ROS?rnd=0.39745589516073365&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=7.2.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&ccpa=1---&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522hawtcelebs.com%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522gwqtxekeva_xon21058336769654%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=3e454c00-a647-473c-8fb6-cfd95d428962 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2c995/1/www.hawtcelebs.com/ROS?ct=1&r=pbjs&rnd=0.39745589516073365&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=7.2.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&ccpa=1---&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522hawtcelebs.com%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522gwqtxekeva_xon21058336769654%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=3e454c00-a647-473c-8fb6-cfd95d428962
Request Chain 382
  • https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=4C3016583327209843EADB3AECDD644B HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=4C3016583327209843EADB3AECDD644B
Request Chain 385
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-sharethrough_n-LoopMe_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_smrt_cnv_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-sharethrough_n-LoopMe_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_smrt_cnv_3lift&dcc=t
Request Chain 408
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/ttd?uid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&gdpr=0&gdpr_consent=
Request Chain 409
  • https://idsync.rlcdn.com/386076.gif?partner_uid=ZHoABWLYJjAAAAAIUHkGAw%3D%3D&gdpr=0&gdpr_consent= HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkhvQUJXTFlKakFBQUFBSVVIa0dBdz09EAAaDQixzOCWBhIFCOgHEABCAEoA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=f15643ea41e2db732037127e09d693e09a1b5172dfa998522236dc029c4bf1b4791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBmMTU2NDNlYTQxZTJkYjczMjAzNzEyN2UwOWQ2OTNlMDlhMWI1MTcyZGZhOTk4NTIyMjM2ZGMwMjljNGJmMWI0NzkxNDI2YjU0MTdkY2UyMRAAGgwIsczglgYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBmMTU2NDNlYTQxZTJkYjczMjAzNzEyN2UwOWQ2OTNlMDlhMWI1MTcyZGZhOTk4NTIyMjM2ZGMwMjljNGJmMWI0NzkxNDI2YjU0MTdkY2UyMRAAGgwIsczglgYSBAgCEABCAEoA&google_gid=CAESEKyR-1cXH8KuGq8wtFEg3Gc&google_cver=1 HTTP 307
  • https://usermatch.krxd.net/um/v2?partner=liveramp_identity HTTP 302
  • https://pippio.com/api/sync?pid=709973&it=1&iv=O-AAzYc6
Request Chain 410
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.sharethis.com/eyeota?uid=212bvP8rKqdMQnT9yT6w6vb1bZnK0sKM9qgTsPHS62dg&gdpr=0&gdpr_consent=
Request Chain 411
  • https://tag.crsspxl.com/c.gif?t=50173&r=https%3A%2F%2Fp.nexac.com%2Fe%2Fsr%2Fa-1625%2Fs-3300%2Fs-3300.xgi%3Fcb%3D%7BCPCB%7D HTTP 302
  • https://tag.crsspxl.com/c.gif?cc=1&t=50173&r=https%3A%2F%2Fp.nexac.com%2Fe%2Fsr%2Fa-1625%2Fs-3300%2Fs-3300.xgi%3Fcb%3D%7BCPCB%7D HTTP 302
  • https://sync.sharethis.com/crosspixel?uid=912626507062985202&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3DCPX12%26google_cm%26cb%3D1658332721632 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=CPX12&google_cm&cb=1658332721632/ZHoABWLYJjAAAAAIUHkGAw== HTTP 302
  • https://tag.crsspxl.com/m.gif?id=&cb=1658332721632/ZHoABWLYJjAAAAAIUHkGAw==&google_gid=CAESEGBej9BoNRoBOOGrhCThMW0&google_cver=1
Request Chain 412
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHoABWLYJjAAAAAIUHkGAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3628755140668817450 HTTP 307
  • https://ml314.com/csync.ashx?fp=dab1c290cf06fb745b88e3981391ba4f79ccee90403495b839169164022f5eeaf4cb09cee1a4f8eb&person_id=3628755140668817450&eid=50082
Request Chain 413
  • https://tags.bluekai.com/site/59574?id=ZHoABWLYJjAAAAAIUHkGAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957 HTTP 302
  • https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
Request Chain 418
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=Entertainment&us_privacy=1---&random=1658332721308.1 HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=Entertainment&us_privacy=1---&random=1658332721308.1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkxMa0dteDQ2a2luVEJZb1NVaGtkVHVCeU5oTG1FQTZ1YmdxeExNdFpqNms&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51 HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESENyfHxS6kN4Ej61QN2qj_mE&google_cver=1
Request Chain 419
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSmLYJjBu1V7aKVimAg%3D%3D&us_privacy=1---&_rand=1658332721308.2 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_puuid=CoIKSmLYJjBu1V7aKVimAg%3D%3D&_pu HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_puuid=CoIKSmLYJjBu1V7aKVimAg%3D%3D&_pu&_expected_cookie=d375acd134b0e7d4bd75d240d92f5c58
Request Chain 420
  • https://map.go.affec.tv/map/3a/?pid=CoIKSmLYJjBu1V7aKVimAg%3D%3D&us_privacy=1---&ts=1658332721308.3 HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D62d8263129b51300010ca2fd%26chc%3Dtt%26floc%3D%26redirect_url%3D HTTP 302
  • https://map.go.affec.tv/map/an/8343254669216575683?ch=62d8263129b51300010ca2fd&chc=tt&floc=&redirect_url=
Request Chain 421
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKSmLYJjBu1V7aKVimAg%3D%3D&us_privacy=1---&random=1658332721308.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKSmLYJjBu1V7aKVimAg%3D%3D&us_privacy=1---&random=1658332721308.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2Fapi%2Fpixel%3Fid%3D%24%7BTA_DEVICE_ID%7D%26partner%3DTAPAD HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=72b09538-e154-472b-9fb0-46549e06af35%252Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&ttd_puid=72b09538-e154-472b-9fb0-46549e06af35%2Chttps%3A%2F%2Fusermatch.krxd.net%2Fum%2Fv2%3Fpartner%3Dtapad HTTP 302
  • https://usermatch.krxd.net/um/v2?partner=tapad HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Request Chain 422
  • https://sync.graph.bluecava.com/ds.png?p=145c07db-9bd4-440d-9130-b5b794ec4ce7&uid=CoIKSmLYJjBu1V7aKVimAg%3D%3D&random=1658332721308.5 HTTP 302
  • https://p.alcmpn.com/idr/ven/1032/idr.gif?fpid=097a4bcc-ac6d-415f-ac74-4d3e599b1767&chained=true
Request Chain 423
  • https://dp2.33across.com/ps/?pid=1205&random=1658332721308.6&r=true HTTP 302
  • https://idsync.rlcdn.com/405716.gif?partner_uid=2240489444549
Request Chain 424
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKSmLYJjBu1V7aKVimAg%3D%3D&us_privacy=1---&random=1658332721308.7&r=true HTTP 302
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=78147065046372&seg_code=33x&random=1658332721
Request Chain 425
  • https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1658332721308.1&r=true HTTP 302
  • https://tags.bluekai.com/site/27519?id=117819492102226&ret=html&random=1658332721
Request Chain 427
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1658332721308.2 HTTP 307
  • https://rc.rlcdn.com/1000.gif?memo=CP6JFhoNCLHM4JYGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=a68443732b33ad89de2329782d42a8c2973545e0221cfa8f0c829fc0103c6b59791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBhNjg0NDM3MzJiMzNhZDg5ZGUyMzI5NzgyZDQyYThjMjk3MzU0NWUwMjIxY2ZhOGYwYzgyOWZjMDEwM2M2YjU5NzkxNDI2YjU0MTdkY2UyMRAAGgwIsczglgYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBhNjg0NDM3MzJiMzNhZDg5ZGUyMzI5NzgyZDQyYThjMjk3MzU0NWUwMjIxY2ZhOGYwYzgyOWZjMDEwM2M2YjU5NzkxNDI2YjU0MTdkY2UyMRAAGgwIsczglgYSBAgCEABCAEoA&google_gid=CAESEKyR-1cXH8KuGq8wtFEg3Gc&google_cver=1 HTTP 307
  • https://usermatch.krxd.net/um/v2?partner=liveramp_identity HTTP 302
  • https://pippio.com/api/sync?pid=709973&it=1&iv=O-AAzYc6
Request Chain 428
  • https://match.prod.bidr.io/cookie-sync/33across?us_privacy=&33random=1658332721308.3 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/33across?us_privacy=&33random=1658332721308.3&_bee_ppp=1 HTTP 303
  • https://cms-xch.33across.com/match?bidder_id=85&external_user_id=AABXF07FsEwAABBUGzwKHw
Request Chain 429
  • https://spl.zeotap.com/z.png?zdid=239&ctry=US&env=mWeb&eventType=pageview&zpb=wu%21&zpbcat=Entertainment&zcluid=CoIKSmLYJjBu1V7aKVimAg%3D%3D&us_privacy=&ziid=1658332721308.4 HTTP 302
  • https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&ctry=US&env=mWeb&eventType=pageview&id_mid_4=fb06f0d5-2a23-442a-49d2-a16f1ea47dfc&reqId=f2fa54e6-7d52-400b-5171-3c24724392ef&us_privacy=&zcluid=CoIKSmLYJjBu1V7aKVimAg%3D%3D&zdid=239&ziid=1658332721308.4&zpb=wu%21&zpbcat=Entertainment HTTP 302
  • https://mwzeom.zeotap.com/mw?adnxs_uid=8343254669216575683&zpartnerid=2&ctry=US&env=mWeb&eventType=pageview&id_mid_4=fb06f0d5-2a23-442a-49d2-a16f1ea47dfc&reqId=f2fa54e6-7d52-400b-5171-3c24724392ef&us_privacy=&zcluid=CoIKSmLYJjBu1V7aKVimAg==&zdid=239&ziid=1658332721308.4&zpb=wu!&zpbcat=Entertainment
Request Chain 438
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=252eabd
Request Chain 440
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D?gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=1A05C166717A4D7E811C2E3453E7CCAB&ex=simpli.fi&status=ok
Request Chain 445
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0wOThOeDUxRTJ1SnVtbGFIMHVQekI3dV9lald6MkhMb35B&gdpr=0&gdpr_consent=
Request Chain 446
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1278341628099599906&gdpr=0&gdpr_consent=
Request Chain 447
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0 HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=305860817e901201&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGZi4F71OfTAM2SYGuAAAAAAA&expiration=1658419121&is_secure=true&gdpr=0
Request Chain 448
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1862237872783926789061
Request Chain 450
  • https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=23b3b44991744da7949e4f4ef5c970c5 HTTP 307
  • https://cm.mgid.com/m?c=23b3b44991744da7949e4f4ef5c970c5&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
Request Chain 451
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=lotame&cspid=20&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16101%26tp%3DADEL%26tpid%3D%24{ADELPHIC_CUID}%26gdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=16101&tp=ADEL&tpid=d3832960-0844-11ed-8d4b-7527f8cc64c7&gdpr=0
Request Chain 452
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=0
Request Chain 453
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2/gdpr=0/gdpr_consent=
Request Chain 455
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=23b3b44991744da7949e4f4ef5c970c5&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=72b09538-e154-472b-9fb0-46549e06af35%252Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253D72b09538-e154-472b-9fb0-46549e06af35&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&ttd_puid=72b09538-e154-472b-9fb0-46549e06af35%2Chttps%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D72b09538-e154-472b-9fb0-46549e06af35 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=72b09538-e154-472b-9fb0-46549e06af35
Request Chain 458
  • https://px.surveywall-api.survata.com/t HTTP 302
  • https://bcp.crwdcntrl.net/map/c=10098/tp=SRVT/tpid=dda9e798-8e67-f003-0e5c-1d77e8b141a9
Request Chain 459
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=23b3b44991744da7949e4f4ef5c970c5&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=23b3b44991744da7949e4f4ef5c970c5&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=75380306836493605940184551906796271848/gdpr=0
Request Chain 462
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=23b3b44991744da7949e4f4ef5c970c5 HTTP 302
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=23b3b44991744da7949e4f4ef5c970c5
Request Chain 463
  • https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
  • https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-29c839e0-9eb4-49f4-6cdf-70a1802b7ee9$ip$38.132.118.68/gdpr=0/gdpr_consent=
Request Chain 464
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D%26src=lot%26gdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=0be862d8-2632-4700-b4a9-ffbbf32e26e2&src=lot&gdpr=0
Request Chain 465
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553/gdpr=0
Request Chain 467
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0 HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=YtgmNwAAVKvXuQAK HTTP 302
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YtgmNwAAVKvXuQAK/gdpr=0&_test=YtgmNwAAVKvXuQAK
Request Chain 471
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/23b3b44991744da7949e4f4ef5c970c5/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2394348841350322825/gdpr=0
Request Chain 472
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=602975694 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8343254669216575683/gdpr=0/rand=602975694
Request Chain 484
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&gdpr=0&gdpr_consent=
Request Chain 485
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&gdpr=0&gdpr_consent=
Request Chain 486
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3 HTTP 302
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=L5TSHGLI-U-ECYW
Request Chain 487
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4 HTTP 302
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=8343254669216575683
Request Chain 506
  • https://b1sync.zemanta.com/usersync/revcontent/?puid=YzcyYjc0ODZmMjYzMTBlNjM1Yjg2OWVhZTg0ZjJmMTg%3D&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DYzcyYjc0ODZmMjYzMTBlNjM1Yjg2OWVhZTg0ZjJmMTg%253D%26bidder%3D3%26bidder_uid%3D__ZUID__&rev_dt=1658332721&us_privacy=&rev_dt=1658332721573 HTTP 302
  • https://stags.bluekai.com/site/23178?id=7EcbTJ0xr6mloBuw1D0R&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65DSMVXGI4ZOOJSXMY3PNZ2GK3TUFZRW63JPMNWS64DJPBSWYX3TPFXGGP3CNFSGIZLSHUZSMYTJMRSGK4S7OVUWIPJXIVRWEVCKGB4HENTNNRXUE5LXGFCDAURGMV4GG2DBNZTWKPLSMV3GG33OORSW45BGMV4GG2DBNZTWKX3VNFSD2WL2MN4VS2TDGBHUIWTNJVVFS6SNKRBGYTTKJUYVS2THGJHVOVTILJKGOMC2NJFG2TKUM4STGRA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65DSMVXGI4ZOOJSXMY3PNZ2GK3TUFZRW63JPMNWS64DJPBSWYX3TPFXGGP3CNFSGIZLSHUZSMYTJMRSGK4S7OVUWIPJXIVRWEVCKGB4HENTNNRXUE5LXGFCDAURGMV4GG2DBNZTWKPLSMV3GG33OORSW45BGMV4GG2DBNZTWKX3VNFSD2WL2MN4VS2TDGBHUIWTNJVVFS6SNKRBGYTTKJUYVS2THGJHVOVTILJKGOMC2NJFG2TKUM4STGRA HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?bidder=3&bidder_uid=7EcbTJ0xr6mloBuw1D0R&exchange_uid=YzcyYjc0ODZmMjYzMTBlNjM1Yjg2OWVhZTg0ZjJmMTg%3D
Request Chain 507
  • https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1658332721&us_privacy=&rev_dt=1658332721573 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&rev_dt=1658332721&us_privacy=&rev_dt=1658332721573 HTTP 302
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&ssp_uuid=622885e8-69bc-4dce-b7b7-33df6ad940af HTTP 302
  • https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&ssp_uuid=622885e8-69bc-4dce-b7b7-33df6ad940af HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=revcontent&user_id=22aa9c10-9b20-4b15-8b51-501e79f03448 HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=622885e8-69bc-4dce-b7b7-33df6ad940af
Request Chain 508
  • https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=YzcyYjc0ODZmMjYzMTBlNjM1Yjg2OWVhZTg0ZjJmMTg%3D&rev_dt=1658332721&us_privacy=&rev_dt=1658332721573 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=YzcyYjc0ODZmMjYzMTBlNjM1Yjg2OWVhZTg0ZjJmMTg%3D&rev_dt=1658332721&us_privacy=&rev_dt=1658332721573 HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=YzcyYjc0ODZmMjYzMTBlNjM1Yjg2OWVhZTg0ZjJmMTg=&bidder=154&bidder_uid=f74425d5-0fc4-4ef4-99f7-238315af2c7a
Request Chain 535
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=hawtcelebs.com&sn=ChromeSyncframe&so=0&topUrl=www.hawtcelebs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=ek7ck3xWSDlZNzZMYklEVEVRck9HTUdHdkEvdHE3S09MZndud2hSNkVadHdXcUNvUTlBcS8xQVl2SU5XZ0dLL2JnSGVaRzNlSXczODVrQ1VlWjNpdUJqamd6dmxtQ2VPeFNwblh2aGdudDVrUXUwb1F3dzJOWTVzdnl2YS9QT3VnWTJNcEtoNEZJWnlpa0RvbFMzOFZPZDV0bDNrZTVqRGtpVEJMK2JpaE85cExjVlNERDZZNkdwY3NjOTkrc25iVGhJUDRFZDk4b3ZDU2MvL2xNY1BBVkJ0SUtMQnAzN2dqWWx1ckxZbmFMWVJkWC83a1Fnd1gza0gzZmRRcHlxTXRmQmkra1FhcG9la3dkcVZ6cVNGUlBDVXpOQT09fA&cppv=2
Request Chain 537
  • https://us-east-sync.bidswitch.net/sync?ssp=revcontent&dsp_id=366&imp=1 HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&bsw_user_id=622885e8-69bc-4dce-b7b7-33df6ad940af HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=f74425d5-0fc4-4ef4-99f7-238315af2c7a&ssp=revcontent HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=622885e8-69bc-4dce-b7b7-33df6ad940af
Request Chain 550
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dnz2BBF9qdzN3dm9GMlBqalU4bFRtN2VSQnNzNXVOTVpoajBUZEdxRmlLM3RIcTBFJTNE%26u%3d%24%7bUSER_ID%7d&gdpr=false&consent=&us_privacy=1--- HTTP 303
  • https://ssp-sync.criteo.com/user-sync/match?p=nz2BBF9qdzN3dm9GMlBqalU4bFRtN2VSQnNzNXVOTVpoajBUZEdxRmlLM3RIcTBFJTNE&u=AABXF07FsEwAABBUGzwKHw&gdpr=false&us_privacy=1---
Request Chain 551
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=V-7tFF9Zd2VjcmVrNEtoRW9VaUxmSnF0YUFIS0xWcmQ0QWlNcXptMGpHYWpVRFpFJTNE&gdpr=false&gdpr_consent=&us_privacy=1---&cr_user_id= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=false&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dcriteo%26bsw_param%3D622885e8-69bc-4dce-b7b7-33df6ad940af%26gdpr%3Dfalse%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=34088094723f4b27b0cd233dccdaed15&ssp=criteo&bsw_param=622885e8-69bc-4dce-b7b7-33df6ad940af&gdpr=false&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=&u=622885e8-69bc-4dce-b7b7-33df6ad940af
Request Chain 552
  • https://sync.taboola.com/sg/criteoscod/1/cm?redirect=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dI_zVs19hSG9yaXloS3Z6ZyUyQm1jcTNxemxzdG9EYktSM3BzJTJGTzlqQnY0S0RCeiUyRklzJTNE%26u%3d%3cTUID%3e&gdpr=false&consent=&ccpa=1--- HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=I_zVs19hSG9yaXloS3Z6ZyUyQm1jcTNxemxzdG9EYktSM3BzJTJGTzlqQnY0S0RCeiUyRklzJTNE&u=d297a475-8211-4841-8bbb-a8ce2d7a76bb-tuct9d1abb2
Request Chain 600
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.hawtcelebs.com%2F&domain=www.hawtcelebs.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=QpXGd3x0OWZ2OFBmZmo0SGNpR0lTZytIblRuYnBjdGxXeC90SEwwZW5HY1VyYThOYjRjS3pOY0lnQndQTkR4eklqMFFJWHNBZnpWQUJGdmFYYndpYSsxY3ovbzcraFF4T3M1ZENLd09QQ3ZqYnBLRzhGWDloTTM3ZFZDRmlhS2sxRHc5UUpVQ3Yzall0SG1OOXpGQlJlL0tHa1dIN1Z5VXdJc3NkaXd3bTY2RmhIWEo0TXhKYTVUVFMzWEM5ait0QUFVejVMaW9zN0dEVCtsYm10N0c1aC9JeVhzYUZHbnhpaElkZ1FzekJxOEhOZCs1a2xRV2RjVmVETE5sMnBZM0hUUSs3NDNJSTlocHEzSmpxUXkyYVlXdEkyZz09fA&cppv=2
Request Chain 609
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=beec9f7c-bab7-46d9-b2e1-a84b64afadeb HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-ffRBczJE2uEah..hEnD9CRy3CWvFLkgRUdQh7mg-~A&gdpr=0&gdpr_consent=
Request Chain 610
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=5fa6044d8d&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&pubid=5fa6044d8d HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=3afbcbaa-855f-4f46-97fd-4e30594221a5 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D72b09538-e154-472b-9fb0-46549e06af35%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8343254669216575683&pt=72b09538-e154-472b-9fb0-46549e06af35%2C
Request Chain 611
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=622885e8-69bc-4dce-b7b7-33df6ad940af&google_hm=NjIyODg1ZTgtNjliYy00ZGNlLWI3YjctMzNkZjZhZDk0MGFm HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEH9QYZhL_CE93TpI3ILydhs&google_cver=1&ssp=sonobi&bsw_param=622885e8-69bc-4dce-b7b7-33df6ad940af HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=622885e8-69bc-4dce-b7b7-33df6ad940af
Request Chain 612
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L5TSHGLI-U-ECYW&gdpr=0&us_privacy=1---
Request Chain 613
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=3afbcbaa-855f-4f46-97fd-4e30594221a5&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=MHhPc2thLTByZUI3cVB4OWRKVDZqQQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEOXNcBxXp9rbKJpUeyw0N_E&google_cver=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=R1Ioz9Sk500U
Request Chain 614
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=970033156717698583
Request Chain 615
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID] HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=0be862d8-2632-4700-b4a9-ffbbf32e26e2
Request Chain 616
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3Dbeec9f7c-bab7-46d9-b2e1-a84b64afadeb&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F623%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dbeec9f7c-bab7-46d9-b2e1-a84b64afadeb%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1iZWVjOWY3Yy1iYWI3LTQ2ZDktYjJlMS1hODRiNjRhZmFkZWI%253D%26uid%3D%24UID
Request Chain 642
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.hawtcelebs.com%2F&domain=www.hawtcelebs.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=gwea5nxGVmtwak9nZ204SXVMK1JUQ1l4cGFWM0FZU3JXR0pVcFpsYzFXUSt2Nm12MU5URUlxMnZwODhnWC9qM1htamhHY3lNcEVpdVRpYko4aWhzNi96UkxhT2E3TmJvNHdQYjhNUmNBckdBNTZKL3NYcm5aWE04VWovdWhvUDlOallWSDJtakxzQVhUSmZOUWl1VnRXS0NMYlk2MjU4NHFzdjlDK0VMVkFDUkdSanJLdE01NTNXZTRhN3B5TEFlbXpJeURHamhLY0gvTy9lU05aVjhBa2p0Mi81dDY0am1yZ3NKL3d0SEp5OHViQlhLV1R6NUMyME1VUDFBME9adXdqNUU1VG8rYU45UEpGT21HYUd3Tk8vSFIzc0Jqd2M3YkwrYkRUNW5aLzhyRnhhdz18&cppv=2
Request Chain 661
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=NGQ5YzE2ZWMtODBkZS00NGFmLTk2MDEtOTI3ZDkyNjA1Njcw&us_privacy=1--- HTTP 302
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Request Chain 662
  • https://stx-match.dotomi.com/match/bounce/current?networkId=44410&version=1&nuid=4d9c16ec-80de-44af-9601-927d92605670&us_privacy=1--- HTTP 302
  • https://stx-match.dotomi.com/match/bounce/current?DotomiTest=586652457b81204&is_secure=true&networkId=44410&version=1&nuid=4d9c16ec-80de-44af-9601-927d92605670&us_privacy=1--- HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAAGZoj4_ebmrwMenRpUAAAAAAA&expiration=1658419124&nuid=4d9c16ec-80de-44af-9601-927d92605670&is_secure=true&us_privacy=1---
Request Chain 663
  • https://pixel.mathtag.com/sync/img?mt_exid=83&mt_exuid=e82f1ff6-5b7e-4e90-a181-4c2a528d9e94&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DsxJxpx7oBnWwaatGE8NyMg2D%26source_user_id%3D%5BMM_UUID%5D&us_privacy=1--- HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=sxJxpx7oBnWwaatGE8NyMg2D&source_user_id=0be862d8-2632-4700-b4a9-ffbbf32e26e2
Request Chain 665
  • https://ssc-cms.33across.com/ps/?ri=0013300001kQj2HAAS&ru=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DkzFyzzqXEqukMDumpVLB6Eq3%26source_user_id%3D33XUSERID33X&us_privacy=1--- HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=78147065046372
Request Chain 666
  • https://bh.contextweb.com/bh/rtset?pid=558357&ev=1&rurl=https%3a%2f%2fmatch.sharethrough.com/sync/v1?source_id=790d3e0174b12a86f1cbebf4&source_user_id=%%VGUID%%&us_privacy=1--- HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=790d3e0174b12a86f1cbebf4&ev=1&source_user_id=R1Ioz9Sk500U&us_privacy=1---&pid=558357
Request Chain 667
  • https://s.ad.smaato.net/c/?adExInit=s&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DxTFJbLbs37tyhbKsPP9VC2cm%26source_user_id%3D%24UID&us_privacy=1--- HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=252eabd
Request Chain 669
  • https://stx-match.dotomi.com/match/bounce/current?networkId=44410&version=1&nuid=e82f1ff6-5b7e-4e90-a181-4c2a528d9e94&us_privacy=1--- HTTP 302
  • https://stx-match.dotomi.com/match/bounce/current?DotomiTest=1de791bef6771201&is_secure=true&networkId=44410&version=1&nuid=e82f1ff6-5b7e-4e90-a181-4c2a528d9e94&us_privacy=1--- HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAAGZdMS3IfxhANiBYTNAAAAAAA&expiration=1658419124&nuid=e82f1ff6-5b7e-4e90-a181-4c2a528d9e94&is_secure=true&us_privacy=1---
Request Chain 672
  • https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCWEYwN0ZzRXdBQUJCVUd6d0tIdw&gdpr=0&gdpr_consent=&us_privacy=1---&bee_sync_partners=pm%2Csas%2Cpp%2Csyn%2Cshr&bee_sync_current_partner=adx&bee_sync_initiator=shr&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Csas%2Cpp%2Csyn%2Cshr&bee_sync_current_partner=adx&bee_sync_initiator=shr&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABXF07FsEwAABBUGzwKHw&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpp%252Csyn%252Cshr%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Csyn%2Cshr&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABXF07FsEwAABBUGzwKHw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csyn%252Cshr%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csyn%2Cshr&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1278341628099599906&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABXF07FsEwAABBUGzwKHw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1278341628099599906%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dsyn%252Cshr%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=1278341628099599906&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cshr&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AABXF07FsEwAABBUGzwKHw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABXF07FsEwAABBUGzwKHw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1278341628099599906%26gdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dshr%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D5&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?userid=1278341628099599906&gdpr=0&gdpr=0&bee_sync_partners=shr&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=5 HTTP 303
  • https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AABXF07FsEwAABBUGzwKHw&gdpr=0
Request Chain 673
  • https://idsync.rlcdn.com/712068.gif?partner_uid=4d9c16ec-80de-44af-9601-927d92605670&us_privacy=1--- HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=ed875b58-97a8-4f6a-b7c0-2c8635ffbad7
Request Chain 674
  • https://ups.analytics.yahoo.com/ups/58593/occ?gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=naoMZbMYsdSVbJhyQ36iXzT1&source_user_id=y-ffRBczJE2uEah..hEnD9CRy3CWvFLkgRUdQh7mg-~A&gdpr=0&gdpr_consent=
Request Chain 675
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=18694&us_privacy=1--- HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=L5TSHGLI-U-ECYW&us_privacy=1---
Request Chain 677
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&dongle=0cfd
Request Chain 678
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2MjIzNzg3Mjc4MzkyNjc4OTA2MQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 679
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKP46BpypnR-RwVb3uPGTPo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 680
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2MjIzNzg3Mjc4MzkyNjc4OTA2MQ%3D%3D
Request Chain 681
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1862237872783926789061&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5b9634fc-fb2f-46c9-a2ce-c5657bab8f46&_noobservation=1
Request Chain 683
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1862237872783926789061?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-bJ2GtwdE2oQ8aDQwXA6CmhDm67vUZKl2I92nNAioAw--~A&dongle=0883
Request Chain 684
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1862237872783926789061&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=622885e8-69bc-4dce-b7b7-33df6ad940af&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10593873702528322555&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dtriplelift%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=72b09538-e154-472b-9fb0-46549e06af35&ssp=triplelift&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10593873702528322555&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=212530604218008341753&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10593873702528322555&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=622885e8-69bc-4dce-b7b7-33df6ad940af&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 686
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=7EcbTJ0xr6mloBuw1D0R&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5G5CWGYSUJIYHQ4RWNVWG6QTVO4YUIMCS&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5G5CWGYSUJIYHQ4RWNVWG6QTVO4YUIMCS HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=7EcbTJ0xr6mloBuw1D0R
Request Chain 687
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&dongle=0cfd
Request Chain 688
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2MjIzNzg3Mjc4MzkyNjc4OTA2MQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 689
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKP46BpypnR-RwVb3uPGTPo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 690
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2MjIzNzg3Mjc4MzkyNjc4OTA2MQ%3D%3D
Request Chain 691
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1862237872783926789061&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5b9634fc-fb2f-46c9-a2ce-c5657bab8f46&_noobservation=1
Request Chain 693
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1862237872783926789061?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-bJ2GtwdE2oQ8aDQwXA6CmhDm67vUZKl2I92nNAioAw--~A&dongle=0883
Request Chain 694
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1862237872783926789061&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtriplelift%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtriplelift%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=bb9c4bf7-bb16-53c9-8d20-a972eff88f46&ssp=triplelift&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=622885e8-69bc-4dce-b7b7-33df6ad940af&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 696
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=7EcbTJ0xr6mloBuw1D0R&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5G5CWGYSUJIYHQ4RWNVWG6QTVO4YUIMCS&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5G5CWGYSUJIYHQ4RWNVWG6QTVO4YUIMCS HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=7EcbTJ0xr6mloBuw1D0R
Request Chain 698
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&dongle=0cfd
Request Chain 699
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2MjIzNzg3Mjc4MzkyNjc4OTA2MQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 700
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKP46BpypnR-RwVb3uPGTPo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 701
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2MjIzNzg3Mjc4MzkyNjc4OTA2MQ%3D%3D
Request Chain 702
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1862237872783926789061&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5b9634fc-fb2f-46c9-a2ce-c5657bab8f46&_noobservation=1
Request Chain 704
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1862237872783926789061?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-bJ2GtwdE2oQ8aDQwXA6CmhDm67vUZKl2I92nNAioAw--~A&dongle=0883
Request Chain 705
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1862237872783926789061&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8013262513350572065&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=622885e8-69bc-4dce-b7b7-33df6ad940af&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 707
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=7EcbTJ0xr6mloBuw1D0R&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5G5CWGYSUJIYHQ4RWNVWG6QTVO4YUIMCS&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5G5CWGYSUJIYHQ4RWNVWG6QTVO4YUIMCS HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=7EcbTJ0xr6mloBuw1D0R
Request Chain 708
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&dongle=0cfd
Request Chain 709
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2MjIzNzg3Mjc4MzkyNjc4OTA2MQ%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 710
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKP46BpypnR-RwVb3uPGTPo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 711
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2MjIzNzg3Mjc4MzkyNjc4OTA2MQ%3D%3D
Request Chain 712
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1862237872783926789061&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5b9634fc-fb2f-46c9-a2ce-c5657bab8f46&_noobservation=1
Request Chain 714
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1862237872783926789061?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-bJ2GtwdE2oQ8aDQwXA6CmhDm67vUZKl2I92nNAioAw--~A&dongle=0883
Request Chain 715
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1862237872783926789061&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=7258d0e8-a959-4131-8406-155c6b6e063e&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=622885e8-69bc-4dce-b7b7-33df6ad940af&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 717
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=7EcbTJ0xr6mloBuw1D0R&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5G5CWGYSUJIYHQ4RWNVWG6QTVO4YUIMCS&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5G5CWGYSUJIYHQ4RWNVWG6QTVO4YUIMCS HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=7EcbTJ0xr6mloBuw1D0R
Request Chain 718
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8343254669216575683
Request Chain 719
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=bb9c4bf7-bb16-53c9-8d20-a972eff88f46
Request Chain 720
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=b2dce1dc-0567-29dc-166d-556fa1e77b0b
Request Chain 721
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=4d9c16ec-80de-44af-9601-927d92605670
Request Chain 722
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FAgeSLZHVaUhrBmTQRerlfSa
Request Chain 723
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO8j2WVa__i3ZusQVUoY4D0v0KC2OEBf05wQPN6w
Request Chain 724
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=3013343241523636000V10
Request Chain 725
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ffRBczJE2uEah..hEnD9CRy3CWvFLkgRUdQh7mg-~A
Request Chain 726
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=252eabd
Request Chain 727
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=252eabd
Request Chain 728
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8343254669216575683
Request Chain 729
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=bb9c4bf7-bb16-53c9-8d20-a972eff88f46
Request Chain 730
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=54d22a5c-f5e4-ff4a-7b3d-4730cd6c799b
Request Chain 731
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=4d9c16ec-80de-44af-9601-927d92605670
Request Chain 732
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FAgeSLZHZeU6xJxiTgiq5LTc
Request Chain 733
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOgvrWuaXmh4hfx6tpF55k0DoppuL0ONP5vwPLHg
Request Chain 734
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=3013343241523617000V10
Request Chain 735
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ffRBczJE2uEah..hEnD9CRy3CWvFLkgRUdQh7mg-~A
Request Chain 736
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=252eabd
Request Chain 737
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8343254669216575683
Request Chain 738
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=bb9c4bf7-bb16-53c9-8d20-a972eff88f46
Request Chain 739
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FAgeSLZHZeU6xJxiTgiq5LTc
Request Chain 740
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO5tUZ1Dtvhd1jBvXJZnYfFtNWdFB_XIef59g9fA
Request Chain 741
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=4d9c16ec-80de-44af-9601-927d92605670
Request Chain 742
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ffRBczJE2uEah..hEnD9CRy3CWvFLkgRUdQh7mg-~A
Request Chain 743
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=3013343241523602000V10
Request Chain 744
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=f5b2c0b7-70c3-2596-0249-77e3bc0b9e19
Request Chain 749
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Request Chain 750
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=3013343241523619000V10
Request Chain 751
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8343254669216575683
Request Chain 752
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ffRBczJE2uEah..hEnD9CRy3CWvFLkgRUdQh7mg-~A
Request Chain 753
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=252eabd
Request Chain 754
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=bb9c4bf7-bb16-53c9-8d20-a972eff88f46
Request Chain 755
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=4d9c16ec-80de-44af-9601-927d92605670
Request Chain 756
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=78a97def-8c61-9e76-102a-d77ac9e01b13
Request Chain 757
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FAgeSLZHZeU6xJxiTgiq5LTc
Request Chain 758
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO5tUZ1Dtvhd1jBvXJZnYfFtNWdFB_XIef59g9fA
Request Chain 760
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Request Chain 767
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Request Chain 773
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Request Chain 775
  • https://sync.aralego.com/idsync?usprivacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/03e23cc9-0920-31e8-b998-bf8bbf043466?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-YX6oBeBE2oUGjuizZpx9szfj7JlPzPWlnZXWoJ8-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2 HTTP 302
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=03e23cc9-0920-31e8-b998-bf8bbf043466&gdpr=0&gdpr_consent= HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=ucfunnel&bsw_custom_parameter=622885e8-69bc-4dce-b7b7-33df6ad940af HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=622885e8-69bc-4dce-b7b7-33df6ad940af&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Ducfunnel%26bsw_param%3D622885e8-69bc-4dce-b7b7-33df6ad940af HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=72b09538-e154-472b-9fb0-46549e06af35&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3D72b09538-e154-472b-9fb0-46549e06af35%252Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Ducfunnel%2526bsw_param%253D622885e8-69bc-4dce-b7b7-33df6ad940af HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=75380306836493605940184551906796271848&pt=72b09538-e154-472b-9fb0-46549e06af35%2Chttps%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Ducfunnel%26bsw_param%3D622885e8-69bc-4dce-b7b7-33df6ad940af HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=ucfunnel&bsw_param=622885e8-69bc-4dce-b7b7-33df6ad940af HTTP 302
  • https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=622885e8-69bc-4dce-b7b7-33df6ad940af HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=MDNlMjNjYzktMDkyMC0zMWU4LWI5OTgtYmY4YmJmMDQzNDY2&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png HTTP 302
  • https://cdn.aralego.net/img/1x1.png
Request Chain 781
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dbeec9f7c-bab7-46d9-b2e1-a84b64afadeb%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid.a-mo.net/setuid?A=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&bidder=smartadserver&uid=1278341628099599906
Request Chain 782
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253Dbeec9f7c-bab7-46d9-b2e1-a84b64afadeb%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEELjQeFb8DKxb4mvpUSQ3dM&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8343254669216575683&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dbeec9f7c-bab7-46d9-b2e1-a84b64afadeb%26bidder%3Dpubmatic%26uid%3DCAC5EC0D-09F2-4CA3-8675-3FEACEEFA707 HTTP 302
  • https://prebid.a-mo.net/setuid?A=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&bidder=pubmatic&uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Request Chain 783
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dbeec9f7c-bab7-46d9-b2e1-a84b64afadeb%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&bidder=index_rtb&uid=YtgmLaNUKrapf3hd7CxpWwAA%26362
Request Chain 784
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dbeec9f7c-bab7-46d9-b2e1-a84b64afadeb%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dbeec9f7c-bab7-46d9-b2e1-a84b64afadeb%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://prebid.a-mo.net/setuid?A=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&bidder=sovrn&uid=FAgeSLZHo8TuhUBRRuqMzo78
Request Chain 785
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dbeec9f7c-bab7-46d9-b2e1-a84b64afadeb%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&bidder=appnexus&uid=8343254669216575683
Request Chain 791
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&expiration=1660924724&gdpr=0&gdpr_consent=
Request Chain 792
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEZ07hTTbsP-9lOcw0iabnw&google_cver=1
Request Chain 794
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8343254669216575683
Request Chain 795
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=17705b2f-6973-175a-722a3f64
Request Chain 796
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YtgmLaNUKrapf3hd7CxpWwAA%26362 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=d297a475-8211-4841-8bbb-a8ce2d7a76bb-tuct9d1abb2
Request Chain 797
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Deaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253Deaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Deaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253Deaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553%2526gdpr%253D0%2526gdpr_consent%253D&xl8blockcheck=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3Deaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&gdpr=0&gdpr_consent=
Request Chain 798
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-a8519086-127d-4882-b755-945c81c159db
Request Chain 806
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2394348841350322825
Request Chain 807
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABXF07FsEwAABBUGzwKHw&expiration=1659542324
Request Chain 808
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=0be862d8-2632-4700-b4a9-ffbbf32e26e2
Request Chain 809
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7116191251797004622&uid=Q7116191251797004622&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7116191251797004622
Request Chain 810
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=131&cm_user_id=YtgmLaNUKrapf3hd7CxpWwAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=131&cm_user_id=YtgmLaNUKrapf3hd7CxpWwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662294236259296
Request Chain 811
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YtgmLaNUKrapf3hd7CxpWwAA%26362 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=d297a475-8211-4841-8bbb-a8ce2d7a76bb-tuct9d1abb2
Request Chain 812
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=9bb5ef69-c55a-43cd-a3cc-6cb8786e57a8
Request Chain 814
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB
Request Chain 815
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YtgmOQAAU7NeMQAK HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YtgmOQAAU7NeMQAK&_test=YtgmOQAAU7NeMQAK
Request Chain 816
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=1138f0428a541202&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGZoj4_ebmwgNtU14aAAAAAAA&expiration=1658419125&is_secure=true
Request Chain 817
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=uv15_L75L6ChqiXw6qkwoen5fPyh9n716KlbO8My
Request Chain 818
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=jafXLkYk1Oec615
Request Chain 820
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8343254669216575683
Request Chain 822
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB
Request Chain 823
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YtgmOgAAVEhvqAAK HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YtgmOgAAVEhvqAAK&_test=YtgmOgAAVEhvqAAK
Request Chain 824
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=38cbc1792c991201&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGZoj4_ebmxQNB-cuWAAAAAAA&expiration=1658419125&is_secure=true
Request Chain 825
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8424493705991858542&expiration=1659542324
Request Chain 826
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0424DC42359B4A23A341971B284D6076
Request Chain 827
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://tags.bluekai.com/site/17724?id=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&redir=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3Deaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&gdpr=0&gdpr_consent=
Request Chain 828
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=a7e1e7d8-2c6b-41cb-9097-33166d94dd4f
Request Chain 829
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=622885e8-69bc-4dce-b7b7-33df6ad940af&ssp=index&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10593873702528322555&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dindex%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=72b09538-e154-472b-9fb0-46549e06af35&ssp=index&gdpr_consent=&gdpr= HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10593873702528322555&ssp=index&gdpr=&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=212530604218008341753&ssp=index&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10593873702528322555&ssp=index&gdpr=&gdpr_consent= HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=622885e8-69bc-4dce-b7b7-33df6ad940af
Request Chain 832
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 834
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/c7821dd282fafbbf98d2ebe5f9b7ebf
Request Chain 835
  • https://c1.adform.net/serving/cookie/match?party=14&cid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Request Chain 836
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YtgmOgAAU8BlUwAK HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YtgmOgAAU8BlUwAK&gdpr=0&gdpr_consent=&_test=YtgmOgAAU8BlUwAK
Request Chain 837
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABXF07FsEwAABBUGzwKHw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D1 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABXF07FsEwAABBUGzwKHw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dbeec9f7c-bab7-46d9-b2e1-a84b64afadeb%26bidder%3Dpubmatic%26uid%3DCAC5EC0D-09F2-4CA3-8675-3FEACEEFA707 HTTP 302
  • https://prebid.a-mo.net/setuid?A=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&bidder=pubmatic&uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Request Chain 838
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0be862d8-2632-4700-b4a9-ffbbf32e26e2&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8343254669216575683&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=703585345dd11202&is_secure=true&networkId=17100&version=1&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGZoj4_ebm5AMa96cdAAAAAAA&expiration=1658419125&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=622885e8-69bc-4dce-b7b7-33df6ad940af&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10593873702528322555&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dpubmatic%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=72b09538-e154-472b-9fb0-46549e06af35&ssp=pubmatic&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10593873702528322555&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=212530604218008341753&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10593873702528322555&ssp=pubmatic&gdpr=0&gdpr_consent=
Request Chain 840
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ysXsDQnyTKOGdT_qzu-nBw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 841
  • https://idsync.rlcdn.com/420486.gif?partner_uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=a68443732b33ad89de2329782d42a8c2973545e0221cfa8f0c829fc0103c6b59791426b5417dce21&_=2 HTTP 307
  • https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=09185060 HTTP 302
  • https://pippio.com/api/sync?pid=710202&it=1&iv=d375acd134b0e7d4bd75d240d92f5c58
Request Chain 842
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=0be862d8-2632-4700-b4a9-ffbbf32e26e2
Request Chain 843
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEELjQeFb8DKxb4mvpUSQ3dM&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8343254669216575683&gdpr=0&gdpr_consent=
Request Chain 844
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0424DC42359B4A23A341971B284D6076 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8343254669216575683&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=4fdcaaeb87851201&is_secure=true&networkId=17100&version=1&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGZXgfzA2oFwMGXSdEAAAAAAA&expiration=1658419125&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 845
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2394348841350322825&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8343254669216575683&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=39941439f3791204&is_secure=true&networkId=17100&version=1&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGZdMS3IfxtANNwJuaAAAAAAA&expiration=1658419125&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&gdpr=0&gdpr_consent=
Request Chain 846
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8343254669216575683&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=67dd02cfc8c1201&is_secure=true&networkId=17100&version=1&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGZdMS3IfxswMCDfVuAAAAAAA&expiration=1658419125&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=622885e8-69bc-4dce-b7b7-33df6ad940af&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dpubmatic%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=pubmatic&user_id=_JBcesLY840jSodcXU_f0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=622885e8-69bc-4dce-b7b7-33df6ad940af&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eXXbsn1xje5iIoe-KSGS7ypx3rJifty7KyH8VjXf HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 848
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-id9NoZ1E2uUltVsLuSRMjZt41hupBks-~A&gdpr=0&gdpr_consent=
Request Chain 849
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=d3832960-0844-11ed-8d4b-7527f8cc64c7&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8343254669216575683&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=17624f3458301204&is_secure=true&networkId=17100&version=1&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGZi4F71Of9gMRKE-1AAAAAAA&expiration=1658419125&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://t.pswec.com/bsw_sync?ssp=pubmatic&bsw_user_id=622885e8-69bc-4dce-b7b7-33df6ad940af HTTP 302
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=pubmatic&bsw_user_id=622885e8-69bc-4dce-b7b7-33df6ad940af HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=35120cf5-4a57-4f6a-9b56-b02358b19330&expires=3&user_group=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=622885e8-69bc-4dce-b7b7-33df6ad940af&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eXXbsn1xje5iIoe-KSGS7ypx3rJifty7KyH8VjXf
Request Chain 851
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/l5vyLtLLbMx5GDYxrFdU?pi=smilewanted&tc=1
Request Chain 852
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=e3a1798ec708f153e293dd67c43f5aac
Request Chain 857
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=pbs-valueimpression&gdpr_consent=undefined&gdpr=0&khaos=L5TSHGLI-U-ECYW HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=rubicon&uid=L5TSHGLI-U-ECYW&gdpr=0&gdpr_consent=undefined HTTP 302
  • https://ss-pbs.quantumdex.io/setuid?bidder=rubicon&gdpr=0&gdpr_consent=undefined&us_privacy=&f=&uid=L5TSHGLI-U-ECYW
Request Chain 858
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smart/1278341628099599906
Request Chain 860
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/dd6578ab-4ece-4f4b-acad-7973cbec3b22&partner_id=1010
Request Chain 861
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/L5TSHGLI-U-ECYW?gdpr=0
Request Chain 862
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=DQhm-5QlRbOF-6BdYK3oJA&rk=usync-na&gdpr=0 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DQhm-5QlRbOF-6BdYK3oJA&gdpr=0
Request Chain 864
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Q1_0uBfSD3MUrSqFA4nAQA?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7960772438800116324
Request Chain 865
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBnD93vFxncoKI2N3-bYSo8&google_cver=1
Request Chain 866
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVUU0hHTEktVS1FQ1lX&gdpr=0
Request Chain 867
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&gdpr=0&gdpr_consent=&expires=30
Request Chain 868
  • https://id.rlcdn.com/709414.gif?gdpr=0 HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 869
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzIxNDllN2EzOTE3YTJhOWIxMGZhNTBlYTAyMDFiNzdmZTg3MGU3Yg&gdpr=0
Request Chain 871
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YtgmLaNUKrapf3hd7CxpWwAA%26362
Request Chain 874
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=d5baf2fb-0844-11ed-8cf7-1f45e0b00203 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/d5baf2a2-0844-11ed-8cf7-1f45e0b00203
Request Chain 922
  • https://x.bidswitch.net/sync?ssp=rtaplus&user_id=LQ1c1jeXDvqXCvD0pQRdcmiK5hnzgR9RYUHuBaf8&gdpr=0 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Drtaplus%26bsw_param%3D622885e8-69bc-4dce-b7b7-33df6ad940af&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=0be862d8-2632-4700-b4a9-ffbbf32e26e2&expires=30&ssp=rtaplus&bsw_param=622885e8-69bc-4dce-b7b7-33df6ad940af&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=622885e8-69bc-4dce-b7b7-33df6ad940af
Request Chain 923
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dadform%26dataid%3Ddata4%26uuid%3D%24UID HTTP 303
  • https://sync.connectad.io/umatch/1?bidder=adform&dataid=data4&uuid=7650510858995602230
Request Chain 925
  • https://creativecdn.com/cm-notify?pi=connectad HTTP 302
  • https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=l5vyLtLLbMx5GDYxrFdU&pi=connectad
Request Chain 926
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dsovrn%26dataid%3Ddata12%26uuid%3D%24UID HTTP 307
  • https://sync.connectad.io/umatch/1?bidder=sovrn&dataid=data12&uuid=FAgeSLZHo8TuhUBRRuqMzo78
Request Chain 931
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2394348841350322825&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 932
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YtgmNQAAUgzJvgA0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YtgmNQAAUgzJvgA0&_test=YtgmNQAAUgzJvgA0
Request Chain 934
  • https://match.adsrvr.org/track/cmf/openx?oxid=b841243e-5aef-790a-e8b9-ac750c64db0f&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&ttd_puid=b841243e-5aef-790a-e8b9-ac750c64db0f&gdpr=0&gdpr_consent=
Request Chain 936
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEERuctoDcnHpmRVBibKe6rs&google_cver=1
Request Chain 937
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=d5fbdb76-0844-11ed-b6d2-1ec24d012f91
Request Chain 938
  • https://d.adroll.com/cm/index/ssp HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 939
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=Kcg54J60SfRs33ChgCt-6SaEdkQ
Request Chain 940
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=970033156717698583
Request Chain 941
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=06030001_62d82635ea076&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=06030001_62d82635ea076
Request Chain 942
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=07ea220407cdc1f0af4c98c4&expiration=[EXPIRATION]
Request Chain 944
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=c8716e60-872d-4a68-ad1b-74d47f4a7d71&expiration=1689868725
Request Chain 974
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d5fbdb76-0844-11ed-b6d2-1ec24d012f91
Request Chain 975
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 976
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_dfbf1dd067b6470997f89
Request Chain 977
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=681651561467
Request Chain 978
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jafXLkYk1Oec615&gdpr=0&gdpr_consent=
Request Chain 980
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7116191251797004622
Request Chain 982
  • https://pixel.onaudience.com/?partner=214&mapped=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=cd2175c102830f52 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fb06f0d5-2a23-442a-49d2-a16f1ea47dfc&reqId=58911631-f6ff-400f-47b7-5731ea1fe118&zcluid=cd2175c102830f52&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESENUBYFhB8bYcQObAq5coTDU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fb06f0d5-2a23-442a-49d2-a16f1ea47dfc&reqId=58911631-f6ff-400f-47b7-5731ea1fe118&zcluid=cd2175c102830f52&zdid=1332
Request Chain 983
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&addseg=10,33,39
Request Chain 984
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 986
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7650510858995602230
Request Chain 987
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D530_F351C38A_4E323AE7&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 988
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8343254669216575683
Request Chain 989
  • https://pixel.onaudience.com/?partner=214&mapped=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707 HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=0ca04202790e552e HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=YTR0ZC8rb1E5OVlEbjVDaQ%3D%3D HTTP 302
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEOaBopwe3IalMCDT6Uva0ro&google_cver=1
Request Chain 990
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&addseg=10,33,39
Request Chain 991
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 993
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d5fbdb76-0844-11ed-b6d2-1ec24d012f91
Request Chain 994
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 995
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_dfbf1dd067b6470997f89
Request Chain 996
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=681651419901
Request Chain 997
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7650510858995602230
Request Chain 998
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D530_F351C38A_4E323BE9&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 999
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jafXLkYk1Oec615&gdpr=0&gdpr_consent=
Request Chain 1001
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7116191251797004622
Request Chain 1002
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8343254669216575683
Request Chain 1004
  • https://pixel.onaudience.com/?partner=214&mapped=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707 HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=0ca04202790e552e HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
  • https://tags.bluekai.com/site/5386?id=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&gdpr=0&gdpr_consent=
Request Chain 1005
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&addseg=10,33,39
Request Chain 1006
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 1008
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d5fbdb76-0844-11ed-b6d2-1ec24d012f91
Request Chain 1009
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 1010
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_dfbf1dd067b6470997f89
Request Chain 1011
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=681651640284
Request Chain 1012
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7650510858995602230
Request Chain 1013
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D530_F351C38B_4E323EF0&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 1014
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jafXLkYk1Oec615&gdpr=0&gdpr_consent=
Request Chain 1016
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7116191251797004622
Request Chain 1017
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8343254669216575683
Request Chain 1066
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=cb844d8b-4f63-4595-8e4d-3e27d4360236
Request Chain 1067
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=c8716e60-872d-4a68-ad1b-74d47f4a7d71&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Request Chain 1068
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 1069
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d297a475-8211-4841-8bbb-a8ce2d7a76bb-tuct9d1abb2&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 1070
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=DIDR9lcIDC653HBLOSbYYg
Request Chain 1071
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0424DC42359B4A23A341971B284D6076
Request Chain 1072
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1658332728763 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1074308123 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/d6c6a7da-85eb-47bb-8b66-b02f00a05cb2 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-dda1d952-238c-436b-9a13-dbfe3b5c8d58-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-dda1d952-238c-436b-9a13-dbfe3b5c8d58-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-dda1d952-238c-436b-9a13-dbfe3b5c8d58-005
Request Chain 1073
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://match.bnmla.com/usersync?dspid=6&uuid=0424DC42359B4A23A341971B284D6076 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D HTTP 307
  • https://match.bnmla.com/usersync?dspid=170&uuid=E175F4900EB147A79F0B69C11A4B77A0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=a0757451-1b4f-4610-b8d3-413e52c2c291
Request Chain 1074
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Kcg54J60SfRs33ChgCt-6SaEdkQ
Request Chain 1076
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=d7a3d4b0-0844-11ed-b220-0620fc7113a1&companyId=673&id=pubmatic_id:CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Request Chain 1078
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10072&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3D2989%26partner_device_id%3D%5BMM_UUID%5D%26pt%3D72b09538-e154-472b-9fb0-46549e06af35%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2989&partner_device_id=0be862d8-2632-4700-b4a9-ffbbf32e26e2&pt=72b09538-e154-472b-9fb0-46549e06af35%2C

1165 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.hawtcelebs.com/ 		31 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1f56cef9b15e2d87d2ed00316f63581f54477649aa0a783db3bbbe2baf245ed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72dce6207ad3099e-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 15:58:36 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link
<https://www.hawtcelebs.com/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j6B50FxtfY3L1R51VW3nO%2BKiEGoK9RDn9LlBHiWyfwo5jNo9sQXgQeSkQmTcLlS9sRu9gvecVuhkWdcAalLNr3ylRpGCjl%2FYt0qnLfrDNR%2FsjRl7z0uT%2B3P4N5D9OybfP%2F1wV7TBqrkZFbP4U2PLWn8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
style.css
www.hawtcelebs.com/wp-content/themes/hawtceleb/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hawtcelebs.com/wp-content/themes/hawtceleb/style.css?ver=6.0.1
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af0d6570462dee3c3937e8694b2ee98ea78313219976105080e94680c29769ad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
684780
cf-polished
status=cannot_optimize
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Aug 2019 09:10:58 GMT
server
cloudflare
etag
W/"5d63a222-3db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGTmJ8TCJT7oq0QV2IoxI0i6dy1VHEe52da8mxmi2NgbhBJUstBhFx9weJj2qRNu8ZclHj4jzWIvQLLWxrjzHjxlWTi%2F%2BtW6HnUi7sTeRzStTjV6pR8NJ3kuCFxeaEnbdSbEp1Ozee1%2B2xkofNEVc2U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
72dce638cfcd099e-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%2C700i&ver=6.0.1
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
56392a97bf35956d4a099fbf3c764a01ee1f2cf2e070a0d8aacf458dbecca0a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 14:32:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 20 Jul 2022 15:58:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Jul 2022 15:58:37 GMT
dd-multi-col-cats.css
www.hawtcelebs.com/wp-content/themes/hawtceleb/ 		238 B
489 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hawtcelebs.com/wp-content/themes/hawtceleb/dd-multi-col-cats.css
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a40dcd59c23d9ed6f0fbaeefeb57c78543b487ad93c49f5f74b89dd85b0ea278

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:36 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4779828
cf-polished
origSize=313
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 10 Jun 2019 10:27:20 GMT
server
cloudflare
etag
W/"5cfe3088-139"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbY82sZWDx%2FunNSg2VIOt5Wo5NpSgpk6yg0BJf6fhyqFNZvikhx%2FHODY0WBZxkhYrMB5qOOqm2VflFk8wqIX5tSFWW2wEfyC%2B0eHpTBCETOtKBIhcqRWF5S3eZ55OIlevvdz69rgk3%2Fs5QYjP4lp85A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=315360000
cf-ray
72dce638cfce099e-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
up.js
live.demand.supply/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/up.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
483379019bd3258eabd023a6795bdc8baae5b2c7d0acf17799bea4ae3abc24dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id
01G62K8HR704YPNQ4VHDJVDPZ0
date
Wed, 20 Jul 2022 15:58:37 GMT
content-encoding
br
cf-cache-status
HIT
age
954
cf-polished
origSize=3935
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
cf-bgj
minify
server
cloudflare
etag
W/"494845b5e1573e696774a390a39e22e4-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray
72dce6394bf1b3e3-MIA
link
<https://live.demand.supply/impl.v15.0.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v14-3-0/d3d3Lmhhd3RjZWxlYnMuY29tLw==>; rel=preload; as=script
img.fetch
udmserve.net/udm/ 		44 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=6;
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
55a5a451cc6ad305438589d1843b58d29c4e2603cf8bbaf9e35d3f86c43825d8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:37 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Type
application/x-javascript
Expires
0
cate-blanchett-on-the-set-of-disclaimer-in-london-07-15-2022-9_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/07/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/07/cate-blanchett-on-the-set-of-disclaimer-in-london-07-15-2022-9_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2147b018583fa01576c78218ad4b19dccee88ac04d11c2ded5071a872d09c2aa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
71578
last-modified
Wed, 20 Jul 2022 15:57:48 GMT
server
cloudflare
etag
"62d825fc-1179a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mK8mh5XbbGap3f8kMiYJ0VX93XM0XQLAx5Sly3%2B3xrgE5rWmFajb%2FQHudV9DAc1RjA3NX%2FF5pFqi5F0fRO94xL84M4xPQQt3ujnXWZfWckmhNsGS24Mb6C4FfAFJGDLW%2F6mg%2BgLjZ73oQOFfnjAA7I0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
72dce638effd099e-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
morag-crichton-in-bikini-at-a-pool-in-marbella-07-18-2022-9_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/07/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/07/morag-crichton-in-bikini-at-a-pool-in-marbella-07-18-2022-9_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26f7bfd56370553650f0fb1bf1faf255d80fc5099a578221bf8eae25cb4abac5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
111
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
71613
last-modified
Wed, 20 Jul 2022 15:56:13 GMT
server
cloudflare
etag
"62d8259d-117bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dONIxQp3SNCMYV9QZIukb2Z2vY2nb4wPxy51xaXzUDYk%2FFEYZpmDABMZJy5omW%2F%2F5vswT%2FCnqkXu98xevboFu6cAYul5LyFPO1dEmAEPf%2FjNX4NZSycYhgD4xMVEvROccga%2FA%2B1FXQoHLQROpuDRDCo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
72dce638effe099e-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
maria-shriver-arrives-in-new-york-by-private-helicopter-07-17-2022-6_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/07/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/07/maria-shriver-arrives-in-new-york-by-private-helicopter-07-17-2022-6_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64e03c800707fda712719fd2bd987d6b8c5bdd6c81e7a945259c686aee1b63be

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
111
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74806
last-modified
Wed, 20 Jul 2022 15:56:09 GMT
server
cloudflare
etag
"62d82599-12436"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9IxeKj0kLM9nnNgBpACfQjYJ0Mlxa6yqN%2BdD%2FISMw2A0ob3qdnp8LSc3%2BnmIb0RlQykX2CJospjx2aDZTei230649ikzCqC8NnsFTH4iMFCI8ad721Ii0ni3TgvXPSmAOjSXMuTxasLSb%2B0j8jaINsU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
72dce638e800099e-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
christina-perri-heading-to-new-york-live-07-19-2022-5_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/07/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/07/christina-perri-heading-to-new-york-live-07-19-2022-5_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2028e0aef8d1dcf220c4d25ca71e83cd5aa71820f3ef7f9897574abbb009e53

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
120
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76090
last-modified
Wed, 20 Jul 2022 15:53:55 GMT
server
cloudflare
etag
"62d82513-1293a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2fzbn2EVBX%2BmU8a%2BztvOk5GKtP9zTSmNczK%2B%2B7ZYn%2BoqLz7cqop4f4iJoK0QksfCoCbSWDgf2z5ZVmXEhqvoIFlSZ%2Bxv0LeEIXOeOMrjWGUlNA36EPM032Y0e62L6EvxagNEu2VBPAJy8ZPP7sPHVoM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
72dce638e801099e-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
daisy-ridley-leaves-hamyard-hotel-in-london-07-19-2022-6_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/07/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/07/daisy-ridley-leaves-hamyard-hotel-in-london-07-19-2022-6_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e0c8b2c5f60579810401efae17a79b333c8de8049d10ca8e50fb3973fb18b0e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
120
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51547
last-modified
Wed, 20 Jul 2022 15:52:55 GMT
server
cloudflare
etag
"62d824d7-c95b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0h1xXO5wJnPCmRAxNHA22UHn8T%2FXWYY1ldtU%2B4LeIAicWGTPZNuIPLVm7BLPRJJH2umBAhI8iF6NmZkRgCEmbv8I%2FhZadtFkBG4d9Xxx%2BBz3hzpCRfl8BoyaBMf1VKzcEgx329QEk0V3n6eunZumGA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
72dce638e802099e-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
freida-pinto-in-daisy-dukes-out-in-los-angeles-07-19-2022-6_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/07/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/07/freida-pinto-in-daisy-dukes-out-in-los-angeles-07-19-2022-6_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d0f1b3e038165153e74b906cf44e69bc21cfab505cb0e5fee09277cb1197ef7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
120
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
86138
last-modified
Wed, 20 Jul 2022 15:52:08 GMT
server
cloudflare
etag
"62d824a8-1507a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U9XHZBZxN7kB1Jht%2Fh0hOrWkS6rSmU5G6At7AdQ11kQKL37Ykr8WDypVdeHS%2BehGPp%2Bt9oKmaHIgcFTr48Sl5H3vdquKwBKfsaKy47RJbK4FAPm1xvIviNr4JMDGxca6a5IBSkuk%2FJD9sdok06RdrgA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
72dce638e804099e-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
ana-de-armas-leaves-fallow-restaurant-after-dinner-in-london-07-19-2022-6_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/07/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/07/ana-de-armas-leaves-fallow-restaurant-after-dinner-in-london-07-19-2022-6_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ad1573d5088d27268a8d30b28a0c1814ed1ff549579dbf3af7073005f23bd63

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
120
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32447
last-modified
Wed, 20 Jul 2022 15:51:13 GMT
server
cloudflare
etag
"62d82471-7ebf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8212HmBA6Gf0z1SmJp6pt3YHSF9fq2YZjpIlFiI5AJiRSFWnE6FkHdo0xQ3FxUmhuvT6iTkz%2FrgYrD4GtRhBLDdQw3s%2FKuPOj%2BrzXlhzmGgllx6qnoohjmSU5SYa5LtmJdLFjwItt%2BQjS8NHVJMFTr4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
72dce638e805099e-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
dee-ocleppo-hilfiger-at-a-boat-in-saint-tropez-07-19-2022-6_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/07/ 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/07/dee-ocleppo-hilfiger-at-a-boat-in-saint-tropez-07-19-2022-6_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19b62fbb15b0c0212343a74574f415ea8cc201b01f91fd745643ad33701e1a02

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
120
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
66014
last-modified
Wed, 20 Jul 2022 15:50:36 GMT
server
cloudflare
etag
"62d8244c-101de"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=se3gMJqSF3DAFnk%2BjUWBobrmSBaRRHK0WU5ApyLhzOjPO0B%2BmTo6icNMAKAxQ24H3OhmjynjCpybrKZT4J0d4nF0ngLu%2Fz2zuELjnZo%2BWhB01iI%2B6LWDzHhe5ulkqfbD6nZ%2BN98SGt3olT1xtDvX6lk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
72dce638e806099e-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
anna-osceola-arrives-at-derek-jeter-s-benefit-at-highlight-room-in-los-angeles-07-19-2022-6_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/07/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/07/anna-osceola-arrives-at-derek-jeter-s-benefit-at-highlight-room-in-los-angeles-07-19-2022-6_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dba883c097f684545c96e0fa741e7bbd2a64273642df313b292b0157acf36f4a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
120
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75020
last-modified
Wed, 20 Jul 2022 15:49:31 GMT
server
cloudflare
etag
"62d8240b-1250c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ImLeAqOBn8uELBRbG1NXNxXSPodd%2FO4t%2BlEgJMOZ6vvglk3oYo11NMc39AKH5C5FY5kkkSs9sljfUihZ6OI6G1JcE1hLTdYFd5u%2B10AfoK8pL%2B3v2i%2BhA1tZmuOA%2Br%2Faehmqio4vw2q91k1YrIUCGo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
72dce638f819099e-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
gigi-hadid-greets-michael-strahan-and-his-girlfriend-and-daughter-in-new-york-07-19-2022-6_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2022/07/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hawtcelebs.com/wp-content/uploads/2022/07/gigi-hadid-greets-michael-strahan-and-his-girlfriend-and-daughter-in-new-york-07-19-2022-6_thumbnail.jpg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00d931addd3889929137c7409aecdd66078d4159e228959d8a64b8e998f8ff42

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:36 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
120
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
73383
last-modified
Wed, 20 Jul 2022 15:48:56 GMT
server
cloudflare
etag
"62d823e8-11ea7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GpTxvNdyqfpmCjAAofYqP51IPukai4Meosi7i6NNjnD7d9DJ2RoAGv%2BthEMqWCLvjKrsL2IqO7ox2K2MJ6mImv9lbqGFvssq4YNBW2xlJ2F6OvwS6ATa8vUvyQRTmi%2FQE07bzyOB6c0X%2BFFN5xhzE1M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
72dce638f81b099e-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
rocket-loader.min.js
www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 15 Jul 2022 15:34:34 GMT
server
cloudflare
etag
W/"62d1890a-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iJeDWT5C6%2BPl6iT%2FlIL%2BGhZjyXNe9dwDwA%2FrSES0jrMXPTyocyth8fI0HErSBriPgwQFZEehs132HUjuGOSyXY5CrBGlombDtlLuKGDYqcAXQbEZl7gJRal6yAhpQPKqOidN%2FJ%2B0gtb955%2Fp%2BO0iQL0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
72dce638f81d099e-MIA
vary
Accept-Encoding
expires
Fri, 22 Jul 2022 15:58:36 GMT
c.js
waust.at/ 		13 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://waust.at/c.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da89bf5cdeaed1c080057dff7314a4803b9a076bc851efbc032a7ff9cedb94cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2509
last-modified
Sun, 26 Jun 2022 09:57:16 GMT
server
cloudflare
etag
W/"62b82d7c-329b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OlEflKK3BWGYXeEGSKgl7qw0Ykqi0ud1RGDe8K8r%2BhiLFUXmaFQscRasjlYcS1P4d%2BhdBCa7IGMmB1ufHRb6D%2F3fEQaSX%2BQp2Gz2U4N7aU577wSZMJxlhRFAvsXHo4k7MKVfZ9Vb"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
cf-ray
72dce63a6ee3030e-MIA
expires
Thu, 21 Jul 2022 15:16:48 GMT
widget_v3.js
cdn.whizzco.com/scripts/widget/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.whizzco.com/scripts/widget/widget_v3.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3c4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f31ed4edda66b286ae5e18c8a4e87d66bd6e87869a0ed339788cd5b97ba65c28

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
via
1.1 ed047841b922f7dcf5bcfb295eb3311c.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
754
x-cache
Hit from cloudfront
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 29 Jun 2022 11:01:29 GMT
server
cloudflare
etag
W/"25c382bb07747b1cf6e92ca18709afe2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VSkFotzqWB0ipF72a33PwSiSMxNqrwtZuGArZGQ2kXKp1wpJwsmH%2B6Kkwaq08i66IIrgLVIiO2655PvtoglJ4pR2NbmULu%2Fq8lVnvA5t20HNaNklPrKUR9l7k3U40cCWPL0rEeP9VoSGe1Jaeds%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-cf-pop
MIA3-P4
cf-ray
72dce63a6b4c2248-MIA
x-amz-cf-id
tUoJR5gLejb_h5pEcq0fNhQphj5qhuSiUcsg4eyAOyB6OMvoDokYDg==
/
services.vlitag.com/adv1/ 		989 B
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/adv1/?q=036e05035cbef88431e89138f2969605
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23514ffd8dcbbbf91e694957773d778cd063181aef25215340150eef9c5b0760

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:37 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Wed, 20 Jul 2022 15:58:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray
72dce63a6c108dfc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex, nofollow, noarchive, nosnippet
expires
on, 01 Jan 1970 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		107 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-10995097-8
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4a02a29236c5848c34f8de0660554c4ccfae72df22d9e63ba9db1768681b819b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41997
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 20 Jul 2022 15:58:37 GMT
jquery.js
www.hawtcelebs.com/wp-content/themes/hawtceleb/js/ 		95 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hawtcelebs.com/wp-content/themes/hawtceleb/js/jquery.js?ver=1.0.0
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4779829
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 10 Jun 2019 11:28:48 GMT
server
cloudflare
etag
W/"5cfe3ef0-17a62"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hVPGiu2Dfa8%2BtGgBKMLi8Zvk0qdDZGlmnQnHl42TFt5wUiyGNg4gEN2sm1rrt4IWuRH7gqDzDXgYfX1F%2B8z5LrP23XUTGGCH8n4pHZIKs%2BG7FkSbvVRvCj286tfITuQzYB1VlNz%2F04RJmOPtiTjS7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
72dce639dcfb226f-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon.ttf
www.hawtcelebs.com/wp-content/themes/hawtceleb/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.hawtcelebs.com/wp-content/themes/hawtceleb/fonts/icon.ttf?zf3xc5
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/wp-content/themes/hawtceleb/style.css?ver=6.0.1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bee4c3ddceefb6558b86e3d6bbe40326f6d67e1b0b535eb6949d570e7630d82d

Request headers

Referer
https://www.hawtcelebs.com/wp-content/themes/hawtceleb/style.css?ver=6.0.1
Origin
https://www.hawtcelebs.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
cf-cache-status
REVALIDATED
last-modified
Mon, 10 Jun 2019 08:38:45 GMT
server
cloudflare
etag
"5cfe1715-3790"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UiCbskhJcUHDxaxASqDQkRG6ZVbjo6KvUIc9kN4tobVWUd18Q7JcTSUjfoiC7bsdFGITdfy6Xkg%2Fw5K9LxGlN34%2FM%2BFT9lO6PT2VgsNupjXFbPPtMeNpIxIzrkro1IoDovYtC%2BywjsQmVD0Vh55HZ2s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce63a3d70226f-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14224
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%2C700i&ver=6.0.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.hawtcelebs.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 03:02:54 GMT
x-content-type-options
nosniff
age
305743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 17 Jul 2023 03:02:54 GMT
impl.v15.0.0.js
live.demand.supply/ 		77 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/impl.v15.0.0.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1ba233081200a5f9a126278eb189aa1c192b633751acee9cf57752f7018290a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id
01G3GPPYJ7DTVFG43BZ1A6MNXB
date
Wed, 20 Jul 2022 15:58:37 GMT
content-encoding
br
cf-cache-status
HIT
age
99346
cf-polished
origSize=79512
cf-ray
72dce63a9c6c8dfc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
server
cloudflare
etag
W/"ea93311ccbec72ee77f7dffdd40e2da2-ssl-df"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin
*
d3d3Lmhhd3RjZWxlYnMuY29tLw==
live.demand.supply/p4/v14-3-0/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/p4/v14-3-0/d3d3Lmhhd3RjZWxlYnMuY29tLw==
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e397ba3caa50a76451d4cb86b5e7eabad67c07af9a7aa098abb3822a5710ee6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
72dce63a9c6b8dfc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
e.js
live.demand.supply/e/ 		0
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?e=ll&d=235&cs=c&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id
01G3H3TVM5VP9D98ZA3HVY52JK
date
Wed, 20 Jul 2022 15:58:37 GMT
cf-cache-status
HIT
age
247354
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
72dce63a9ba09aec-MIA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		165 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db44792d121b053781d74ae047172be9692e17979c78bf5a30619f616cc2b457
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56549
x-xss-protection
0
server
cafe
etag
13934108813325448638
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 20 Jul 2022 15:58:37 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
9f69c00df57efb858d8d68fd8de34c80a259af2becb27723d73d92d2727e86ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28538
x-xss-protection
0
server
sffe
etag
"1278 / 979 of 1000 / last-modified: 1658315072"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Jul 2022 15:58:37 GMT
ds.2.html
live.demand.supply/ 		413 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/ds.2.html
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id
01G5VAKWE27CJ1ZP0ZF9WJ2MNV
date
Wed, 20 Jul 2022 15:58:37 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
timing-allow-origin
*
age
1888727
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=2592000,immutable,stale-if-error=604800
cf-ray
72dce63a9b9b9aec-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hawtcelebs.com_fluid_lb+sq_home3_1
api.demand.supply/v14-3-0/a/ 		306 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-3-0/a/hawtcelebs.com_fluid_lb+sq_home3_1?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bd5e1e7e15d05d07670d3ee8ff72fa7900ee04b819babcce34f28bd1a7a4f3b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
etag
W/"132-ga0p+sWuzOdc2JJTUohCXaH5cWc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
72dce63c4d460331-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hawtcelebs.com_native_multi_home5
api.demand.supply/v14-3-0/a/ 		318 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-3-0/a/hawtcelebs.com_native_multi_home5?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4775138bd3f9f648e391266e2e3464c9ec17cb68ad65191e437c054083df789

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
etag
W/"13e-wZKd7U0QF709w+iyJ7TnsnUn/qA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
72dce63c4d470331-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hawtcelebs.com_fluid_sky_home7
api.demand.supply/v14-3-0/a/ 		305 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-3-0/a/hawtcelebs.com_fluid_sky_home7?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eda756a05b04f82bff7351e54c93f3b5ed33bb4d723dc0f114b5d45a48baef5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
etag
W/"131-7eNPZDkSULJGxN4NhA+2gmp85X8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
72dce63c4d490331-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hawtcelebs.com_native_multi_native_under_related
api.demand.supply/v14-3-0/a/ 		318 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-3-0/a/hawtcelebs.com_native_multi_native_under_related?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
463d7ba54dcd6fb08d1cafa7e420401aeeeb269950986521c3605e0ec6dfc318

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
etag
W/"13e-ad0cOvAkCyT7VtMi6MgOWTD4rjA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
72dce63c4d4a0331-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hawtcelebs.com_300x250_desno300x250
api.demand.supply/v14-3-0/a/ 		310 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-3-0/a/hawtcelebs.com_300x250_desno300x250?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c787e18900faf758fc763e8cdc8ea06d4b45b776444140a7f97b2f5f888f3c0e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2117
etag
W/"136-oV3Vrm6CFEfUJn/ztGlpX6rjDIs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
72dce63c4d4b0331-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hawtcelebs.com_300x600_hawt600
api.demand.supply/v14-3-0/a/ 		318 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-3-0/a/hawtcelebs.com_300x600_hawt600?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3271ea810058a7562fa314c2fe969bf4df6278191e8120497147e07a76b0f95c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
etag
W/"13e-3hoUMDW5E435w+J52WUgf68Fb08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
72dce63c4d4d0331-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hawtcelebs.com_160x600_hawt160
api.demand.supply/v14-3-0/a/ 		310 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-3-0/a/hawtcelebs.com_160x600_hawt160?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5656d53691bafeeacd1447c681d092fab5ef098264a771df72dfc1f82ea5f64b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
1696
etag
W/"136-c4KqDTIoLtvGybXkEnoemShDTWY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
72dce63c4d4e0331-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
hawtcelebs.com_responsive_h_hawtfuterreshor
api.demand.supply/v14-3-0/a/ 		305 B
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.demand.supply/v14-3-0/a/hawtcelebs.com_responsive_h_hawtfuterreshor?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3580312c2ad252cb33af93974ddb6691f117cc08b82cae1a190916c844d87ff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
etag
W/"131-zOkGSaBEmn12dNMZ7v/24dkYVAY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray
72dce63c4d4c0331-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
config.js
confiant-integrations.global.ssl.fastly.net/UZYxC75kqDLRiEd9GoEYOmovVVM/prebid/ 		131 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/UZYxC75kqDLRiEd9GoEYOmovVVM/prebid/config.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=6;
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ba0569466bde7a2f2c280080bb04c5893049ce511c8aaded715512a28defc5a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:37 GMT
Content-Encoding
gzip
Age
3488
X-Cache
HIT
Connection
keep-alive
Content-Length
34084
x-amz-id-2
117J5uZeEIFvC7wPVEkUsMC43Nrk3xMhxl6W4oX9J3S+puslS1zBa0LZTK+7Ne+zb2TJVc7d8G0=
X-Served-By
cache-mia11370-MIA
Last-Modified
Wed, 20 Jul 2022 13:38:13 GMT
Server
AmazonS3
X-Timer
S1658332718.531658,VS0,VE0
ETag
"48e196d94c9e2f83f63aa74f5f5e986e"
x-amz-request-id
JSKD6MDA65FYRQ2Y
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
110
udm-r3_v2.13.7.js
bid.underdog.media/ 		535 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/udm-r3_v2.13.7.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=6;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2162:8e00:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfbe41519afb9ff3826bef2c01636b51fbfe592b37f42bf0d6dc2297396a0a63

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 18:07:32 GMT
content-encoding
gzip
last-modified
Tue, 21 Jun 2022 18:04:48 GMT
server
AmazonS3
age
2497866
etag
"02eee59eebd8ffb452dec0d6bfcc2690"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4a7ef8cbf68469938b3b0dd42dbc4de8.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
EWR52-C3
accept-ranges
bytes
content-length
164666
x-amz-cf-id
cki16wGWKCNBB7L-Zl9ua2Y9c-c5erlYuFajIoiEx1l6b8yx945BvA==
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=6;
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
dafa3ce4de4cc56876b0fc6c36628fbcade9f4b07d7f27e4ca67744d91b2beb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
content-encoding
gzip
etag
"77f5L8LR6ldZZZ+q4Q+xaw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 27 Jul 2022 15:58:37 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.6325539
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID%253Bcb%253D0.6325539
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=8343254669216575683;cb=0.6325539
43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;apnid=8343254669216575683;cb=0.6325539
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
HTTP/1.1
Server
68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:37 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:37 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
177d0b86-2ed8-4ea3-8207-069bb29233d7
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://udmserve.net/udm/fetch.pix?dt=1;apnid=8343254669216575683;cb=0.6325539
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0FDNUVDMEQtMDlGMi00Q0EzLTg2NzUtM0ZFQUNFRUZBNzA3&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0FDNUVDMEQtMDlGMi00Q0EzLTg2NzUtM0ZFQUNFRUZBNzA3&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3DCAC5EC0D-09F2-4CA3-8675-3FEACEEFA707;cb=0.6325539
  • https://udmserve.net/udm/fetch.pix?pmid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707;cb=0.6325539
43 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?pmid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707;cb=0.6325539
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
HTTP/1.1
Server
68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:39 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://udmserve.net/udm/fetch.pix?pmid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707;cb=0.6325539
date
Wed, 20 Jul 2022 09:39:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.6325539%3Bindx%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.6325539%3Bindx%3D&s=199174&C=1
  • https://udmserve.net/udm/fetch.pix?dt=1;cb=0.6325539;indx=YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB
43 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.6325539;indx=YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
HTTP/1.1
Server
68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:37 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:37 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLl3H82N9tlz%2Bx%2B%2FT5ULB1M6qCe%2F5UZZg2pL3qdbSfj%2F71sgCdTEEoqg2qPrjUvwRQyS7rg%2BRalPzUqmP0LeECzUCqCZ2xbL0R5W4LDXC8Xj8WKsxVoZFxWlQGXQZeZm8SDtLjHs6i7gmw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.6325539;indx=YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB
cache-control
no-cache
cf-ray
72dce63d7fe40992-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
hawtcelebs.com_auto_interstitial_desktop
live.demand.supply/cpi/ 		9 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cpi/hawtcelebs.com_auto_interstitial_desktop?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09e3347331a5b35010454b3f83a833794f3356e7a26146c7dbfb948a298d6770

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
72dce63c1e539aec-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9
pubads_impl_2022071401.js
securepubads.g.doubleclick.net/gpt/ 		377 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
fe7bd8cacf9680625b7da9649a92bee8ab705909190040bad2396b2d6ca9436e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:48:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
611
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131659
x-xss-protection
0
last-modified
Thu, 14 Jul 2022 08:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 20 Jul 2023 15:48:26 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		446 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.hawtcelebs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
47ecec0312b98dc3f4b5977fa38fc06d8f7e60f22901b852860f6006bd0e6def
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jul 2022 15:58:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
193
x-xss-protection
0
expires
Wed, 20 Jul 2022 15:58:37 GMT
hawtcelebs.com_160x600_hawt160
live.demand.supply/cp/ 		9 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/hawtcelebs.com_160x600_hawt160?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09e3347331a5b35010454b3f83a833794f3356e7a26146c7dbfb948a298d6770

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
72dce63c9f129aec-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9
hawtcelebs.com_300x250_desno300x250
live.demand.supply/cp/ 		9 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/hawtcelebs.com_300x250_desno300x250?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09e3347331a5b35010454b3f83a833794f3356e7a26146c7dbfb948a298d6770

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
72dce63c9f169aec-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220719/r20190131/ Frame B14C 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220719/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
1655
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 15:31:02 GMT
etag
8616628553774171045
expires
Wed, 03 Aug 2022 15:31:02 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
hawtcelebs.com_native_multi_home5
live.demand.supply/cp/ 		9 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/hawtcelebs.com_native_multi_home5?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09e3347331a5b35010454b3f83a833794f3356e7a26146c7dbfb948a298d6770

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
72dce63cdf7b9aec-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9
hawtcelebs.com_responsive_h_hawtfuterreshor
live.demand.supply/cp/ 		9 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/hawtcelebs.com_responsive_h_hawtfuterreshor?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09e3347331a5b35010454b3f83a833794f3356e7a26146c7dbfb948a298d6770

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
72dce63cdf8e9aec-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9
hawtcelebs.com_fluid_sky_home7
live.demand.supply/cp/ 		9 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/hawtcelebs.com_fluid_sky_home7?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09e3347331a5b35010454b3f83a833794f3356e7a26146c7dbfb948a298d6770

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
72dce63cdf909aec-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9
hawtcelebs.com_300x600_hawt600
live.demand.supply/cp/ 		9 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/hawtcelebs.com_300x600_hawt600?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09e3347331a5b35010454b3f83a833794f3356e7a26146c7dbfb948a298d6770

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
72dce63cdf929aec-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9
hawtcelebs.com_native_multi_native_under_related
live.demand.supply/cp/ 		9 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/hawtcelebs.com_native_multi_native_under_related?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09e3347331a5b35010454b3f83a833794f3356e7a26146c7dbfb948a298d6770

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
72dce63cefa09aec-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9
wrap.js
confiant-integrations.global.ssl.fastly.net/prebid/202207121816/ 		104 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://confiant-integrations.global.ssl.fastly.net/prebid/202207121816/wrap.js
Requested by
Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/UZYxC75kqDLRiEd9GoEYOmovVVM/prebid/config.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3d3bd31f59ac3efe93404a114c344a91432611536a05937f892ab1c54e5f745f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:37 GMT
Content-Encoding
gzip
Age
155
X-Cache
HIT
Connection
keep-alive
Content-Length
34281
x-amz-id-2
2O9/cOCuoBtR3S1ts3SCYIy3roROap4B93LGqXK4iLL1MAnV2WdG7qykHJ/rDlD8ulbxI8jiz5Y=
X-Served-By
cache-mia11370-MIA
Last-Modified
Tue, 12 Jul 2022 22:19:13 GMT
Server
AmazonS3
X-Timer
S1658332718.609519,VS0,VE0
ETag
"fa9383efa92851a2d4efcdb19cd6cf37"
x-amz-request-id
2B1Y2BEMMM4NPKRG
Via
1.1 varnish
Cache-Control
public, max-age=900, stale-while-revalidate=3600
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Cache-Hits
8
hawtcelebs.com_fluid_lb+sq_home3_1
live.demand.supply/cp/ 		9 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/cp/hawtcelebs.com_fluid_lb+sq_home3_1?mlcu=null&mlos=wi&mlbr=ch&mlla=en&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09e3347331a5b35010454b3f83a833794f3356e7a26146c7dbfb948a298d6770

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
private,max-age=3600
cf-ray
72dce63d18179aec-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9
rules-p-effSsmMYCbAck.js
rules.quantcount.com/ 		3 B
445 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 11:19:15 GMT
via
1.1 6a2d00c5c73022efc4bc2786f44b3cdc.cloudfront.net (CloudFront)
age
16763
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 21:04:20 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
x-amz-cf-id
uO8CoR4Yq4vbd6mKMcnbdRKH_G3tcyitA7MNjDS2afJJ4o5by9zvzw==
rules-p-Pz67dCqdsHfxh.js
rules.quantcount.com/ 		147 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
57b7f2b2bcdd983268775ebc6ee71d208510b285d79dd058f2717248079c59d1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:28:39 GMT
via
1.1 6a2d00c5c73022efc4bc2786f44b3cdc.cloudfront.net (CloudFront)
age
1798
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
147
last-modified
Tue, 27 Apr 2021 19:10:31 GMT
server
AmazonS3
etag
"f7c84b69d3abe411fbfc06992543fbe2"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
x-amz-cf-id
R9fIUSgUS2-eKFAZe3tktyMt4hoHeeiiYa2xI-CtLpTO2N8gdLgVOw==
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_300x250_desno300x250&pdc=0&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id
01G3H3TVM5VP9D98ZA3HVY52JK
date
Wed, 20 Jul 2022 15:58:37 GMT
cf-cache-status
HIT
age
247354
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
72dce63da9259aec-MIA
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_auto_interstitial_desktop&pdc=0&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id
01G3H3TVM5VP9D98ZA3HVY52JK
date
Wed, 20 Jul 2022 15:58:37 GMT
cf-cache-status
HIT
age
247354
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
72dce63da92d9aec-MIA
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_300x600_hawt600&pdc=0&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id
01G3H3TVM5VP9D98ZA3HVY52JK
date
Wed, 20 Jul 2022 15:58:37 GMT
cf-cache-status
HIT
age
247354
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
72dce63dd9869aec-MIA
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_fluid_sky_home7&pdc=0&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id
01G3H3TVM5VP9D98ZA3HVY52JK
date
Wed, 20 Jul 2022 15:58:37 GMT
cf-cache-status
HIT
age
247354
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
72dce63de99d9aec-MIA
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_native_multi_home5&pdc=0&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id
01G3H3TVM5VP9D98ZA3HVY52JK
date
Wed, 20 Jul 2022 15:58:37 GMT
cf-cache-status
HIT
age
247354
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
72dce63e19e89aec-MIA
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_native_multi_native_under_related&pdc=0&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id
01G3H3TVM5VP9D98ZA3HVY52JK
date
Wed, 20 Jul 2022 15:58:37 GMT
cf-cache-status
HIT
age
247354
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
72dce63e3a169aec-MIA
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_fluid_lb%2Bsq_home3_1&pdc=0&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id
01G3H3TVM5VP9D98ZA3HVY52JK
date
Wed, 20 Jul 2022 15:58:37 GMT
cf-cache-status
HIT
age
247354
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
72dce63e3a1b9aec-MIA
e.js
live.demand.supply/e/ 		0
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_160x600_hawt160&pdc=0&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id
01G3H3TVM5VP9D98ZA3HVY52JK
date
Wed, 20 Jul 2022 15:58:37 GMT
cf-cache-status
HIT
age
247354
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
72dce63e3a1e9aec-MIA
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.hawtcelebs.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jul 2022 15:58:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1722149225813891&correlator=2645234890800180&eid=31068458%2C31068502%2C42531607&output=ldjh&gdfp_req=1&vrg=2022071401&ptt=17&impl=fif&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C126ee8cb-be4a-44dd-bbca-61a2ab6e88e3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=1274167511&sfv=1-0-38&ecs=20220720&fsapi=false&prev_scp=ti%3Dffb5bc00-f573-434b-bc10-51f6fd1955b7%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D84&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1658332717832&lmt=1658332717&dlt=1658332716899&idt=893&adxs=1029&adys=380&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=512&ohw=0&ga_vid=837706208.1658332718&ga_sid=1658332718&ga_hid=2110486559&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
b303e6cd63c996bf26f13285113dbfb293cfce054ba4ce88dd5274605b5db009
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9481
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1722149225813891&correlator=576820151281454&eid=31068458%2C31068502%2C42531607&output=ldjh&gdfp_req=1&vrg=2022071401&ptt=17&impl=fif&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C42d64542-ad30-45c9-9859-6b93dc8b1e0c&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&adks=1978351858&sfv=1-0-38&ecs=20220720&ists=1&fas=8&fsapi=false&prev_scp=ti%3Dffb5bc00-f573-434b-bc10-51f6fd1955b7%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D84&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1658332717837&lmt=1658332717&dlt=1658332716899&idt=893&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=837706208.1658332718&ga_sid=1658332718&ga_hid=2110486559&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
7a99f6c80f192451945c4291633eaf4a921c61939888d955f40dd5c72e7fe502
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
629
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1722149225813891&correlator=2267114707176777&eid=31068458%2C31068502%2C42531607&output=ldjh&gdfp_req=1&vrg=2022071401&ptt=17&impl=fif&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C120e6fb9-b7ae-46f4-9a5a-75588a0f4977&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&ifi=3&adks=3898746532&sfv=1-0-38&ecs=20220720&fsapi=false&prev_scp=ti%3Dffb5bc00-f573-434b-bc10-51f6fd1955b7%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D84&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1658332717840&lmt=1658332717&dlt=1658332716899&idt=893&adxs=1029&adys=760&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=512&ohw=0&ga_vid=837706208.1658332718&ga_sid=1658332718&ga_hid=2110486559&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
911bfd230d3b9fca5c18eca692bbb5fca3b6b2c1fbb7efbc23e79f479591340c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8527
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1722149225813891&correlator=390439215882037&eid=31068458%2C31068502%2C42531607&output=ldjh&gdfp_req=1&vrg=2022071401&ptt=17&impl=fif&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2Cf9c1d796-ef8b-48c5-a212-9c5e01c1d981&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=4&adks=3020928236&sfv=1-0-38&ecs=20220720&fsapi=false&prev_scp=ti%3Dffb5bc00-f573-434b-bc10-51f6fd1955b7%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D84&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1658332717843&lmt=1658332717&dlt=1658332716899&idt=893&adxs=272&adys=400&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&ga_vid=837706208.1658332718&ga_sid=1658332718&ga_hid=2110486559&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ba6acd68106f8be24510525c15e77dd455b0d3b782b769720888d94506fddc3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8512
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		729 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1722149225813891&correlator=886639971872615&eid=31068458%2C31068502%2C42531607&output=ldjh&gdfp_req=1&vrg=2022071401&ptt=17&impl=fif&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2Cda717d23-6cb8-4cf8-8193-b5edb1400a01&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=570x280&ifi=5&adks=4273363959&sfv=1-0-38&ecs=20220720&fsapi=false&prev_scp=ti%3Dffb5bc00-f573-434b-bc10-51f6fd1955b7%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D84&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1658332717845&lmt=1658332717&dlt=1658332716899&idt=893&adxs=432&adys=3304&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&frm=20&vis=1&psz=577x116&msz=577x116&fws=0&ohw=0&ga_vid=837706208.1658332718&ga_sid=1658332718&ga_hid=2110486559&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
ec637ae132868426c8801fda4fa17877692befe7d1fb6e4a2a32eb5a020b2a17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
369
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E783 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 15:58:38 GMT
expires
Thu, 20 Jul 2023 15:58:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads_2022071401.js
securepubads.g.doubleclick.net/gpt/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022071401.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
sffe /
Resource Hash
3e0f8c5ddc9342d1a55c19ab512c0899c544207abfe0b4387021b3cb1dd430bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 23:41:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
404222
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13565
x-xss-protection
0
last-modified
Thu, 14 Jul 2022 08:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 15 Jul 2023 23:41:35 GMT
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_responsive_h_hawtfuterreshor&pdc=0&ucv=null&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id
01G3H3TVM5VP9D98ZA3HVY52JK
date
Wed, 20 Jul 2022 15:58:37 GMT
cf-cache-status
HIT
age
247354
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
72dce63ebb479aec-MIA
ads
securepubads.g.doubleclick.net/gampad/ 		76 KB
32 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1722149225813891&correlator=969090536505185&eid=31068458%2C31068502%2C42531607&output=ldjh&gdfp_req=1&vrg=2022071401&ptt=17&impl=fif&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2Ccf81cb99-3273-478f-ad79-a5404a44db5c&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x100&ifi=6&adks=841703197&sfv=1-0-38&ecs=20220720&fsapi=false&prev_scp=ti%3Dffb5bc00-f573-434b-bc10-51f6fd1955b7%26bid%3D0.01%26bid-p%3Dgoogle%26bsc%3D84&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1658332717866&lmt=1658332717&dlt=1658332716899&idt=893&adxs=252&adys=10948&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&frm=20&vis=1&psz=1097x0&msz=1097x0&fws=0&ohw=0&ga_vid=837706208.1658332718&ga_sid=1658332718&ga_hid=2110486559&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f2.1e100.net
Software
cafe /
Resource Hash
b0a632f38b41e087224a6472747031280b8ea068cb083f7f8acd35bbaed7aaeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32558
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=1499222345;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=1;fpa=P0-1034272385-1658332717914;pbc=;ns=0;ce=1;qjs=1;qv=623fd1d5-20220713234410;cm=;gdpr=0;ref=;d=hawt...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1499222345;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=1;fpa=P0-1034272385-1658332717914;pbc=;ns=0;ce=1;qjs=1;qv=623fd1d5-20220713234410;cm=;gdpr=0;ref=;d=hawtcelebs.com;dst=0;et=1658332717914;tzo=0;ogl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel;r=1510256253;labels=edge.1%2Csid.14863;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=0;fpa=P0-1034272385-1658332717914;pbc=;ns=0;ce=1;qjs=1;qv=623fd1d5-20220713234...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1510256253;labels=edge.1%2Csid.14863;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=0;fpa=P0-1034272385-1658332717914;pbc=;ns=0;ce=1;qjs=1;qv=623fd1d5-20220713234410;cm=;gdpr=0;ref=;d=hawtcelebs.com;dst=0;et=1658332717917;tzo=0;ogl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_auto_interstitial_desktop&e=nai&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id
01G3H3TVM5VP9D98ZA3HVY52JK
date
Wed, 20 Jul 2022 15:58:38 GMT
cf-cache-status
HIT
age
247355
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
72dce6402dd99aec-MIA
esp.js
cdn.id5-sync.com/api/1.0/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
571cc1e3b9210a3e1da4b1ac7292fc391da3cd6589310619cc597dcd8e22a853
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:33:11 GMT
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.122.0/26
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
bhs
content-disposition
attachment;filename="esp.js"
strict-transport-security
max-age=63072000; includeSubDomains; preload
accept-ranges
bytes
content-length
12035
x-request-id
864814897
container.html
fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 74FF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 15:58:38 GMT
expires
Thu, 20 Jul 2023 15:58:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=hawtcelebs.com_160x600_hawt160&sy=0664dce3-795b-4cf6-9a57-983455ff01b9&ts=84&cd=2&pud=235&pus=c&pue=4203&pid=189&pis=c&pie=4411&ppd=279&pps=a&ppe=4502&pad=359&pas=c&pae=4584&pcl=4145&ttc=4578&tti=5230&ttif=0&lca=4502&lcak=ppe&lct=4584&lctk=pae&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=160x600&mlbw=4g&mlcs=NaN&mltp=ffb5bc00-f573-434b-bc10-51f6fd1955b7&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id
01G3H3TVM5VP9D98ZA3HVY52JK
date
Wed, 20 Jul 2022 15:58:38 GMT
cf-cache-status
HIT
age
247355
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
72dce640aeb99aec-MIA
container.html
fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 47D8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 15:58:38 GMT
expires
Thu, 20 Jul 2023 15:58:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=hawtcelebs.com_300x600_hawt600&sy=0664dce3-795b-4cf6-9a57-983455ff01b9&ts=84&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=300x600&mlbw=4g&mlcs=NaN&mltp=ffb5bc00-f573-434b-bc10-51f6fd1955b7&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id
01G3H3TVM5VP9D98ZA3HVY52JK
date
Wed, 20 Jul 2022 15:58:38 GMT
cf-cache-status
HIT
age
247355
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
72dce640bee49aec-MIA
e.js
live.demand.supply/e/ 		0
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_fluid_lb%2Bsq_home3_1&e=nai&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id
01G3H3TVM5VP9D98ZA3HVY52JK
date
Wed, 20 Jul 2022 15:58:38 GMT
cf-cache-status
HIT
age
247355
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
72dce640cefa9aec-MIA
container.html
fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5726 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 15:58:38 GMT
expires
Thu, 20 Jul 2023 15:58:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=hawtcelebs.com_responsive_h_hawtfuterreshor&sy=0664dce3-795b-4cf6-9a57-983455ff01b9&ts=84&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=1024x100&mlbw=4g&mlcs=NaN&mltp=ffb5bc00-f573-434b-bc10-51f6fd1955b7&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id
01G3H3TVM5VP9D98ZA3HVY52JK
date
Wed, 20 Jul 2022 15:58:38 GMT
cf-cache-status
HIT
age
247355
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
72dce640ff829aec-MIA
container.html
fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5E5E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 15:58:38 GMT
expires
Thu, 20 Jul 2023 15:58:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?gl=0.01&b=3&r=hawtcelebs.com_300x250_desno300x250&sy=0664dce3-795b-4cf6-9a57-983455ff01b9&ts=84&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=300x250&mlbw=4g&mlcs=NaN&mltp=ffb5bc00-f573-434b-bc10-51f6fd1955b7&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id
01G3H3TVM5VP9D98ZA3HVY52JK
date
Wed, 20 Jul 2022 15:58:38 GMT
cf-cache-status
HIT
age
247355
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
72dce6410fa49aec-MIA
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6AE5 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYlZKoywEwAQ&v=APEucNW4cqm2-OomguBA3O7iJM1sR6EcwkySbz_DlLPPqZFdWjYuCxkdvcgdFnAz4MXt7_vk-XC7PXQpSGyyWvBl1KQM3om6rw
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 15:58:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 74FF 		78 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRXnq7JV4fPLfZRvKhxfJkz_ao5UENtC6a8CtoW3u5LJbHvRYJrnAIkpM14NhGZWA6-7KCN1fJvLNZfyqpEZp_R2nl2Q&cry=1&dbm_d=AKAmf-C3O7BOxTLKhhAP_q3ta7EBI2jq1zwXLrFZPPBcsMYT_xSGOSchTpvMEQorrudb6mTTddPnjQQduAT62yRKhfIbCVGRPWZxOVPABo3N53uQD7v3JGRdiz0A88GY81BLgY3gKNZk_70WWdEqwl5659yUHDbKnul-699SvPxcS6DnvaQ-d43Nk4PuY1thTdPjMBOyUrJrZr6LzgL5b76WBsbhWbQm_Z98lKayd-2WxvJg4Z54-eYFl_jip_TpVnhd9WjWNU8SBUMkHpVziSNcSO5gvM9aTrYX9oUDsKrwpLkiWVsKwZfNcWuMVafRoY2jMDRt-t4i-yYVOlUxW3d-uah9owrigElJIyBOUqFCHqXfZNH94Xq_PoJwZ1-Y_N-hZZLHJ7UPL4YveN4nlmC6ZQvrcwWirJFjEz3R-UKAPXXuzE6oy17FO-gFWedlX70eB30oCXANBQyJxs5yUk1HKxQRrHNYd0QbwT-6m7sxO9eDS4KiZS-LgojhChThBoxIOrOauecC6CGUWeHAOkKL6CWEX0FToxqNQLkpQxNVVxSHdwaaZaB3Sjt9M1PLSyKHM0-Hwx8bhUQFEJqJeGVsWGNo2kYF_hnuaWHty5Q9DIkRUKWHKVnjudtUMfAXDipdwvMXtCzhm9CtWYkxip2bKfXe2T1zA4d7PP_POfQPYXyqVvA767uehXzNhAoz2qkD0kDmGx3aUBm8Q36UxqtAS1AmB7bGZJi_d8G6twdc2GgCKPCuwux0ENUz9vXVmVJEZK1FkehMMhs21I11CsX_ereoufwWq9tJPZVEEkXanSMmLFQY7k3LCOFL8QQB_JA9k2FZCietsuv53ysAsA6vor73A2GZwFcXBTpb9t26IJb9kjqWrRcD9dPKggvFVCzI30rlx554mpkTcGjO_ixYHc0MNnDqbFgP-XyhkEvbshQmRZ2UTkJHMOcgxiQfa7EDmDzXts3YY4HFLER-eMxMXXpV-0FdO-_1zWaPktXFgrVUziQ4DXBC85JTBKzLPfyqEYb-urcu4hyU-shABhT3zHS_LNn-HGQmZJEfJ0D8hYCfP846sURcLYJk0OJQHpZL68M5-gHFXwZzfPYp6vzfFvmiUOLfMr7Ek5NSFbrQpczUa4Ix6kQXkUMCphsMm-ULDU2et-RSJAPdlAkFJtUtGtCYSwFPtsqaqpsHs8DdWsGtB-YIk6RphqYrC_qX3UQBN7HNtmcjS0Gk8pCjYVgnBhz_jVIVfey3gZeshHlinAPYujUaUcfJdX-fq0QPGUs43UqN6TZMNhRQg_XJJfFozaWNR1Md_WoaiPUZQYQoHTj2wz5j5rMJN_6ZhPgI7GapxEcbeNgwzrHkPMs9VrwEHfv0Ld65SHGavgfvHuX6k_sqGLlvcyZB1Q-Mrugse1paJg-Qm7hkdRp0QIi0RyQzIxbATORHCJTkZ52XsAEX40TmRcfMSYZTzIIGn6znjj56Zu5odu3zkkAkx17-jtaQyFzENfteTFVSsSHHPZWoFEUP5Ixkb1qW9SWc7MqqmyJlyn5OJ849vZrQ4kYB5BdLGckBlakNtmWvlUGTBp9QMwMGWwiG-ufGP9nEA9_Y9L2rhghsMAwx3iqa812EWsNjrYRI064RoclcRaYiv-2w5XrEbN2UBZDyJ3punJwtmW3-f0UuHWq_RruEzwTte0SYkE5Q8R4flGsWQNgm8ENKdWd0xwymT6fvpS_JscimCSSC1rfZa5-tVI0vBVEws0IhLB7VRCebO0-v_1QVpW_BXM1fzLHaVXrZhrbnNNb8vrAjWqlAiRn0PkazofIi4DhcV3G4ZZ5LNlZMDqjzRfp3ft9fMX_AYvS4eO2gNFaD1cnPiSKhZpW9c0P6_hie4_xd6fDEL0EVGwniQ7MAPqGDBjNrhAsOOO67h4B6KSseNEyxQEvKeuk6Hm6YbqhG3iFfEWDiJiqZcuryAeh6nuu5K15nS_bcF4Ekd7a8b19PESgp9W7c9wDWoxV3EEOhBqDzNFj5iv0AiqYJfrJG8ZIt30z7jEWTF66grIc0C_--1TEWZHonDkwdF2tjWstxg4AGusF4L4kQy7dFj33vjiTpz7NV1-rflabPQa206TempBi9Kuhq9zPUbfGRSVwsQ5o999PFzSvBFwEyk4xcWcPpxPC4irLXzrObewOphuE7xltOiXws-9rpdb8UyFhjn1brYnjfPg5ZI5CoodRBH9Ml4_EGt5HlW0hbElCKJuitYHXRxP5AShllE34h1FV74-iyLhduY_OHgzj5xptXPVDYMJD9TOFkQZiX4o5E_yJs1mDsIKUdLU9viYa92-SCVBXFk7OJPdMJFVppbPkiC6kw3jQRDQ0lGOTCvn3lDAhnfaWnM_csr0S7FP0xN8PA02GHlbQtvAYGrcEIgaaTWAlGWDhYqjiKVR4ol01MnpCbjrHBBPjoEeHGOpm1mBT-fDnin1YfsDWfCcC7_ei0k7GGnj3EqneLhdqgMASU9-TNyb9G1QG0MCWzexFP3wfAw0U6qsI97O2V1qj5Ik4pL7FFGpQOltrEAHFOZfav2t7AMPn6b0tm91q6ko-n6lscM6c6hbHCKXsjN9sFDvx7qFXMjTkuJyzhBtmMmXnzDvlK1BscvXddI14_LZnHUuuXuCtVlJbBtifxGyCjm-Fo3tvB-Ca2QXpkwRR10UQzNLb7rmvIvmBKVfBFc5uGmtLq6OdM7GqVfkbz8lH6LvqqcFbO1uapxUck9dgii0Q1pIe2DKH6NUOeNNTW_k_iN_2u5c7xLDsB2LyB6hnEsBqfn2i6uFCkHA941SMiq8zRfYIwDcdO0_0b2mmSZik6TZvGblmbkOni38xo_vumiFMtwPSQ-dCDtyOkr-Jp_vNouGYG6iqTOHMGhKj8ERyU00gtHM107QksMv0TuDbFwuEiIzHc1V3Hdb6itw0s2yDsyHhMe6fy13uj1T1suMWInN0e-TMEk0eD-M2s5Sj7HyMJXjwLww4_oJcYdJO65o4xdRv3M-xKzqQuWt0DnFl1TfHeCbnebJosajdIOfvMGBT8WWjeBPPGjHkRFsQCWHlCFPfRYvfK2K2WkdviSOc2I3SEahPmOP2TSLEzJUcq3GzGzrhgxiQZAcKcaQPUfcbqctIfBXYlR6orvOz2bFIMP-AZmtfK2p1vJpa2zICHdwAyK-VkAHj1UxswXNlj92RSJ-HLFgOFcpKFHkYc7ZmKwLP-gjCNBsqFVyq88WxzdzDOuD255nORVu_6e8NU4EqydClY4bNBpVWqLeIeiVbzITJy96pxRbjGRn-kNtpUn5Xqht2jJ8XXi7lZB0RiwbxS9kxaBoxUOpuoHWKTVL57vKOiN6cLwNQqW_SIrUsVkQbPBx3Jq5bXG8_l-ahyjS7iNWi9_ydu4LYm3W3C&cid=CAASJ-RoT7Ys88lHYhI80EhqZofBeMIGre4R5FsTR39XPLNExKp2vtkyhA&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0c804f4ee55eb0605cf0a011f53bea90ce2b1a90569c41f2f304787a0b7b4cb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34057
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 74FF 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C1PDZKAaQEdoBPe7Pe--ZarBVWlAale3tpyHdI0yhKo4sNf56MhVfFocOYZi8e8tFMpVZikuKPYprqYIjljpXJQG-BnrElcsD6Q3oNFs2P2sfpTSM
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame 74FF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/window_focus_fy2021.js
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
695
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:47:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 74FF 		137 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43203
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658144321100200"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Jul 2022 15:58:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame 74FF 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e352bd3598be515c20c398e90549e3f966fbce570d88adea32a7f43de7b08f83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7322
x-xss-protection
0
server
cafe
etag
17958847364917198933
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:55:13 GMT
l
www.google.com/ads/measurement/ Frame 74FF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRNxDktYcsFWUHER-DSLo8uQquVi6iKdm2T5BM9wJfslpNSMAaWeokRhz7aWYXoeysTri_rX4d365kT5tM5nh0ly-MHGA
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame C15D 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYvJaoywEwAQ&v=APEucNWvA7FfXQzICE1C7VrggOluQQ4srgRqG6tutVKFysiTYJs8wHKMg2IvyPVdd4Jid0ar9976-ye4CQGq8UPOBUXJ9fLnuQ
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 15:58:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 47D8 		78 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DE3Z8aqApcxZFLibp3AtlDB4DM9AIdm5xln1XNXSCvcwWMPkHBMHMgMt6kWk0-gtXA3RqKdMPBHg4qZ3tKYa5qImvTFg&cry=1&dbm_d=AKAmf-BbROwX3-OtyhOptI-qCoR8HuqYFE-2TnLBZPROrAksvG_SR06qzmULjimLEQs4lz9Im3gjz2Hdt7K1diU-TF9qKDxlznZq6SMFfZs6VmHtuD2XGMhKixlnWw1Do4M8RQj5_4U_YrsqDfNkR7dlfNMwURDpeMgTKdr2y4jzkuJV2TSYfvFfMkg6PIzNjFOZqDZ4D9VBkYSvxxcVA1wRZD4p9R5YdeG0UxKhCiDxYcIZIZ16nvHmmwMZe4A3s1__-tTMRX_KyKf-tHNwJNwbC8TfwVLg82XE55FxR10BLIVt9GSKxB7r7rGO3_o8uOdoxIqzVDhaKP2ziJLnh5eToBSM38VVQQpwF8nkbrYLFBVj13sGKhMrhyiw1C1qR2tO0ufvlg2sFEny_dR9R1IA3N2MJhyx9aSV-FkVKs2nUuM28ip89xqW6fV70tRtkQW9ZdbJoLJOpwl5rMXlbzxEPynj9SleWreAjhBN2ibqgPsIXt8yhXyeYWgzGT9VS1v24zw6MwTlH9kV3lCDqJohmQofMNJ84zvWvycyXdNuHuPxVEoi9WsMj69-pgJUliyrrzTc5LvrSs2cQCh0DCOlhB5dRqWRhDFRdM8iFInJkULa-PbT4V-FPJlmew_YgGTs7wdreQed0dCeR8BAEZytQ7lO3ToEqUWfANO-iB2moKn0L-IetjAwis3CHm2WJkBnkFYgbur3CvmlCBPDqOpLSxg5_dHyAik1Et9s1qFadhIISRXbIu6Iz-H1NsdvKpu0MeGkFtQtpK4-uI8ISmxGGRpBIFQJAV8AMJ1hc8EyHgU96OQ3TG2yPFpOI11YZeX2FDzfRZIAkFHaXjhr8ANJ73u-xsxTTXPUuJM97aFzDdZ5Vv7SbtcF09zUVuqYvRrBfmzhxKZvsojO3YY0XfzFTB5-dvAX8Dzr59k49MBVh-iy9N7Qb7PRqepbJF4lRxCQfXqc6imGpvFL_Rq6LQqwd75vK69jNFhVSl70DmpsqLUTLNtuc1jogVNxtzqTVAtvkc3dJZS_t4aZJ3exx6bPvoF4ehEL_oTzkf4X3hEmzQUJPhUVt2yKOciR50TNzsb_PfwnhR40EJut42YTDNw9RWTqtlRMKTFdgLSkw58RjPTkmNZda4D-OG0t-jSz5lYwARg26OFLfbmuSwFcnTyJZ2uL51OTxDhrnz8CIihaMp2FtuHB83Irw6SKLmDBPPQ7fp5ffudeUnetquv7h0gjJR0EmWLRc7YGO-Qkp8hYiDVKzdUojHxgIYYwcYxdct07KK2Ll3ZcMDmG-VMaZDSAdGWJccFuvoAdmWHCjUP68VtMDs_VNH5KNY3rW20ZN0Ni9T49iDuZps6K5-S2LX6Lo0ueJIgBuAgTW3AU8A15VRJeB5UU3uvwGyE8vnn9YQXFadKeZCQd87lM0pJQN6MVcBs5ludeHoxhz7i2-LA2WK6dbeOt_ksIiS1P9MX_W5Qgdqj2IvZYyte5KNDXpUcipD296ZzltDucnidMZi1Th4_x2W7vBiG4MbgvyQbIGikaWuM4Tz9x7Qn1A-RHQ19LHSg-fpAxL5m6MOBjd9B9QVDPn6G8nZloNsZvZbOjPckSayaDtgXmTtLnY6t8L7tW2pcvZ4WE-yVod2dM2gaZRg_1kwBnrRTGKbWM2VUiHjWnpF9Shcmxqwo2O-n7vPfMyb1tX-eIEA8Rk-_8Myn8R3KkWWTJBV6xwsOlj4JGtEEHKZVUkOquD2XUJr-GGqj0NeZpqPmGPTZjYOYIHvVD619TmzZeQbqXsDFrwxFFdPjZ2FjVPykxWEwi88U_t_9YW_kFV59MRL24J6w7SZjvq-eDt6kN8IwthTa-PiJv591oE2qhGirtrXHek1fY64sSd0cEzJbCOZKa1YpIAjxnhSuDjiUcMvXB6WzVfbUHk1ViTKS9cCi3wAgNxysAZFDO2ZjT3U3AEZ2d2Tk6oH3eT-8vMSQJEKlEt4dO22Qftycw1hg_4tp6xhxrOYRTd0G1Y4DaBGjQb3FV5CmQ2Gmt7KRDsE91WYLXQ45qCvop1a28DX7QajU8HPU_WA-HWSQjeJzSI4FeCKc36mZq_-04T9uLdKShg-9kfUIR0WYryRY1pkqLS6uMd_tMqd5eilG6cGs2FES44HN_DJpQc4ExBDgxH3sLxlLr5LT51HJj5cyS2ktbfaTxgw_I3lb-uVHesO6AaF3QGKj01Mx7kMIX9mlFQ-Ol09gp0G_NhmuTYcbzx34dtcb-DCddYobKwBEbuBYr2k3mSPQ1M4Sv7q2dTlBgOVw3-5t5sZYErv1_euoXVaQB4ZH3-U1Ev7UzKT6WCLYs5VydFz7wfIp9DH3IQFE2AcnSpbKYEL-cdpK_1rNkmZ_lPklf9Cf96RHKWVIFgkuQLdH32n-toS1gW2FxJqA3EO7_5qjRJMYJeBLnqPjz1l5bpAgdYW00m-TMirffD_NAvcO5UFcsCfeb3i7ii2iL9zdnyNbfPHIu0ZfzMBkmp69IGbQHUNpqFuqPdAIEZgK-x32c2hhTrPltFIhL8bGUgX-bFFMi-XeVnyc6sNQAs_p6jyac-QNZich-M2FnqQi6XCzlaPjmqFUbOhxAIcDKsiKBWZaJkUxezweHFTstbayWsvDDUg1Wb6QT5AQANMYkGfadqMEt8MZI4PVrz7B9rKpUVZ100P5-REP1Y1ZcJynuiO0auNtb-hBaIkP6xb2b10_bPvHDej7nH7ui6ziVFWEujf6s76Xj23806xWCb2e5UGijHlRMfg-klXROqCaUB9BpISI9mAxaqfltLtuPZyTpk0oRUOzcKhuzH3lDcdlHwQdI43MaPYJuYaG0mI_mjgnJ19Jk5O2xnooY_oH5ba2Eb1g11R1sZYzVyx4Gbc_lBVACsRnRZTdtvOAU_kmKyy5vyReXhC4iJ0vBepXZPP2a60sj_fZIxLXOe47vjMe2L__Mk243btPcGoIPngUIGIMOBTWm6iPCLbAVySlJ5yw6xTNgeiVpo6pRj2IW4gzQWs_OCh4qXllhusTf1MpevyeH2q_b3F3-fDCoX9zZlMewMOxaJJbdo6L7VdF5T2K9YF6AFx1wpjp0-em-PRWbIYERvZ7umyOfT7TWS6VsNoYaOmZvad-Q21lYn2kknJpzc7G7hqYgBdhF9i8O9RUA1vmpJM-tkieJ-fhkMYB6x0x5NipFWbou4uJmoULBQIET2suCB5YWEIZmQa3FkFni6-tUDBZFRV7Gwl4kRVj99sbqwgeu4J_qZ14DepaeDyG7NjIXvzR6AdWTR1AIaQeNXwV4_fGmtH4jx0rGmsb9N6M0rMdVuTlc2qxyDvj9ZdgKk0LXAJzrXGst-moT-dlL0ukYhEOrBKQcuhQGoj0L441PnQd2VK77G-8ma5wjvmPppLHR&cid=CAASJ-RodCF7l4-BYmNv3GVjfjHYis7b-Rft-093-vFDDHpKbu_axaGhTg&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3cefe45d5e31617a8357236d915cd7f9e3b17638539601cdbf458e5128e1866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33796
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 47D8 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BAyYQXEI6JJ4120RG_rr-FRizXA7LMNzuPOIEyTtSsakYVol0nD6J86TRpQ2IpLVrwI8jRADl3qFUD6KcPZQXR2uGrTFlhBbWffFfak7wAvB5s72E
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame 47D8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/window_focus_fy2021.js
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
695
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:47:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 47D8 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43203
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658144321100200"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Jul 2022 15:58:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame 47D8 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e352bd3598be515c20c398e90549e3f966fbce570d88adea32a7f43de7b08f83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7322
x-xss-protection
0
server
cafe
etag
17958847364917198933
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:55:13 GMT
l
www.google.com/ads/measurement/ Frame 47D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRrEP_MdJn-oeGj6lazzFU1N0qSsni3KeIUaqp15outJh7_GxtgRqAJOJambQziAdkdHkuqfKVNtD6tjbOeCEcmHt24JA
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 9FAD 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COHJsb0CENP816YDGPDPw84BMAE&v=APEucNUSu2XvjdNvdmdSQGkMAjnMTdjWF49UY_mLgLcaXF5w_mIQW1_vTFqRTlBJyaDtpHASHk-6dAczPdc11UdGbxRz8T0jyA
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 15:58:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220718/r20110914/ Frame 0DD1 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220718/r20110914/abg_lite_fy2021.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 11:24:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16443
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8695
x-xss-protection
0
server
cafe
etag
18278475684918935672
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 11:24:35 GMT
5529130961066951713
s0.2mdn.net/simgad/ Frame 0DD1 		41 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/5529130961066951713
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42ceee0de36e62ff6c52fad1bfe460f4a861aac6b865df3fb960ee239b2470da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Sat, 16 Jul 2022 08:05:07 GMT
x-content-type-options
nosniff
age
374011
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42404
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 12:30:44 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 16 Jul 2023 08:05:07 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220718/r20110914/elements/html/ Frame 0DD1 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220718/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 11:29:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16143
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2628
x-xss-protection
0
server
cafe
etag
1103433747108554897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 11:29:35 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0DD1 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuggpEgbgQrufqJdcEeoNVgVHbJ-eR2rZagb8Rt-853C2OkYOQGWEo6Mom0qT9nGqHI_xWj2KMDhGibZTcScDmN4B-fLQCkk-sB8HZMCez5Ik4BnGPGTd0P5WYDgWAqx3cHUlpqWJ9RrPqYZssT1pX6QvJ5m_DBVxCDM9ZvT--U81kXZT5lgx1oc5KAvUf1TONMCSrxZofIBXtd0ahJpkoRjwzUKMDJmEm0BXU4IvUwEztNbbcsuN1ltafHEvzHw9SXkDHqXrxdJ1qRtdngHq2aV6Z2H7-aLdyz-WWPvjsB48-udBMXytggemdZgYw41QsLJez63lOSYe2zdCwED10a8xLNDMQBDBmM5HJSRopSnn5xJjHchY4AwizgNcJdvIblS1cLX_VNCNXvlCSIlL7_rKaUnC3YX8dR9GMw0CH78QZ0Bj_LaiFzBorTI6EswYFTM47B5x8gHClwA_CJ19KXUTJb-908wXNAp4u3MB5hY5zGIv2AeK6s08_MXdeWolrDPm2ikhCDWBhx6pK_v5Hc883cXNrLbpiiwR6PtEVES6KySt8T4RgCK5n5VwOUlQk06niPlWx5Uvhoq6rcvz6q-xi5PFhkYy7efojCstP3EF0Gt-Rq0KfCscrt0l4_T3rwJVbdMuhFy-WHdkw4FZo4EEWXwHj1J9p07NT4pgMlX3SMsgS6E1paZPfaHCIsTVFoWHCuKV8hW4TROOHS9_YT0jltpyXf2THX5qoPSpL8I36hPRnlaNbu_2SWTcVY4_iS7R4J1730xKB8yqJjscGLpchpZfFCLCnaEq59_1ss9Da3p5x4wkGHi3wxG_OQ09f34gQPNLSzJi7ai34pZYhmNIiA4hHQut3R5jGTtpiDqCPXYZRMKWsANPYJEHEa5PSD488twp7IPryNM11-qzdAIxZPnkz2x74qKnR5_PJpJhHNecJz7tXAiqySZhov_1AuZ0sG6QwleLDCKJ8u5taADXdceJUj1vqIOAyrPOjM4gpCQ0anl6Ov7Qsb0XtfT2BteUvRehudPyz2WY6S3_fwVWkzI7Op1rdsN4Lvb07cW3uJMw19R0qUk4ZPAdsLJTZ1q_SAP5GuIUcNSCm9UR-GR29Lxc9Gz2l2jAULRBqCzDrnszyv7FVIA0222qiJA5Ab8P94mLeYGHRELc4KX18j876Ciabx_8_wU8WTTcCXg1A9jdSd685-Aoa1myFui2gYwOngqhGtO4zzT_n0hzKg9B2cjQs9faZ3h-FHxjUxFOJy-_108iPfP7bCxXzhsOZ8qhe-VdWYtENFw3B40pwpC2KY0aZ7VR9GDuZYYapIWPhn7PckJkL8&sai=AMfl-YSCzwoKtusFe2sjTRpOeOISKcYglb8jaVvvThwr0LRsCdSygKASAaJaNMTpd0aF7oBUO1R_q3YSEbT__M4HpVqH_lFtu0eNvlh4iyXjdcSZgG-_qax2ZD7dRAQiswd-YLpO2TcKo9Lj1vP_VJcpG7fzFahJg9c7iB4GyqfiCi2Z6wdpxXqOw2c6FA8C3XO4mddQh7LpNtTKue0fZ8Bl4hAY9ffO7-YZsDsaDHTn1ikE48bfJHzTLy_y2oYy1bIXXd9Oy0iz0F7OgcPX5d8tr6P9vnYvW970YUfmzJdPV9CkzCLqojmY3mD5jLQQ-GZKGysqTqUbwXx6123T88aeusGQmvTe-Q4uV-VXZ8C1G0Qh_PMxqpLPMdY0z7MM4gUhpwkrKWJ1aT5UbLk&sig=Cg0ArKJSzEc8UNKJDaqEEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220718.19637&adurl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Wed, 20 Jul 2022 15:58:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0DD1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 11:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 11:58:57 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame 0DD1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
695
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:47:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0DD1 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43203
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658144321100200"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Jul 2022 15:58:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame 0DD1 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e352bd3598be515c20c398e90549e3f966fbce570d88adea32a7f43de7b08f83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7322
x-xss-protection
0
server
cafe
etag
17958847364917198933
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:55:13 GMT
l
www.google.com/ads/measurement/ Frame 0DD1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRpiuVfThSCSaEke5xnxx7Izd3jqTWounAUgWZSJ7Y9d7JBZYH7hxL1Wy0gBjjCu6iZMkOzpZ3_dbQo5kKlDzyF09u9Bg
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0DD1 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D_O8T9TEMjY9JbB4zJxiGKANqcvgR06OPD6tXKktFP6j12OEeWdAr5wANXoVvr_x_T26QWfMBoSP8i20qxlAxvM7GWxTgoxkN_c5z9AiyRm0ddbQE
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 82F8 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6EFBDboaEBGMSZx8sBMAE&v=APEucNW_k9BmP28jNwvOMWY43QCEoY3HxBlEhdgLPDrwmmOha3rMoa3MyNDo9j7saX0ZkBC9uaNmSY95VRRFEe_RGRPAxwJePg
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 15:58:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 5E5E 		27 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DEWmxNzFKxyo-uISZKH1cYOtV5EJVw-Il3A4OcKh65euUCvodcKs2vDO18q2Ftol1zEqgmdypQLgZgLu-MWEr-3hWmuDIl82QTNXDNGPAsOcbxYSYETf9BTjtcrIDCACEzJOT5perOItOF7DqC3AHXbnkCpg&cry=1&dbm_d=AKAmf-CPA6reYh1-JqxGzBJH5Qh9hQOo-Fq6tE47ElqrYTHlUswWqYpUuUOtsQ1ogIEwESQY_O0zk4JtnJYyP15vh9EoaI2WSoMIOqajkI32vJDZ8bISy2HJCs0nfZFpwdGdsC-CGiMKV4_5jVYEoM1rBTXdZ1I6doisGCdJx0FvQRcAh17pB21EEBGccJuxIFnBLVfz0l01h4FddmqP7uh2spgf0zg1_3Ko9-6Zkz0czcZUAz-WP9Fp__xH0RpYUik2LYQlUwbUKgw9zhmZezipHKoGEQWU8fEJLaF6wD-AHMsbmH7xQFQSnKcTc6eEZh3pMfke9nsa0hSWQY_g-hHI2j1M5vNCR159SL-H_Nb6OnSFYUI_pCUzUGinEOTVo-dSO3L3nMzD0Z8v4gz0QgZ1jrWepR_g3ymTB7w4EBq8fKnoSUvdCVUobfBLBoDfKHP47G2m1ZJZeVwWSnzBRDJhrSaF_WqK3-64snO3OE_OusO1nc4XDK4YiXejd-cfvarOcgyQklAjaEN04Afb_sCd-MGqQf2ZVp7-ES5cVrc6EExhOG61Bb6ua3eWjhIBzmeZS-UKLZmJigblzo78nSEoVxug6QqlBMJGQNiHAnDEAM9jzJwl3qJZvCdZ7eYNQTm-Qrx-0X8gWuj6oHey9avA0l2RnqaD-WsHFF9wnTvF8U8yTcBM4OJO_FUhYVALBAt0Puf-nG83dKm7eC778VWV6My_-WDpaJYNlt09RTyP4t6kD6XOaGHcMwm5z0HKT9TfKS27Oua9jUuVEFG1pOOU7Y4pJLw0tWjWh5YJNtQ-j_Smk2MtUuts-B5bpjCSWEhGb6hRWHWtDXuxa-oz5M7elzG_bs0qxG1YxVRv_BKk_xa2NmmhloK8UGxfptFBShqpo2L3CE4LYOhI9qZ9vQ2lUUc2FXhV5PCGXD7G9x9ZJlmytYSG_umUB7VHi8D5SADZx9He48DOn29L0x_i_7zbSNusDTBn-dfPNnt5z5Yx2n860JvZ6U-sDA2CO-ZvupJvpqVio9jxtUG4A-mAdp9b_QSb2vtxVEz2Axsn-RZqnbVbbOWZiAE3UccQ9JIkq-Tafl61X8Y3P7EUq_CqmXKPnDCs2LdAZRiVilZDZGLx6T8K4WI5qgx2KHZ4JyIdKI8L5tAr4u_HVL5e7yInOc58WeRhNSYaa47v0QWMZhr76rNdy2Cq2YFX_mXCZ-EhHeE9j-GTxPlBMIeZ18kOYc5vZeNFjsMqxDh-p_Jgh70BGA3ogcOnkyoA-2RTqZF9hsZgXqOvYqNF2gK0HRikC5kpz4tOgQh1V1J33yqqgJwQRUqUfwj_7ABrKro2-wlRpdnTnvaJ-ezSHoHbUZhefMyumwsFY9qmG8Seu3iP3zirQn92sqkJaqJEQJ202IcdRkqueVbynA_jElmoMC-tNkCnFQVCJYu5w6DLGEjZzUUBD5zwEERhrsWHmY_xs_eab-07I4Y6-M9l8v2qqA3fh8h-Wz8NBtz2FZlBPAfr4ayUlYJWGkB1vcoVmB_IyWLEWpFtGPGR8W6v3AdAhviezznzL0K-65Xzh_c3m87b2m14fsrLbt2ihXBThhk74kalSgW2-b28hSCPy5CWkdSg2lJX2pCSjGarkG_dnUcvkfDZtDoBR0Os3o47ZZQHtW_GSAsoT6uRG0GRF_4nb9kXoPJdu3OIdaczaxOEG5pMl3-hgGN2pNFuO9XFPz8rCcBlhkyh59Uih6Vn0LZVTwtu5ggbNehg4uTjlmo5BLXholbesLJn5oUSGQ6CjyxUTbJ1Ax2Zy6-pl2WLybR20GXMwp5jDDNoE955KHRmfuwpsMUTbp3JDLNdF5YAgtPFRG8xVYodnoDkoLgs3Rv3JYBJ0MR_lBMh-qkUmp2DhpksO74EOGMyE1a60YUq9AgoB2IHfXGvFCYmypUCi5xMWecGxKZcZAjThFwA8UDh6vrGHDrnk6ld1VITIFLe7W_i2cvvDOoR8L1QVE0emHD0XAs32wyP-fMO2OyexMFd1Ex29XfdSgbi_nGbLQThe7_iuT-y1Jm53sgd-0xN0NHBGnp15Bef2BrXOvB2O1tQzRuQKjn7Ict0eq9kMRW2cu8YX7DGjvhC8CTA-1RVAJBAx1PK3FbBvnWg-KVD_Jr-wH-g76pZgXMbBerGLu3KtbussLqT-h0tzgesgf_xYtHCjRN3lQz49zPbW783jB43YjD-OMNmwFA1cARjB7zyL5Igo1KzfSuf8cvoS91A6wywiKmRWek-mc-WcyZ-m6GRZN5t5kQ-ba2UP3SzNDsM_4VtWwh1zkqRVLO4HbAGuMb0P2HsvuaOMvoNblm2NEjKvlgli-X_U5MGjlJJZtBsqNVABEXqVEcOLwW1K76r12IxIhoiold0aX2x7O01GNU2cX9_jULzhL-bP6KcfMROmBPoSiJqFDjm3r383MnCF5R7_PZllXcLrXBRDU_mvmPBx-deptOb51hy2N66QfHReTBCjTxaXqqzfJhWgqv73Cifvsg4pJ6kCrz3s6iKo8LDelWkUwxz5N5YlYrYHfIddX-jVBchyoGQWcVwqD6-brkAcgDox-c_cb1chJDFM6F-PNZCo4ZcuFAwMDLa1LKRUz6dHf6BCS1mcqdNGXTigqKoUn4sD5VHZiahNCS3GTRBAMJQ23z2h3j77BL81CYK0yVaRCpIRTlRZKyS3tKlxEhvm3g3aMAX94lZ5FsLhRNZ3gCpBywwRcCTmZnSlFM9sh9NLD2SbeNMpUNf50Zu88f8RPkrZ18wqZoJNVpCdQHuELR6SfHjERidq1MVt0C9PwS5bA9lH4clga8UvyiE5vLs1JyLiageiL7WiFShlaWzEJKb_3j88TG8Z9LKB9faZEKyvHwSYsXKbYQTuBI1TzeFiiL-wXmjvAqu_oIs2VJCrLOystPSTcNWX1m_srqDnVrfc3Dp1sULXQlZT8UpoA2qnCKL9Ro6kJrMp7hxHuFHo3oRhSDgEuLTWA-hkdsdjnsLmOvuOHxgzTaEWIQj_1NIqmKY1iv-9dA0Ten7D4G639Msq7BR-LPl1ou82ergFg6mTRdEwZHbaUJn4KtFlXGG8sAiqw5uSVMPGH6RFMbp6xcWzBZNmBW_bql_H34Ih0r7Tc0OrVptjDzRxjeLb5idjQrmegpr2qWWyh8efypXHqr71my9hny51tOyEdzCRKN-WjBv5Eot0g7AearVKvnNGBIqKE26sOzrCHodNSguiuTyiF6IKujTBzFjOYjpujTgTgsDEueJAwUuIDvz38xGiT59-uXYGFyU8-Cw-89pgDUlGpgMIdberptirtc2bj8lgg_fg9iS6M9j7EAq-_8FZaY250kSP6uuLldlIh6rGql_g4maENUI14ovZJ6BOfFGdnMe1_xWQQRSLZge&cid=CAASJ-RodZ-gocGWblSdZVHtdIBj7vq4wkg6AAwXKBXHWo2BUiTYQkYfhQ&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7fe7fae54822b386f4189cba6b42ca5e39b588f351890cb720e2df3a235c2ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16723
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5E5E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BotoEarvTLeafR4P6X1A7r1nvT-5qDz9a0Qx9oYRfpuKbqoC6Gm7X5dM47FLF5q_RbDOM2d0p_euAmApfPeqbxa_Hf4ohnhMpzCTLbDAs7WbWb8TA
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 5E5E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8749
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 21:33:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 20 Jul 2022 16:14:41 GMT
it
ag.yieldoptimizer.com/ag/ Frame 5E5E 		43 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.yieldoptimizer.com/ag/it?ac=88177546&n=9&cb=1658332717934523
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.74.200 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
200.74.201.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:37 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
analytics
tag.yieldoptimizer.com/ps/ Frame 5E5E
Redirect Chain
  • https://tag.yieldoptimizer.com/ps/analytics?pxid=120770&
  • https://tag.yieldoptimizer.com/ps/analytics?tc=524919801&pxid=120770&
43 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag.yieldoptimizer.com/ps/analytics?tc=524919801&pxid=120770&
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
35.190.52.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.52.190.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:37 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location
https://tag.yieldoptimizer.com/ps/analytics?tc=524919801&pxid=120770&
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame 5E5E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/window_focus_fy2021.js
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:47:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
695
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:47:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5E5E 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43203
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658144321100200"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Jul 2022 15:58:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/ Frame 5E5E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220718/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e352bd3598be515c20c398e90549e3f966fbce570d88adea32a7f43de7b08f83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:55:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7322
x-xss-protection
0
server
cafe
etag
17958847364917198933
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:55:13 GMT
l
www.google.com/ads/measurement/ Frame 5E5E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS_faSoFVBMxbCf0PO2uajFneU84VLbz5fhW1Em6qbdHOI_yKr_dJ2ZtHAM88ShDAuFwL4djgvJSOt3_xMAYhL5Y6CaVQ
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
increment
id5-sync.com/api/esp/ 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:38 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
strict-transport-security
max-age=63072000; includeSubDomains; preload
rum
dsum-sec.casalemedia.com/ Frame 6AE5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYlZKoywEwAQ&v=APEucNW4cqm2-OomguBA3O7iJM1sR6EcwkySbz_DlLPPqZFdWjYuCxkdvcgdFnAz4MXt7_vk-XC7PXQpSGyyWvBl1KQM3om6rw
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce644196409f2-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6WweUXdQqXHBo%2F3k3RIiM8Lll7LRjRbFbjOF17fScJ0DpD4BpoO0LZ6hR2TfCnaAJMAZ39Mhskr6rPVUtzNbPnoTiVT97nKyuw1iheilO3or%2BKbdRNv9RtfTx%2FS%2FyZ7v2ZOuE8H7Aljwjw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6AE5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtgmLaNUKrapf3hd7CxpWwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
43 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYlZKoywEwAQ&v=APEucNW4cqm2-OomguBA3O7iJM1sR6EcwkySbz_DlLPPqZFdWjYuCxkdvcgdFnAz4MXt7_vk-XC7PXQpSGyyWvBl1KQM3om6rw
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce64559a2b3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f1gZ5NiY2xBydAwRZmRtYE1PrdYY9If5VR2PLSeQJ4MP0zqoriTDAvJy3FUoiQtpJ9J0419gNVFivRvl%2FJG5o49OXfgbl9ZcXxr64OjxIV7RbT99uiybK8uCF99MC7MKacMuhjIrmnoz5g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 6AE5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKZrlcdFNokcOcOhNZrbgVg&google_cver=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKZrlcdFNokcOcOhNZrbgVg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYlZKoywEwAQ&v=APEucNW4cqm2-OomguBA3O7iJM1sR6EcwkySbz_DlLPPqZFdWjYuCxkdvcgdFnAz4MXt7_vk-XC7PXQpSGyyWvBl1KQM3om6rw
Protocol
HTTP/1.1
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:38 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
c5d6b16d-9919-41ef-b5c7-9ff1dcab6371
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKZrlcdFNokcOcOhNZrbgVg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6AE5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM0MzI1NDY2OTIxNjU3NTY4Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM0MzI1NDY2OTIxNjU3NTY4Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYlZKoywEwAQ&v=APEucNW4cqm2-OomguBA3O7iJM1sR6EcwkySbz_DlLPPqZFdWjYuCxkdvcgdFnAz4MXt7_vk-XC7PXQpSGyyWvBl1KQM3om6rw
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:38 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
d3ae8a6b-074a-4bf7-a22c-6ef90e50c7d1
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM0MzI1NDY2OTIxNjU3NTY4Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C15D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
43 B
834 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYvJaoywEwAQ&v=APEucNWvA7FfXQzICE1C7VrggOluQQ4srgRqG6tutVKFysiTYJs8wHKMg2IvyPVdd4Jid0ar9976-ye4CQGq8UPOBUXJ9fLnuQ
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce64449ae09f2-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e21xnk922grJjbFnpPWOZuZpJGvqqaKSfZ6Atbr5mYbBV4QnIoyO6M22rRjW54xfmzPhhbOhi1pzFq%2FCCzsE7LXgJveh5v3r9oRuob89Y5kb5SCPXsJYBObU1ckbvYqP8ceyeOYp1Hc0%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C15D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtgmLaNUKrapf3hd7CxpWwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
43 B
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYvJaoywEwAQ&v=APEucNWvA7FfXQzICE1C7VrggOluQQ4srgRqG6tutVKFysiTYJs8wHKMg2IvyPVdd4Jid0ar9976-ye4CQGq8UPOBUXJ9fLnuQ
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce64559a0b3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyy5LsrRkxT3BmTRjxWbQZ1746BdeV5D3%2BrTMvxk6sl58AJNjDud31Lz7EzzjoaLf778GQJ%2FmBi9bAcoPeL%2FHgo2OJXvSVnYRY70cmpqDyqUySrwzG6cZKoZGF1Nb0%2B3tYQPepGwhMBjyA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame C15D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKZrlcdFNokcOcOhNZrbgVg&google_cver=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKZrlcdFNokcOcOhNZrbgVg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYvJaoywEwAQ&v=APEucNWvA7FfXQzICE1C7VrggOluQQ4srgRqG6tutVKFysiTYJs8wHKMg2IvyPVdd4Jid0ar9976-ye4CQGq8UPOBUXJ9fLnuQ
Protocol
HTTP/1.1
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:38 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
c9dd331b-214e-40a7-aa3e-c32a648f73c6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKZrlcdFNokcOcOhNZrbgVg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C15D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM0MzI1NDY2OTIxNjU3NTY4Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM0MzI1NDY2OTIxNjU3NTY4Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYvJaoywEwAQ&v=APEucNWvA7FfXQzICE1C7VrggOluQQ4srgRqG6tutVKFysiTYJs8wHKMg2IvyPVdd4Jid0ar9976-ye4CQGq8UPOBUXJ9fLnuQ
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:38 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
6381d728-8c34-479b-b231-6757035eedb4
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM0MzI1NDY2OTIxNjU3NTY4Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9FAD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHJsb0CENP816YDGPDPw84BMAE&v=APEucNUSu2XvjdNvdmdSQGkMAjnMTdjWF49UY_mLgLcaXF5w_mIQW1_vTFqRTlBJyaDtpHASHk-6dAczPdc11UdGbxRz8T0jyA
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce64449b009f2-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzR09RvYXA82GBuO%2Btyk4zbtWUDu1j%2B0ylLKA%2FS7w0KrzR3BroNTN09XtBEAcic0pj8HWG%2B42a1OKbmGpPnxC%2FqIQdc8SYMXRjYRSwjKGX5GIus5ckUYS9naXKfToROVXaOnLerqhT002w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 9FAD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtgmLaNUKrapf3hd7CxpWwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
43 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHJsb0CENP816YDGPDPw84BMAE&v=APEucNUSu2XvjdNvdmdSQGkMAjnMTdjWF49UY_mLgLcaXF5w_mIQW1_vTFqRTlBJyaDtpHASHk-6dAczPdc11UdGbxRz8T0jyA
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce645599eb3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBHCqY71qrUbJ9TSGabHw1RArD8z%2F%2FSu1W2vRCb7cOj8QtB9B2g0O0XCq8hXIB6YPfDq1H3KEh4xGMjBEGDMh6AumdG4SA9PFpuazt5c5sS66SSafrvTcAE35839XAYFU2Ls0uSmKeYMEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 9FAD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKZrlcdFNokcOcOhNZrbgVg&google_cver=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKZrlcdFNokcOcOhNZrbgVg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHJsb0CENP816YDGPDPw84BMAE&v=APEucNUSu2XvjdNvdmdSQGkMAjnMTdjWF49UY_mLgLcaXF5w_mIQW1_vTFqRTlBJyaDtpHASHk-6dAczPdc11UdGbxRz8T0jyA
Protocol
HTTP/1.1
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:38 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
995b61fa-e92e-42c2-9f78-463e1345f6c1
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKZrlcdFNokcOcOhNZrbgVg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9FAD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM0MzI1NDY2OTIxNjU3NTY4Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM0MzI1NDY2OTIxNjU3NTY4Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHJsb0CENP816YDGPDPw84BMAE&v=APEucNUSu2XvjdNvdmdSQGkMAjnMTdjWF49UY_mLgLcaXF5w_mIQW1_vTFqRTlBJyaDtpHASHk-6dAczPdc11UdGbxRz8T0jyA
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:38 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
1f6ad0dd-01e9-4d4a-8b77-d2ef2ff673b2
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM0MzI1NDY2OTIxNjU3NTY4Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 82F8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6EFBDboaEBGMSZx8sBMAE&v=APEucNW_k9BmP28jNwvOMWY43QCEoY3HxBlEhdgLPDrwmmOha3rMoa3MyNDo9j7saX0ZkBC9uaNmSY95VRRFEe_RGRPAxwJePg
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce64449b409f2-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IJ%2BNp5dM8rMNPLK0aqxfvJOfJg%2BetlQeQbpkyZ8Gv6f4X6cUG%2BdiFUTMFE4f%2BR%2BMdhPxMjpPCXckvxlCyrKr0w1ky1P8a06LUpBkXWctOG%2B3z3El6LKk6KRgJJey3NE3G35UJ1ObQD4tZw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 82F8
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YtgmLaNUKrapf3hd7CxpWwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
43 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6EFBDboaEBGMSZx8sBMAE&v=APEucNW_k9BmP28jNwvOMWY43QCEoY3HxBlEhdgLPDrwmmOha3rMoa3MyNDo9j7saX0ZkBC9uaNmSY95VRRFEe_RGRPAxwJePg
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce6455999b3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eVwHi7R%2BSM%2Fm7E5LoXhEEMkycGPMLaNYqpqrd6drbBX0njrccOO018h55smjNm%2BphpILrdwQjpiwqNXNHpaeYKLScGLH6pnK37A%2BTCz144pLmlcd%2BL9ZUbp2vN%2FMbPnUN5Cv0gGaIzjx2w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAYJZLu_G5FX6TqcGUxx0o4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 82F8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKZrlcdFNokcOcOhNZrbgVg&google_cver=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKZrlcdFNokcOcOhNZrbgVg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6EFBDboaEBGMSZx8sBMAE&v=APEucNW_k9BmP28jNwvOMWY43QCEoY3HxBlEhdgLPDrwmmOha3rMoa3MyNDo9j7saX0ZkBC9uaNmSY95VRRFEe_RGRPAxwJePg
Protocol
HTTP/1.1
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:38 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
91d86496-df70-404e-bbc3-5d9c12ceee0b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKZrlcdFNokcOcOhNZrbgVg&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 82F8
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM0MzI1NDY2OTIxNjU3NTY4Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM0MzI1NDY2OTIxNjU3NTY4Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK6EFBDboaEBGMSZx8sBMAE&v=APEucNW_k9BmP28jNwvOMWY43QCEoY3HxBlEhdgLPDrwmmOha3rMoa3MyNDo9j7saX0ZkBC9uaNmSY95VRRFEe_RGRPAxwJePg
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:38 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
534f3b33-97c1-45ca-9bc8-a50c12536b1f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODM0MzI1NDY2OTIxNjU3NTY4Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/ Frame 5E5E 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DEWmxNzFKxyo-uISZKH1cYOtV5EJVw-Il3A4OcKh65euUCvodcKs2vDO18q2Ftol1zEqgmdypQLgZgLu-MWEr-3hWmuDIl82QTNXDNGPAsOcbxYSYETf9BTjtcrIDCACEzJOT5perOItOF7DqC3AHXbnkCpg&cry=1&dbm_d=AKAmf-CPA6reYh1-JqxGzBJH5Qh9hQOo-Fq6tE47ElqrYTHlUswWqYpUuUOtsQ1ogIEwESQY_O0zk4JtnJYyP15vh9EoaI2WSoMIOqajkI32vJDZ8bISy2HJCs0nfZFpwdGdsC-CGiMKV4_5jVYEoM1rBTXdZ1I6doisGCdJx0FvQRcAh17pB21EEBGccJuxIFnBLVfz0l01h4FddmqP7uh2spgf0zg1_3Ko9-6Zkz0czcZUAz-WP9Fp__xH0RpYUik2LYQlUwbUKgw9zhmZezipHKoGEQWU8fEJLaF6wD-AHMsbmH7xQFQSnKcTc6eEZh3pMfke9nsa0hSWQY_g-hHI2j1M5vNCR159SL-H_Nb6OnSFYUI_pCUzUGinEOTVo-dSO3L3nMzD0Z8v4gz0QgZ1jrWepR_g3ymTB7w4EBq8fKnoSUvdCVUobfBLBoDfKHP47G2m1ZJZeVwWSnzBRDJhrSaF_WqK3-64snO3OE_OusO1nc4XDK4YiXejd-cfvarOcgyQklAjaEN04Afb_sCd-MGqQf2ZVp7-ES5cVrc6EExhOG61Bb6ua3eWjhIBzmeZS-UKLZmJigblzo78nSEoVxug6QqlBMJGQNiHAnDEAM9jzJwl3qJZvCdZ7eYNQTm-Qrx-0X8gWuj6oHey9avA0l2RnqaD-WsHFF9wnTvF8U8yTcBM4OJO_FUhYVALBAt0Puf-nG83dKm7eC778VWV6My_-WDpaJYNlt09RTyP4t6kD6XOaGHcMwm5z0HKT9TfKS27Oua9jUuVEFG1pOOU7Y4pJLw0tWjWh5YJNtQ-j_Smk2MtUuts-B5bpjCSWEhGb6hRWHWtDXuxa-oz5M7elzG_bs0qxG1YxVRv_BKk_xa2NmmhloK8UGxfptFBShqpo2L3CE4LYOhI9qZ9vQ2lUUc2FXhV5PCGXD7G9x9ZJlmytYSG_umUB7VHi8D5SADZx9He48DOn29L0x_i_7zbSNusDTBn-dfPNnt5z5Yx2n860JvZ6U-sDA2CO-ZvupJvpqVio9jxtUG4A-mAdp9b_QSb2vtxVEz2Axsn-RZqnbVbbOWZiAE3UccQ9JIkq-Tafl61X8Y3P7EUq_CqmXKPnDCs2LdAZRiVilZDZGLx6T8K4WI5qgx2KHZ4JyIdKI8L5tAr4u_HVL5e7yInOc58WeRhNSYaa47v0QWMZhr76rNdy2Cq2YFX_mXCZ-EhHeE9j-GTxPlBMIeZ18kOYc5vZeNFjsMqxDh-p_Jgh70BGA3ogcOnkyoA-2RTqZF9hsZgXqOvYqNF2gK0HRikC5kpz4tOgQh1V1J33yqqgJwQRUqUfwj_7ABrKro2-wlRpdnTnvaJ-ezSHoHbUZhefMyumwsFY9qmG8Seu3iP3zirQn92sqkJaqJEQJ202IcdRkqueVbynA_jElmoMC-tNkCnFQVCJYu5w6DLGEjZzUUBD5zwEERhrsWHmY_xs_eab-07I4Y6-M9l8v2qqA3fh8h-Wz8NBtz2FZlBPAfr4ayUlYJWGkB1vcoVmB_IyWLEWpFtGPGR8W6v3AdAhviezznzL0K-65Xzh_c3m87b2m14fsrLbt2ihXBThhk74kalSgW2-b28hSCPy5CWkdSg2lJX2pCSjGarkG_dnUcvkfDZtDoBR0Os3o47ZZQHtW_GSAsoT6uRG0GRF_4nb9kXoPJdu3OIdaczaxOEG5pMl3-hgGN2pNFuO9XFPz8rCcBlhkyh59Uih6Vn0LZVTwtu5ggbNehg4uTjlmo5BLXholbesLJn5oUSGQ6CjyxUTbJ1Ax2Zy6-pl2WLybR20GXMwp5jDDNoE955KHRmfuwpsMUTbp3JDLNdF5YAgtPFRG8xVYodnoDkoLgs3Rv3JYBJ0MR_lBMh-qkUmp2DhpksO74EOGMyE1a60YUq9AgoB2IHfXGvFCYmypUCi5xMWecGxKZcZAjThFwA8UDh6vrGHDrnk6ld1VITIFLe7W_i2cvvDOoR8L1QVE0emHD0XAs32wyP-fMO2OyexMFd1Ex29XfdSgbi_nGbLQThe7_iuT-y1Jm53sgd-0xN0NHBGnp15Bef2BrXOvB2O1tQzRuQKjn7Ict0eq9kMRW2cu8YX7DGjvhC8CTA-1RVAJBAx1PK3FbBvnWg-KVD_Jr-wH-g76pZgXMbBerGLu3KtbussLqT-h0tzgesgf_xYtHCjRN3lQz49zPbW783jB43YjD-OMNmwFA1cARjB7zyL5Igo1KzfSuf8cvoS91A6wywiKmRWek-mc-WcyZ-m6GRZN5t5kQ-ba2UP3SzNDsM_4VtWwh1zkqRVLO4HbAGuMb0P2HsvuaOMvoNblm2NEjKvlgli-X_U5MGjlJJZtBsqNVABEXqVEcOLwW1K76r12IxIhoiold0aX2x7O01GNU2cX9_jULzhL-bP6KcfMROmBPoSiJqFDjm3r383MnCF5R7_PZllXcLrXBRDU_mvmPBx-deptOb51hy2N66QfHReTBCjTxaXqqzfJhWgqv73Cifvsg4pJ6kCrz3s6iKo8LDelWkUwxz5N5YlYrYHfIddX-jVBchyoGQWcVwqD6-brkAcgDox-c_cb1chJDFM6F-PNZCo4ZcuFAwMDLa1LKRUz6dHf6BCS1mcqdNGXTigqKoUn4sD5VHZiahNCS3GTRBAMJQ23z2h3j77BL81CYK0yVaRCpIRTlRZKyS3tKlxEhvm3g3aMAX94lZ5FsLhRNZ3gCpBywwRcCTmZnSlFM9sh9NLD2SbeNMpUNf50Zu88f8RPkrZ18wqZoJNVpCdQHuELR6SfHjERidq1MVt0C9PwS5bA9lH4clga8UvyiE5vLs1JyLiageiL7WiFShlaWzEJKb_3j88TG8Z9LKB9faZEKyvHwSYsXKbYQTuBI1TzeFiiL-wXmjvAqu_oIs2VJCrLOystPSTcNWX1m_srqDnVrfc3Dp1sULXQlZT8UpoA2qnCKL9Ro6kJrMp7hxHuFHo3oRhSDgEuLTWA-hkdsdjnsLmOvuOHxgzTaEWIQj_1NIqmKY1iv-9dA0Ten7D4G639Msq7BR-LPl1ou82ergFg6mTRdEwZHbaUJn4KtFlXGG8sAiqw5uSVMPGH6RFMbp6xcWzBZNmBW_bql_H34Ih0r7Tc0OrVptjDzRxjeLb5idjQrmegpr2qWWyh8efypXHqr71my9hny51tOyEdzCRKN-WjBv5Eot0g7AearVKvnNGBIqKE26sOzrCHodNSguiuTyiF6IKujTBzFjOYjpujTgTgsDEueJAwUuIDvz38xGiT59-uXYGFyU8-Cw-89pgDUlGpgMIdberptirtc2bj8lgg_fg9iS6M9j7EAq-_8FZaY250kSP6uuLldlIh6rGql_g4maENUI14ovZJ6BOfFGdnMe1_xWQQRSLZge&cid=CAASJ-RodZ-gocGWblSdZVHtdIBj7vq4wkg6AAwXKBXHWo2BUiTYQkYfhQ&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18091a39db3bc6d68a187de5d46d8f28e49beb8d9431e9c8e5e9db7cb071dc65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:51:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
421
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10561
x-xss-protection
0
server
cafe
etag
14610481443806215460
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:51:37 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 5E5E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DEWmxNzFKxyo-uISZKH1cYOtV5EJVw-Il3A4OcKh65euUCvodcKs2vDO18q2Ftol1zEqgmdypQLgZgLu-MWEr-3hWmuDIl82QTNXDNGPAsOcbxYSYETf9BTjtcrIDCACEzJOT5perOItOF7DqC3AHXbnkCpg&cry=1&dbm_d=AKAmf-CPA6reYh1-JqxGzBJH5Qh9hQOo-Fq6tE47ElqrYTHlUswWqYpUuUOtsQ1ogIEwESQY_O0zk4JtnJYyP15vh9EoaI2WSoMIOqajkI32vJDZ8bISy2HJCs0nfZFpwdGdsC-CGiMKV4_5jVYEoM1rBTXdZ1I6doisGCdJx0FvQRcAh17pB21EEBGccJuxIFnBLVfz0l01h4FddmqP7uh2spgf0zg1_3Ko9-6Zkz0czcZUAz-WP9Fp__xH0RpYUik2LYQlUwbUKgw9zhmZezipHKoGEQWU8fEJLaF6wD-AHMsbmH7xQFQSnKcTc6eEZh3pMfke9nsa0hSWQY_g-hHI2j1M5vNCR159SL-H_Nb6OnSFYUI_pCUzUGinEOTVo-dSO3L3nMzD0Z8v4gz0QgZ1jrWepR_g3ymTB7w4EBq8fKnoSUvdCVUobfBLBoDfKHP47G2m1ZJZeVwWSnzBRDJhrSaF_WqK3-64snO3OE_OusO1nc4XDK4YiXejd-cfvarOcgyQklAjaEN04Afb_sCd-MGqQf2ZVp7-ES5cVrc6EExhOG61Bb6ua3eWjhIBzmeZS-UKLZmJigblzo78nSEoVxug6QqlBMJGQNiHAnDEAM9jzJwl3qJZvCdZ7eYNQTm-Qrx-0X8gWuj6oHey9avA0l2RnqaD-WsHFF9wnTvF8U8yTcBM4OJO_FUhYVALBAt0Puf-nG83dKm7eC778VWV6My_-WDpaJYNlt09RTyP4t6kD6XOaGHcMwm5z0HKT9TfKS27Oua9jUuVEFG1pOOU7Y4pJLw0tWjWh5YJNtQ-j_Smk2MtUuts-B5bpjCSWEhGb6hRWHWtDXuxa-oz5M7elzG_bs0qxG1YxVRv_BKk_xa2NmmhloK8UGxfptFBShqpo2L3CE4LYOhI9qZ9vQ2lUUc2FXhV5PCGXD7G9x9ZJlmytYSG_umUB7VHi8D5SADZx9He48DOn29L0x_i_7zbSNusDTBn-dfPNnt5z5Yx2n860JvZ6U-sDA2CO-ZvupJvpqVio9jxtUG4A-mAdp9b_QSb2vtxVEz2Axsn-RZqnbVbbOWZiAE3UccQ9JIkq-Tafl61X8Y3P7EUq_CqmXKPnDCs2LdAZRiVilZDZGLx6T8K4WI5qgx2KHZ4JyIdKI8L5tAr4u_HVL5e7yInOc58WeRhNSYaa47v0QWMZhr76rNdy2Cq2YFX_mXCZ-EhHeE9j-GTxPlBMIeZ18kOYc5vZeNFjsMqxDh-p_Jgh70BGA3ogcOnkyoA-2RTqZF9hsZgXqOvYqNF2gK0HRikC5kpz4tOgQh1V1J33yqqgJwQRUqUfwj_7ABrKro2-wlRpdnTnvaJ-ezSHoHbUZhefMyumwsFY9qmG8Seu3iP3zirQn92sqkJaqJEQJ202IcdRkqueVbynA_jElmoMC-tNkCnFQVCJYu5w6DLGEjZzUUBD5zwEERhrsWHmY_xs_eab-07I4Y6-M9l8v2qqA3fh8h-Wz8NBtz2FZlBPAfr4ayUlYJWGkB1vcoVmB_IyWLEWpFtGPGR8W6v3AdAhviezznzL0K-65Xzh_c3m87b2m14fsrLbt2ihXBThhk74kalSgW2-b28hSCPy5CWkdSg2lJX2pCSjGarkG_dnUcvkfDZtDoBR0Os3o47ZZQHtW_GSAsoT6uRG0GRF_4nb9kXoPJdu3OIdaczaxOEG5pMl3-hgGN2pNFuO9XFPz8rCcBlhkyh59Uih6Vn0LZVTwtu5ggbNehg4uTjlmo5BLXholbesLJn5oUSGQ6CjyxUTbJ1Ax2Zy6-pl2WLybR20GXMwp5jDDNoE955KHRmfuwpsMUTbp3JDLNdF5YAgtPFRG8xVYodnoDkoLgs3Rv3JYBJ0MR_lBMh-qkUmp2DhpksO74EOGMyE1a60YUq9AgoB2IHfXGvFCYmypUCi5xMWecGxKZcZAjThFwA8UDh6vrGHDrnk6ld1VITIFLe7W_i2cvvDOoR8L1QVE0emHD0XAs32wyP-fMO2OyexMFd1Ex29XfdSgbi_nGbLQThe7_iuT-y1Jm53sgd-0xN0NHBGnp15Bef2BrXOvB2O1tQzRuQKjn7Ict0eq9kMRW2cu8YX7DGjvhC8CTA-1RVAJBAx1PK3FbBvnWg-KVD_Jr-wH-g76pZgXMbBerGLu3KtbussLqT-h0tzgesgf_xYtHCjRN3lQz49zPbW783jB43YjD-OMNmwFA1cARjB7zyL5Igo1KzfSuf8cvoS91A6wywiKmRWek-mc-WcyZ-m6GRZN5t5kQ-ba2UP3SzNDsM_4VtWwh1zkqRVLO4HbAGuMb0P2HsvuaOMvoNblm2NEjKvlgli-X_U5MGjlJJZtBsqNVABEXqVEcOLwW1K76r12IxIhoiold0aX2x7O01GNU2cX9_jULzhL-bP6KcfMROmBPoSiJqFDjm3r383MnCF5R7_PZllXcLrXBRDU_mvmPBx-deptOb51hy2N66QfHReTBCjTxaXqqzfJhWgqv73Cifvsg4pJ6kCrz3s6iKo8LDelWkUwxz5N5YlYrYHfIddX-jVBchyoGQWcVwqD6-brkAcgDox-c_cb1chJDFM6F-PNZCo4ZcuFAwMDLa1LKRUz6dHf6BCS1mcqdNGXTigqKoUn4sD5VHZiahNCS3GTRBAMJQ23z2h3j77BL81CYK0yVaRCpIRTlRZKyS3tKlxEhvm3g3aMAX94lZ5FsLhRNZ3gCpBywwRcCTmZnSlFM9sh9NLD2SbeNMpUNf50Zu88f8RPkrZ18wqZoJNVpCdQHuELR6SfHjERidq1MVt0C9PwS5bA9lH4clga8UvyiE5vLs1JyLiageiL7WiFShlaWzEJKb_3j88TG8Z9LKB9faZEKyvHwSYsXKbYQTuBI1TzeFiiL-wXmjvAqu_oIs2VJCrLOystPSTcNWX1m_srqDnVrfc3Dp1sULXQlZT8UpoA2qnCKL9Ro6kJrMp7hxHuFHo3oRhSDgEuLTWA-hkdsdjnsLmOvuOHxgzTaEWIQj_1NIqmKY1iv-9dA0Ten7D4G639Msq7BR-LPl1ou82ergFg6mTRdEwZHbaUJn4KtFlXGG8sAiqw5uSVMPGH6RFMbp6xcWzBZNmBW_bql_H34Ih0r7Tc0OrVptjDzRxjeLb5idjQrmegpr2qWWyh8efypXHqr71my9hny51tOyEdzCRKN-WjBv5Eot0g7AearVKvnNGBIqKE26sOzrCHodNSguiuTyiF6IKujTBzFjOYjpujTgTgsDEueJAwUuIDvz38xGiT59-uXYGFyU8-Cw-89pgDUlGpgMIdberptirtc2bj8lgg_fg9iS6M9j7EAq-_8FZaY250kSP6uuLldlIh6rGql_g4maENUI14ovZJ6BOfFGdnMe1_xWQQRSLZge&cid=CAASJ-RodZ-gocGWblSdZVHtdIBj7vq4wkg6AAwXKBXHWo2BUiTYQkYfhQ&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 11:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 11:58:57 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 02C2 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
220373
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Jul 2022 02:45:45 GMT
expires
Tue, 18 Jul 2023 02:45:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 74FF 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
Origin
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:28:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Jul 2022 15:28:38 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/ Frame 74FF 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRXnq7JV4fPLfZRvKhxfJkz_ao5UENtC6a8CtoW3u5LJbHvRYJrnAIkpM14NhGZWA6-7KCN1fJvLNZfyqpEZp_R2nl2Q&cry=1&dbm_d=AKAmf-C3O7BOxTLKhhAP_q3ta7EBI2jq1zwXLrFZPPBcsMYT_xSGOSchTpvMEQorrudb6mTTddPnjQQduAT62yRKhfIbCVGRPWZxOVPABo3N53uQD7v3JGRdiz0A88GY81BLgY3gKNZk_70WWdEqwl5659yUHDbKnul-699SvPxcS6DnvaQ-d43Nk4PuY1thTdPjMBOyUrJrZr6LzgL5b76WBsbhWbQm_Z98lKayd-2WxvJg4Z54-eYFl_jip_TpVnhd9WjWNU8SBUMkHpVziSNcSO5gvM9aTrYX9oUDsKrwpLkiWVsKwZfNcWuMVafRoY2jMDRt-t4i-yYVOlUxW3d-uah9owrigElJIyBOUqFCHqXfZNH94Xq_PoJwZ1-Y_N-hZZLHJ7UPL4YveN4nlmC6ZQvrcwWirJFjEz3R-UKAPXXuzE6oy17FO-gFWedlX70eB30oCXANBQyJxs5yUk1HKxQRrHNYd0QbwT-6m7sxO9eDS4KiZS-LgojhChThBoxIOrOauecC6CGUWeHAOkKL6CWEX0FToxqNQLkpQxNVVxSHdwaaZaB3Sjt9M1PLSyKHM0-Hwx8bhUQFEJqJeGVsWGNo2kYF_hnuaWHty5Q9DIkRUKWHKVnjudtUMfAXDipdwvMXtCzhm9CtWYkxip2bKfXe2T1zA4d7PP_POfQPYXyqVvA767uehXzNhAoz2qkD0kDmGx3aUBm8Q36UxqtAS1AmB7bGZJi_d8G6twdc2GgCKPCuwux0ENUz9vXVmVJEZK1FkehMMhs21I11CsX_ereoufwWq9tJPZVEEkXanSMmLFQY7k3LCOFL8QQB_JA9k2FZCietsuv53ysAsA6vor73A2GZwFcXBTpb9t26IJb9kjqWrRcD9dPKggvFVCzI30rlx554mpkTcGjO_ixYHc0MNnDqbFgP-XyhkEvbshQmRZ2UTkJHMOcgxiQfa7EDmDzXts3YY4HFLER-eMxMXXpV-0FdO-_1zWaPktXFgrVUziQ4DXBC85JTBKzLPfyqEYb-urcu4hyU-shABhT3zHS_LNn-HGQmZJEfJ0D8hYCfP846sURcLYJk0OJQHpZL68M5-gHFXwZzfPYp6vzfFvmiUOLfMr7Ek5NSFbrQpczUa4Ix6kQXkUMCphsMm-ULDU2et-RSJAPdlAkFJtUtGtCYSwFPtsqaqpsHs8DdWsGtB-YIk6RphqYrC_qX3UQBN7HNtmcjS0Gk8pCjYVgnBhz_jVIVfey3gZeshHlinAPYujUaUcfJdX-fq0QPGUs43UqN6TZMNhRQg_XJJfFozaWNR1Md_WoaiPUZQYQoHTj2wz5j5rMJN_6ZhPgI7GapxEcbeNgwzrHkPMs9VrwEHfv0Ld65SHGavgfvHuX6k_sqGLlvcyZB1Q-Mrugse1paJg-Qm7hkdRp0QIi0RyQzIxbATORHCJTkZ52XsAEX40TmRcfMSYZTzIIGn6znjj56Zu5odu3zkkAkx17-jtaQyFzENfteTFVSsSHHPZWoFEUP5Ixkb1qW9SWc7MqqmyJlyn5OJ849vZrQ4kYB5BdLGckBlakNtmWvlUGTBp9QMwMGWwiG-ufGP9nEA9_Y9L2rhghsMAwx3iqa812EWsNjrYRI064RoclcRaYiv-2w5XrEbN2UBZDyJ3punJwtmW3-f0UuHWq_RruEzwTte0SYkE5Q8R4flGsWQNgm8ENKdWd0xwymT6fvpS_JscimCSSC1rfZa5-tVI0vBVEws0IhLB7VRCebO0-v_1QVpW_BXM1fzLHaVXrZhrbnNNb8vrAjWqlAiRn0PkazofIi4DhcV3G4ZZ5LNlZMDqjzRfp3ft9fMX_AYvS4eO2gNFaD1cnPiSKhZpW9c0P6_hie4_xd6fDEL0EVGwniQ7MAPqGDBjNrhAsOOO67h4B6KSseNEyxQEvKeuk6Hm6YbqhG3iFfEWDiJiqZcuryAeh6nuu5K15nS_bcF4Ekd7a8b19PESgp9W7c9wDWoxV3EEOhBqDzNFj5iv0AiqYJfrJG8ZIt30z7jEWTF66grIc0C_--1TEWZHonDkwdF2tjWstxg4AGusF4L4kQy7dFj33vjiTpz7NV1-rflabPQa206TempBi9Kuhq9zPUbfGRSVwsQ5o999PFzSvBFwEyk4xcWcPpxPC4irLXzrObewOphuE7xltOiXws-9rpdb8UyFhjn1brYnjfPg5ZI5CoodRBH9Ml4_EGt5HlW0hbElCKJuitYHXRxP5AShllE34h1FV74-iyLhduY_OHgzj5xptXPVDYMJD9TOFkQZiX4o5E_yJs1mDsIKUdLU9viYa92-SCVBXFk7OJPdMJFVppbPkiC6kw3jQRDQ0lGOTCvn3lDAhnfaWnM_csr0S7FP0xN8PA02GHlbQtvAYGrcEIgaaTWAlGWDhYqjiKVR4ol01MnpCbjrHBBPjoEeHGOpm1mBT-fDnin1YfsDWfCcC7_ei0k7GGnj3EqneLhdqgMASU9-TNyb9G1QG0MCWzexFP3wfAw0U6qsI97O2V1qj5Ik4pL7FFGpQOltrEAHFOZfav2t7AMPn6b0tm91q6ko-n6lscM6c6hbHCKXsjN9sFDvx7qFXMjTkuJyzhBtmMmXnzDvlK1BscvXddI14_LZnHUuuXuCtVlJbBtifxGyCjm-Fo3tvB-Ca2QXpkwRR10UQzNLb7rmvIvmBKVfBFc5uGmtLq6OdM7GqVfkbz8lH6LvqqcFbO1uapxUck9dgii0Q1pIe2DKH6NUOeNNTW_k_iN_2u5c7xLDsB2LyB6hnEsBqfn2i6uFCkHA941SMiq8zRfYIwDcdO0_0b2mmSZik6TZvGblmbkOni38xo_vumiFMtwPSQ-dCDtyOkr-Jp_vNouGYG6iqTOHMGhKj8ERyU00gtHM107QksMv0TuDbFwuEiIzHc1V3Hdb6itw0s2yDsyHhMe6fy13uj1T1suMWInN0e-TMEk0eD-M2s5Sj7HyMJXjwLww4_oJcYdJO65o4xdRv3M-xKzqQuWt0DnFl1TfHeCbnebJosajdIOfvMGBT8WWjeBPPGjHkRFsQCWHlCFPfRYvfK2K2WkdviSOc2I3SEahPmOP2TSLEzJUcq3GzGzrhgxiQZAcKcaQPUfcbqctIfBXYlR6orvOz2bFIMP-AZmtfK2p1vJpa2zICHdwAyK-VkAHj1UxswXNlj92RSJ-HLFgOFcpKFHkYc7ZmKwLP-gjCNBsqFVyq88WxzdzDOuD255nORVu_6e8NU4EqydClY4bNBpVWqLeIeiVbzITJy96pxRbjGRn-kNtpUn5Xqht2jJ8XXi7lZB0RiwbxS9kxaBoxUOpuoHWKTVL57vKOiN6cLwNQqW_SIrUsVkQbPBx3Jq5bXG8_l-ahyjS7iNWi9_ydu4LYm3W3C&cid=CAASJ-RoT7Ys88lHYhI80EhqZofBeMIGre4R5FsTR39XPLNExKp2vtkyhA&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:19:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2355
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:19:23 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/ Frame 74FF 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DRXnq7JV4fPLfZRvKhxfJkz_ao5UENtC6a8CtoW3u5LJbHvRYJrnAIkpM14NhGZWA6-7KCN1fJvLNZfyqpEZp_R2nl2Q&cry=1&dbm_d=AKAmf-C3O7BOxTLKhhAP_q3ta7EBI2jq1zwXLrFZPPBcsMYT_xSGOSchTpvMEQorrudb6mTTddPnjQQduAT62yRKhfIbCVGRPWZxOVPABo3N53uQD7v3JGRdiz0A88GY81BLgY3gKNZk_70WWdEqwl5659yUHDbKnul-699SvPxcS6DnvaQ-d43Nk4PuY1thTdPjMBOyUrJrZr6LzgL5b76WBsbhWbQm_Z98lKayd-2WxvJg4Z54-eYFl_jip_TpVnhd9WjWNU8SBUMkHpVziSNcSO5gvM9aTrYX9oUDsKrwpLkiWVsKwZfNcWuMVafRoY2jMDRt-t4i-yYVOlUxW3d-uah9owrigElJIyBOUqFCHqXfZNH94Xq_PoJwZ1-Y_N-hZZLHJ7UPL4YveN4nlmC6ZQvrcwWirJFjEz3R-UKAPXXuzE6oy17FO-gFWedlX70eB30oCXANBQyJxs5yUk1HKxQRrHNYd0QbwT-6m7sxO9eDS4KiZS-LgojhChThBoxIOrOauecC6CGUWeHAOkKL6CWEX0FToxqNQLkpQxNVVxSHdwaaZaB3Sjt9M1PLSyKHM0-Hwx8bhUQFEJqJeGVsWGNo2kYF_hnuaWHty5Q9DIkRUKWHKVnjudtUMfAXDipdwvMXtCzhm9CtWYkxip2bKfXe2T1zA4d7PP_POfQPYXyqVvA767uehXzNhAoz2qkD0kDmGx3aUBm8Q36UxqtAS1AmB7bGZJi_d8G6twdc2GgCKPCuwux0ENUz9vXVmVJEZK1FkehMMhs21I11CsX_ereoufwWq9tJPZVEEkXanSMmLFQY7k3LCOFL8QQB_JA9k2FZCietsuv53ysAsA6vor73A2GZwFcXBTpb9t26IJb9kjqWrRcD9dPKggvFVCzI30rlx554mpkTcGjO_ixYHc0MNnDqbFgP-XyhkEvbshQmRZ2UTkJHMOcgxiQfa7EDmDzXts3YY4HFLER-eMxMXXpV-0FdO-_1zWaPktXFgrVUziQ4DXBC85JTBKzLPfyqEYb-urcu4hyU-shABhT3zHS_LNn-HGQmZJEfJ0D8hYCfP846sURcLYJk0OJQHpZL68M5-gHFXwZzfPYp6vzfFvmiUOLfMr7Ek5NSFbrQpczUa4Ix6kQXkUMCphsMm-ULDU2et-RSJAPdlAkFJtUtGtCYSwFPtsqaqpsHs8DdWsGtB-YIk6RphqYrC_qX3UQBN7HNtmcjS0Gk8pCjYVgnBhz_jVIVfey3gZeshHlinAPYujUaUcfJdX-fq0QPGUs43UqN6TZMNhRQg_XJJfFozaWNR1Md_WoaiPUZQYQoHTj2wz5j5rMJN_6ZhPgI7GapxEcbeNgwzrHkPMs9VrwEHfv0Ld65SHGavgfvHuX6k_sqGLlvcyZB1Q-Mrugse1paJg-Qm7hkdRp0QIi0RyQzIxbATORHCJTkZ52XsAEX40TmRcfMSYZTzIIGn6znjj56Zu5odu3zkkAkx17-jtaQyFzENfteTFVSsSHHPZWoFEUP5Ixkb1qW9SWc7MqqmyJlyn5OJ849vZrQ4kYB5BdLGckBlakNtmWvlUGTBp9QMwMGWwiG-ufGP9nEA9_Y9L2rhghsMAwx3iqa812EWsNjrYRI064RoclcRaYiv-2w5XrEbN2UBZDyJ3punJwtmW3-f0UuHWq_RruEzwTte0SYkE5Q8R4flGsWQNgm8ENKdWd0xwymT6fvpS_JscimCSSC1rfZa5-tVI0vBVEws0IhLB7VRCebO0-v_1QVpW_BXM1fzLHaVXrZhrbnNNb8vrAjWqlAiRn0PkazofIi4DhcV3G4ZZ5LNlZMDqjzRfp3ft9fMX_AYvS4eO2gNFaD1cnPiSKhZpW9c0P6_hie4_xd6fDEL0EVGwniQ7MAPqGDBjNrhAsOOO67h4B6KSseNEyxQEvKeuk6Hm6YbqhG3iFfEWDiJiqZcuryAeh6nuu5K15nS_bcF4Ekd7a8b19PESgp9W7c9wDWoxV3EEOhBqDzNFj5iv0AiqYJfrJG8ZIt30z7jEWTF66grIc0C_--1TEWZHonDkwdF2tjWstxg4AGusF4L4kQy7dFj33vjiTpz7NV1-rflabPQa206TempBi9Kuhq9zPUbfGRSVwsQ5o999PFzSvBFwEyk4xcWcPpxPC4irLXzrObewOphuE7xltOiXws-9rpdb8UyFhjn1brYnjfPg5ZI5CoodRBH9Ml4_EGt5HlW0hbElCKJuitYHXRxP5AShllE34h1FV74-iyLhduY_OHgzj5xptXPVDYMJD9TOFkQZiX4o5E_yJs1mDsIKUdLU9viYa92-SCVBXFk7OJPdMJFVppbPkiC6kw3jQRDQ0lGOTCvn3lDAhnfaWnM_csr0S7FP0xN8PA02GHlbQtvAYGrcEIgaaTWAlGWDhYqjiKVR4ol01MnpCbjrHBBPjoEeHGOpm1mBT-fDnin1YfsDWfCcC7_ei0k7GGnj3EqneLhdqgMASU9-TNyb9G1QG0MCWzexFP3wfAw0U6qsI97O2V1qj5Ik4pL7FFGpQOltrEAHFOZfav2t7AMPn6b0tm91q6ko-n6lscM6c6hbHCKXsjN9sFDvx7qFXMjTkuJyzhBtmMmXnzDvlK1BscvXddI14_LZnHUuuXuCtVlJbBtifxGyCjm-Fo3tvB-Ca2QXpkwRR10UQzNLb7rmvIvmBKVfBFc5uGmtLq6OdM7GqVfkbz8lH6LvqqcFbO1uapxUck9dgii0Q1pIe2DKH6NUOeNNTW_k_iN_2u5c7xLDsB2LyB6hnEsBqfn2i6uFCkHA941SMiq8zRfYIwDcdO0_0b2mmSZik6TZvGblmbkOni38xo_vumiFMtwPSQ-dCDtyOkr-Jp_vNouGYG6iqTOHMGhKj8ERyU00gtHM107QksMv0TuDbFwuEiIzHc1V3Hdb6itw0s2yDsyHhMe6fy13uj1T1suMWInN0e-TMEk0eD-M2s5Sj7HyMJXjwLww4_oJcYdJO65o4xdRv3M-xKzqQuWt0DnFl1TfHeCbnebJosajdIOfvMGBT8WWjeBPPGjHkRFsQCWHlCFPfRYvfK2K2WkdviSOc2I3SEahPmOP2TSLEzJUcq3GzGzrhgxiQZAcKcaQPUfcbqctIfBXYlR6orvOz2bFIMP-AZmtfK2p1vJpa2zICHdwAyK-VkAHj1UxswXNlj92RSJ-HLFgOFcpKFHkYc7ZmKwLP-gjCNBsqFVyq88WxzdzDOuD255nORVu_6e8NU4EqydClY4bNBpVWqLeIeiVbzITJy96pxRbjGRn-kNtpUn5Xqht2jJ8XXi7lZB0RiwbxS9kxaBoxUOpuoHWKTVL57vKOiN6cLwNQqW_SIrUsVkQbPBx3Jq5bXG8_l-ahyjS7iNWi9_ydu4LYm3W3C&cid=CAASJ-RoT7Ys88lHYhI80EhqZofBeMIGre4R5FsTR39XPLNExKp2vtkyhA&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18091a39db3bc6d68a187de5d46d8f28e49beb8d9431e9c8e5e9db7cb071dc65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:51:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
421
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10561
x-xss-protection
0
server
cafe
etag
14610481443806215460
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:51:37 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0DD1 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuggpEgbgQrufqJdcEeoNVgVHbJ-eR2rZagb8Rt-853C2OkYOQGWEo6Mom0qT9nGqHI_xWj2KMDhGibZTcScDmN4B-fLQCkk-sB8HZMCez5Ik4BnGPGTd0P5WYDgWAqx3cHUlpqWJ9RrPqYZssT1pX6QvJ5m_DBVxCDM9ZvT--U81kXZT5lgx1oc5KAvUf1TONMCSrxZofIBXtd0ahJpkoRjwzUKMDJmEm0BXU4IvUwEztNbbcsuN1ltafHEvzHw9SXkDHqXrxdJ1qRtdngHq2aV6Z2H7-aLdyz-WWPvjsB48-udBMXytggemdZgYw41QsLJez63lOSYe2zdCwED10a8xLNDMQBDBmM5HJSRopSnn5xJjHchY4AwizgNcJdvIblS1cLX_VNCNXvlCSIlL7_rKaUnC3YX8dR9GMw0CH78QZ0Bj_LaiFzBorTI6EswYFTM47B5x8gHClwA_CJ19KXUTJb-908wXNAp4u3MB5hY5zGIv2AeK6s08_MXdeWolrDPm2ikhCDWBhx6pK_v5Hc883cXNrLbpiiwR6PtEVES6KySt8T4RgCK5n5VwOUlQk06niPlWx5Uvhoq6rcvz6q-xi5PFhkYy7efojCstP3EF0Gt-Rq0KfCscrt0l4_T3rwJVbdMuhFy-WHdkw4FZo4EEWXwHj1J9p07NT4pgMlX3SMsgS6E1paZPfaHCIsTVFoWHCuKV8hW4TROOHS9_YT0jltpyXf2THX5qoPSpL8I36hPRnlaNbu_2SWTcVY4_iS7R4J1730xKB8yqJjscGLpchpZfFCLCnaEq59_1ss9Da3p5x4wkGHi3wxG_OQ09f34gQPNLSzJi7ai34pZYhmNIiA4hHQut3R5jGTtpiDqCPXYZRMKWsANPYJEHEa5PSD488twp7IPryNM11-qzdAIxZPnkz2x74qKnR5_PJpJhHNecJz7tXAiqySZhov_1AuZ0sG6QwleLDCKJ8u5taADXdceJUj1vqIOAyrPOjM4gpCQ0anl6Ov7Qsb0XtfT2BteUvRehudPyz2WY6S3_fwVWkzI7Op1rdsN4Lvb07cW3uJMw19R0qUk4ZPAdsLJTZ1q_SAP5GuIUcNSCm9UR-GR29Lxc9Gz2l2jAULRBqCzDrnszyv7FVIA0222qiJA5Ab8P94mLeYGHRELc4KX18j876Ciabx_8_wU8WTTcCXg1A9jdSd685-Aoa1myFui2gYwOngqhGtO4zzT_n0hzKg9B2cjQs9faZ3h-FHxjUxFOJy-_108iPfP7bCxXzhsOZ8qhe-VdWYtENFw3B40pwpC2KY0aZ7VR9GDuZYYapIWPhn7PckJkL8&sai=AMfl-YSCzwoKtusFe2sjTRpOeOISKcYglb8jaVvvThwr0LRsCdSygKASAaJaNMTpd0aF7oBUO1R_q3YSEbT__M4HpVqH_lFtu0eNvlh4iyXjdcSZgG-_qax2ZD7dRAQiswd-YLpO2TcKo9Lj1vP_VJcpG7fzFahJg9c7iB4GyqfiCi2Z6wdpxXqOw2c6FA8C3XO4mddQh7LpNtTKue0fZ8Bl4hAY9ffO7-YZsDsaDHTn1ikE48bfJHzTLy_y2oYy1bIXXd9Oy0iz0F7OgcPX5d8tr6P9vnYvW970YUfmzJdPV9CkzCLqojmY3mD5jLQQ-GZKGysqTqUbwXx6123T88aeusGQmvTe-Q4uV-VXZ8C1G0Qh_PMxqpLPMdY0z7MM4gUhpwkrKWJ1aT5UbLk&sig=Cg0ArKJSzEc8UNKJDaqEEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=309&vt=11&dtpt=308&dett=2&cstd=0&cisv=r20220718.19637&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jul 2022 15:58:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
impl_v90.js
www.googletagservices.com/dcm/ Frame 5E5E 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v90.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 23:34:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
404670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21331
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 13:07:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jul 2023 23:34:08 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 47D8 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
Origin
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:28:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Jul 2022 15:28:38 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/ Frame 47D8 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DE3Z8aqApcxZFLibp3AtlDB4DM9AIdm5xln1XNXSCvcwWMPkHBMHMgMt6kWk0-gtXA3RqKdMPBHg4qZ3tKYa5qImvTFg&cry=1&dbm_d=AKAmf-BbROwX3-OtyhOptI-qCoR8HuqYFE-2TnLBZPROrAksvG_SR06qzmULjimLEQs4lz9Im3gjz2Hdt7K1diU-TF9qKDxlznZq6SMFfZs6VmHtuD2XGMhKixlnWw1Do4M8RQj5_4U_YrsqDfNkR7dlfNMwURDpeMgTKdr2y4jzkuJV2TSYfvFfMkg6PIzNjFOZqDZ4D9VBkYSvxxcVA1wRZD4p9R5YdeG0UxKhCiDxYcIZIZ16nvHmmwMZe4A3s1__-tTMRX_KyKf-tHNwJNwbC8TfwVLg82XE55FxR10BLIVt9GSKxB7r7rGO3_o8uOdoxIqzVDhaKP2ziJLnh5eToBSM38VVQQpwF8nkbrYLFBVj13sGKhMrhyiw1C1qR2tO0ufvlg2sFEny_dR9R1IA3N2MJhyx9aSV-FkVKs2nUuM28ip89xqW6fV70tRtkQW9ZdbJoLJOpwl5rMXlbzxEPynj9SleWreAjhBN2ibqgPsIXt8yhXyeYWgzGT9VS1v24zw6MwTlH9kV3lCDqJohmQofMNJ84zvWvycyXdNuHuPxVEoi9WsMj69-pgJUliyrrzTc5LvrSs2cQCh0DCOlhB5dRqWRhDFRdM8iFInJkULa-PbT4V-FPJlmew_YgGTs7wdreQed0dCeR8BAEZytQ7lO3ToEqUWfANO-iB2moKn0L-IetjAwis3CHm2WJkBnkFYgbur3CvmlCBPDqOpLSxg5_dHyAik1Et9s1qFadhIISRXbIu6Iz-H1NsdvKpu0MeGkFtQtpK4-uI8ISmxGGRpBIFQJAV8AMJ1hc8EyHgU96OQ3TG2yPFpOI11YZeX2FDzfRZIAkFHaXjhr8ANJ73u-xsxTTXPUuJM97aFzDdZ5Vv7SbtcF09zUVuqYvRrBfmzhxKZvsojO3YY0XfzFTB5-dvAX8Dzr59k49MBVh-iy9N7Qb7PRqepbJF4lRxCQfXqc6imGpvFL_Rq6LQqwd75vK69jNFhVSl70DmpsqLUTLNtuc1jogVNxtzqTVAtvkc3dJZS_t4aZJ3exx6bPvoF4ehEL_oTzkf4X3hEmzQUJPhUVt2yKOciR50TNzsb_PfwnhR40EJut42YTDNw9RWTqtlRMKTFdgLSkw58RjPTkmNZda4D-OG0t-jSz5lYwARg26OFLfbmuSwFcnTyJZ2uL51OTxDhrnz8CIihaMp2FtuHB83Irw6SKLmDBPPQ7fp5ffudeUnetquv7h0gjJR0EmWLRc7YGO-Qkp8hYiDVKzdUojHxgIYYwcYxdct07KK2Ll3ZcMDmG-VMaZDSAdGWJccFuvoAdmWHCjUP68VtMDs_VNH5KNY3rW20ZN0Ni9T49iDuZps6K5-S2LX6Lo0ueJIgBuAgTW3AU8A15VRJeB5UU3uvwGyE8vnn9YQXFadKeZCQd87lM0pJQN6MVcBs5ludeHoxhz7i2-LA2WK6dbeOt_ksIiS1P9MX_W5Qgdqj2IvZYyte5KNDXpUcipD296ZzltDucnidMZi1Th4_x2W7vBiG4MbgvyQbIGikaWuM4Tz9x7Qn1A-RHQ19LHSg-fpAxL5m6MOBjd9B9QVDPn6G8nZloNsZvZbOjPckSayaDtgXmTtLnY6t8L7tW2pcvZ4WE-yVod2dM2gaZRg_1kwBnrRTGKbWM2VUiHjWnpF9Shcmxqwo2O-n7vPfMyb1tX-eIEA8Rk-_8Myn8R3KkWWTJBV6xwsOlj4JGtEEHKZVUkOquD2XUJr-GGqj0NeZpqPmGPTZjYOYIHvVD619TmzZeQbqXsDFrwxFFdPjZ2FjVPykxWEwi88U_t_9YW_kFV59MRL24J6w7SZjvq-eDt6kN8IwthTa-PiJv591oE2qhGirtrXHek1fY64sSd0cEzJbCOZKa1YpIAjxnhSuDjiUcMvXB6WzVfbUHk1ViTKS9cCi3wAgNxysAZFDO2ZjT3U3AEZ2d2Tk6oH3eT-8vMSQJEKlEt4dO22Qftycw1hg_4tp6xhxrOYRTd0G1Y4DaBGjQb3FV5CmQ2Gmt7KRDsE91WYLXQ45qCvop1a28DX7QajU8HPU_WA-HWSQjeJzSI4FeCKc36mZq_-04T9uLdKShg-9kfUIR0WYryRY1pkqLS6uMd_tMqd5eilG6cGs2FES44HN_DJpQc4ExBDgxH3sLxlLr5LT51HJj5cyS2ktbfaTxgw_I3lb-uVHesO6AaF3QGKj01Mx7kMIX9mlFQ-Ol09gp0G_NhmuTYcbzx34dtcb-DCddYobKwBEbuBYr2k3mSPQ1M4Sv7q2dTlBgOVw3-5t5sZYErv1_euoXVaQB4ZH3-U1Ev7UzKT6WCLYs5VydFz7wfIp9DH3IQFE2AcnSpbKYEL-cdpK_1rNkmZ_lPklf9Cf96RHKWVIFgkuQLdH32n-toS1gW2FxJqA3EO7_5qjRJMYJeBLnqPjz1l5bpAgdYW00m-TMirffD_NAvcO5UFcsCfeb3i7ii2iL9zdnyNbfPHIu0ZfzMBkmp69IGbQHUNpqFuqPdAIEZgK-x32c2hhTrPltFIhL8bGUgX-bFFMi-XeVnyc6sNQAs_p6jyac-QNZich-M2FnqQi6XCzlaPjmqFUbOhxAIcDKsiKBWZaJkUxezweHFTstbayWsvDDUg1Wb6QT5AQANMYkGfadqMEt8MZI4PVrz7B9rKpUVZ100P5-REP1Y1ZcJynuiO0auNtb-hBaIkP6xb2b10_bPvHDej7nH7ui6ziVFWEujf6s76Xj23806xWCb2e5UGijHlRMfg-klXROqCaUB9BpISI9mAxaqfltLtuPZyTpk0oRUOzcKhuzH3lDcdlHwQdI43MaPYJuYaG0mI_mjgnJ19Jk5O2xnooY_oH5ba2Eb1g11R1sZYzVyx4Gbc_lBVACsRnRZTdtvOAU_kmKyy5vyReXhC4iJ0vBepXZPP2a60sj_fZIxLXOe47vjMe2L__Mk243btPcGoIPngUIGIMOBTWm6iPCLbAVySlJ5yw6xTNgeiVpo6pRj2IW4gzQWs_OCh4qXllhusTf1MpevyeH2q_b3F3-fDCoX9zZlMewMOxaJJbdo6L7VdF5T2K9YF6AFx1wpjp0-em-PRWbIYERvZ7umyOfT7TWS6VsNoYaOmZvad-Q21lYn2kknJpzc7G7hqYgBdhF9i8O9RUA1vmpJM-tkieJ-fhkMYB6x0x5NipFWbou4uJmoULBQIET2suCB5YWEIZmQa3FkFni6-tUDBZFRV7Gwl4kRVj99sbqwgeu4J_qZ14DepaeDyG7NjIXvzR6AdWTR1AIaQeNXwV4_fGmtH4jx0rGmsb9N6M0rMdVuTlc2qxyDvj9ZdgKk0LXAJzrXGst-moT-dlL0ukYhEOrBKQcuhQGoj0L441PnQd2VK77G-8ma5wjvmPppLHR&cid=CAASJ-RodCF7l4-BYmNv3GVjfjHYis7b-Rft-093-vFDDHpKbu_axaGhTg&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:19:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2355
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:19:23 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/ Frame 47D8 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DE3Z8aqApcxZFLibp3AtlDB4DM9AIdm5xln1XNXSCvcwWMPkHBMHMgMt6kWk0-gtXA3RqKdMPBHg4qZ3tKYa5qImvTFg&cry=1&dbm_d=AKAmf-BbROwX3-OtyhOptI-qCoR8HuqYFE-2TnLBZPROrAksvG_SR06qzmULjimLEQs4lz9Im3gjz2Hdt7K1diU-TF9qKDxlznZq6SMFfZs6VmHtuD2XGMhKixlnWw1Do4M8RQj5_4U_YrsqDfNkR7dlfNMwURDpeMgTKdr2y4jzkuJV2TSYfvFfMkg6PIzNjFOZqDZ4D9VBkYSvxxcVA1wRZD4p9R5YdeG0UxKhCiDxYcIZIZ16nvHmmwMZe4A3s1__-tTMRX_KyKf-tHNwJNwbC8TfwVLg82XE55FxR10BLIVt9GSKxB7r7rGO3_o8uOdoxIqzVDhaKP2ziJLnh5eToBSM38VVQQpwF8nkbrYLFBVj13sGKhMrhyiw1C1qR2tO0ufvlg2sFEny_dR9R1IA3N2MJhyx9aSV-FkVKs2nUuM28ip89xqW6fV70tRtkQW9ZdbJoLJOpwl5rMXlbzxEPynj9SleWreAjhBN2ibqgPsIXt8yhXyeYWgzGT9VS1v24zw6MwTlH9kV3lCDqJohmQofMNJ84zvWvycyXdNuHuPxVEoi9WsMj69-pgJUliyrrzTc5LvrSs2cQCh0DCOlhB5dRqWRhDFRdM8iFInJkULa-PbT4V-FPJlmew_YgGTs7wdreQed0dCeR8BAEZytQ7lO3ToEqUWfANO-iB2moKn0L-IetjAwis3CHm2WJkBnkFYgbur3CvmlCBPDqOpLSxg5_dHyAik1Et9s1qFadhIISRXbIu6Iz-H1NsdvKpu0MeGkFtQtpK4-uI8ISmxGGRpBIFQJAV8AMJ1hc8EyHgU96OQ3TG2yPFpOI11YZeX2FDzfRZIAkFHaXjhr8ANJ73u-xsxTTXPUuJM97aFzDdZ5Vv7SbtcF09zUVuqYvRrBfmzhxKZvsojO3YY0XfzFTB5-dvAX8Dzr59k49MBVh-iy9N7Qb7PRqepbJF4lRxCQfXqc6imGpvFL_Rq6LQqwd75vK69jNFhVSl70DmpsqLUTLNtuc1jogVNxtzqTVAtvkc3dJZS_t4aZJ3exx6bPvoF4ehEL_oTzkf4X3hEmzQUJPhUVt2yKOciR50TNzsb_PfwnhR40EJut42YTDNw9RWTqtlRMKTFdgLSkw58RjPTkmNZda4D-OG0t-jSz5lYwARg26OFLfbmuSwFcnTyJZ2uL51OTxDhrnz8CIihaMp2FtuHB83Irw6SKLmDBPPQ7fp5ffudeUnetquv7h0gjJR0EmWLRc7YGO-Qkp8hYiDVKzdUojHxgIYYwcYxdct07KK2Ll3ZcMDmG-VMaZDSAdGWJccFuvoAdmWHCjUP68VtMDs_VNH5KNY3rW20ZN0Ni9T49iDuZps6K5-S2LX6Lo0ueJIgBuAgTW3AU8A15VRJeB5UU3uvwGyE8vnn9YQXFadKeZCQd87lM0pJQN6MVcBs5ludeHoxhz7i2-LA2WK6dbeOt_ksIiS1P9MX_W5Qgdqj2IvZYyte5KNDXpUcipD296ZzltDucnidMZi1Th4_x2W7vBiG4MbgvyQbIGikaWuM4Tz9x7Qn1A-RHQ19LHSg-fpAxL5m6MOBjd9B9QVDPn6G8nZloNsZvZbOjPckSayaDtgXmTtLnY6t8L7tW2pcvZ4WE-yVod2dM2gaZRg_1kwBnrRTGKbWM2VUiHjWnpF9Shcmxqwo2O-n7vPfMyb1tX-eIEA8Rk-_8Myn8R3KkWWTJBV6xwsOlj4JGtEEHKZVUkOquD2XUJr-GGqj0NeZpqPmGPTZjYOYIHvVD619TmzZeQbqXsDFrwxFFdPjZ2FjVPykxWEwi88U_t_9YW_kFV59MRL24J6w7SZjvq-eDt6kN8IwthTa-PiJv591oE2qhGirtrXHek1fY64sSd0cEzJbCOZKa1YpIAjxnhSuDjiUcMvXB6WzVfbUHk1ViTKS9cCi3wAgNxysAZFDO2ZjT3U3AEZ2d2Tk6oH3eT-8vMSQJEKlEt4dO22Qftycw1hg_4tp6xhxrOYRTd0G1Y4DaBGjQb3FV5CmQ2Gmt7KRDsE91WYLXQ45qCvop1a28DX7QajU8HPU_WA-HWSQjeJzSI4FeCKc36mZq_-04T9uLdKShg-9kfUIR0WYryRY1pkqLS6uMd_tMqd5eilG6cGs2FES44HN_DJpQc4ExBDgxH3sLxlLr5LT51HJj5cyS2ktbfaTxgw_I3lb-uVHesO6AaF3QGKj01Mx7kMIX9mlFQ-Ol09gp0G_NhmuTYcbzx34dtcb-DCddYobKwBEbuBYr2k3mSPQ1M4Sv7q2dTlBgOVw3-5t5sZYErv1_euoXVaQB4ZH3-U1Ev7UzKT6WCLYs5VydFz7wfIp9DH3IQFE2AcnSpbKYEL-cdpK_1rNkmZ_lPklf9Cf96RHKWVIFgkuQLdH32n-toS1gW2FxJqA3EO7_5qjRJMYJeBLnqPjz1l5bpAgdYW00m-TMirffD_NAvcO5UFcsCfeb3i7ii2iL9zdnyNbfPHIu0ZfzMBkmp69IGbQHUNpqFuqPdAIEZgK-x32c2hhTrPltFIhL8bGUgX-bFFMi-XeVnyc6sNQAs_p6jyac-QNZich-M2FnqQi6XCzlaPjmqFUbOhxAIcDKsiKBWZaJkUxezweHFTstbayWsvDDUg1Wb6QT5AQANMYkGfadqMEt8MZI4PVrz7B9rKpUVZ100P5-REP1Y1ZcJynuiO0auNtb-hBaIkP6xb2b10_bPvHDej7nH7ui6ziVFWEujf6s76Xj23806xWCb2e5UGijHlRMfg-klXROqCaUB9BpISI9mAxaqfltLtuPZyTpk0oRUOzcKhuzH3lDcdlHwQdI43MaPYJuYaG0mI_mjgnJ19Jk5O2xnooY_oH5ba2Eb1g11R1sZYzVyx4Gbc_lBVACsRnRZTdtvOAU_kmKyy5vyReXhC4iJ0vBepXZPP2a60sj_fZIxLXOe47vjMe2L__Mk243btPcGoIPngUIGIMOBTWm6iPCLbAVySlJ5yw6xTNgeiVpo6pRj2IW4gzQWs_OCh4qXllhusTf1MpevyeH2q_b3F3-fDCoX9zZlMewMOxaJJbdo6L7VdF5T2K9YF6AFx1wpjp0-em-PRWbIYERvZ7umyOfT7TWS6VsNoYaOmZvad-Q21lYn2kknJpzc7G7hqYgBdhF9i8O9RUA1vmpJM-tkieJ-fhkMYB6x0x5NipFWbou4uJmoULBQIET2suCB5YWEIZmQa3FkFni6-tUDBZFRV7Gwl4kRVj99sbqwgeu4J_qZ14DepaeDyG7NjIXvzR6AdWTR1AIaQeNXwV4_fGmtH4jx0rGmsb9N6M0rMdVuTlc2qxyDvj9ZdgKk0LXAJzrXGst-moT-dlL0ukYhEOrBKQcuhQGoj0L441PnQd2VK77G-8ma5wjvmPppLHR&cid=CAASJ-RodCF7l4-BYmNv3GVjfjHYis7b-Rft-093-vFDDHpKbu_axaGhTg&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18091a39db3bc6d68a187de5d46d8f28e49beb8d9431e9c8e5e9db7cb071dc65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:51:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
421
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10561
x-xss-protection
0
server
cafe
etag
14610481443806215460
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:51:37 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 74FF 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 11:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 11:58:57 GMT
truncated
/ Frame 74FF 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
508005b9a622c4c017a0e6431808bbba0909c86a4efbf51070727e97a56bd1cb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 47D8 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 11:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187181
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 11:58:57 GMT
truncated
/ Frame 47D8 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5409a7909c51bd5336c6f438fb83fa30e431a11e2907c89458186a435ea608c4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0DD1 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
687c1fbaa91a5f59ba02613f0eeada7a84eec2c78f2c57f0324740ed2bf7404f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CBF5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
220373
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Jul 2022 02:45:45 GMT
expires
Tue, 18 Jul 2023 02:45:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
pagead2.googlesyndication.com/bg/ Frame 02C2 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
840710d4724f89679dd314bedaba5e0dca874a89e35983f04f6b02fca5f43be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 16:47:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
83477
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13821
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Jul 2023 16:47:21 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 77F4 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
220373
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Jul 2022 02:45:45 GMT
expires
Tue, 18 Jul 2023 02:45:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CE85 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
220373
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Jul 2022 02:45:45 GMT
expires
Tue, 18 Jul 2023 02:45:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
B27879126.337130306;dc_ver=90.265;sz=300x250;u_sd=1;dc_adk=2228999113;ord=8q1bjo;click=https%3A%2F%2Fag.yieldoptimizer.com%2Fag%2Fct%3Fac%3D88177546%26n%3D9%26_omu%3Dhttps%3A%2F%2Fgoogleads.g.doubl...
ad.doubleclick.net/ddm/adj/N1534754.2082500ADARAMEDIA/ Frame 5E5E 		51 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1534754.2082500ADARAMEDIA/B27879126.337130306;dc_ver=90.265;sz=300x250;u_sd=1;dc_adk=2228999113;ord=8q1bjo;click=https%3A%2F%2Fag.yieldoptimizer.com%2Fag%2Fct%3Fac%3D88177546%26n%3D9%26_omu%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRhXvLSbYYvuEOc6OnwT4u4-ACK36rOBquoumx6gQ_9GivcABEAEglZvKIWDJhoCA3KPEEMgBCagDAaoEogJP0AMMzwggR_VknCEiIGO6W6N3mdJrTIfG8IcDAyoJZlBnXZ_0Dk1xR1Gxr0tcHsGySizQ7vICGnKmZXwraDceEF_08aave5SsjvT19-hs0fnMMx3_o0SQmMaOT-zpyo0jUnMYPr6pWCAFJ54eKDwwQPInuOOYNuXUU2HlDJku66yks2l8FP1vpsUAp5ZsWKgPvqpCocFRwvnQhPuQe0EyfoHrr9aBoqbOLG0iflEqwdGiyyxfAUAI-s8AMx4WO2tUNyysFLyWwN6MGEBMHUL6Ds8wIaCitcd4vh5N60llUvTWp4AINTi_Eu3WmP84mCn7GpAd2LbRZq6oSkgVVSegajvIEuRvQ4mwFEobRM5twjkHOksujoRDlwQlmX1IEb0nf8AE6qrG34QE4AQDkAYBoAZNgAeZ0qiAAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBAIiGEQARgdMgOKggE6AoBA8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0NjgwgAoDmAsByAsBgAwBsBOP2O4P0BMA2BMKiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-RodZ-gocGWblSdZVHtdIBj7vq4wkg6AAwXKBXHWo2BUiTYQkYfhQ%26sig%3DAOD64_3vNzoxOUxBhekMpt3vZeF8KelD6A%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-B3wqH9O9xoHnNVstNQqAodsfbBsRlL_KF0IcRimBhrYLtRwHiPvFf9K9A6Mxzo6MbJUw4g4-HpEJ30X9CFWIlnV7okZpPkQqDuYCqSnCJeIUTSRm2Q7kyH6SC9ASFalaJqwl4RZheZEPni_3ncrr2_9gtngQ%26cry%3D1%26dbm_d%3DAKAmf-D2pEyob6sSn_ubBIACcAxItjf6Sz9LKEbU59ZVYMzNjkJF-vSmQVG97akiaTH_8tc2opzKKvuMtXAHoQNGSSeOI8pDkppwjdUBVG0MKYfal8PaPsYF_9jBiAb0IFg4avvfDucLc4B8QLIBVEN31WTVm0x9XRnC-P0RVp7H0bJn8vm3KZYv8FA-x3oT9Ekq1ghFH2o0xuyLDA4K3PskUSruUbTcbU5P3t2WgC3q2-9rmEReg2atff28oxvjndQkCJJNSjGeUDnB13oyY1l1a332N1vzZncXiAqeFstRPJD8X5VNxA0qBkoqDmhyzZuoZiX-iOpdLj0mP4DilmDVqZoP4mKOzQBQXJWqJaNb4MciMb3ijAbDPAnRkYoJY4CRvswRPvhlt2qE6jQSMUuIIQwYA6Vuxo7EBMIh_3Tds6mq_YPAyYAxPAZ5LFfwPSZ0sJ_kIKfZnjPuxQs-juWFu00Ts_wfeg%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.hawtcelebs.com%2F$0;xdt=1;crlt=pUrm1EN*2O;stc=1;chaa=1;sttr=244;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f6.1e100.net
Software
cafe /
Resource Hash
6c3a33926fb4eeb19e28a7a721602262d9a6c5f73ba82926dbe44d6ab8d08dfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26006
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
pagead2.googlesyndication.com/bg/ Frame CBF5 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
840710d4724f89679dd314bedaba5e0dca874a89e35983f04f6b02fca5f43be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 16:47:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
83478
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13821
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Jul 2023 16:47:21 GMT
hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
pagead2.googlesyndication.com/bg/ Frame 77F4 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
840710d4724f89679dd314bedaba5e0dca874a89e35983f04f6b02fca5f43be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 16:47:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
83478
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13821
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Jul 2023 16:47:21 GMT
index.html
s0.2mdn.net/sadbundle/4174954331676773194/ Frame 2B78 		21 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4174954331676773194/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33e6cd66c614424e0165c4d41234b6ad6b4b659260f02f18ba1644322e186d22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
64518
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4826
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Jul 2022 22:03:21 GMT
expires
Wed, 19 Jul 2023 22:03:21 GMT
last-modified
Tue, 24 May 2022 07:44:06 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 47D8 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu8u64nu6zFS2eLl16Ly7znVCyYf1uPULTiQHMFSQkdymXb-XiFxll-I0ta2sH-TpvZihxVIPfezaWLB4uyTpM0Wfds9Ohc1JNtTYdLWRG0yMCnrfD3n6mFIwGss17osFP537OSJ2zN-S5c0JpWHNME1KZtVgmRcNv_tUQCvKmAiSpx1Ba3E83OjCc5VQ2uz_U2vK3rpir5KijySL_YsIlzdqBNE8nY3NxYoXEUB4VsIWsphDJvkJVJwwQJzgm8k1uhNt3dD6APZ54XpTE27IcVzpBVYZYIl1KSBEThqc2VDzJHdzu1hPnMgtcWqM7oemVj3UKp3E7HmKkTVYHkuw1eiqLRFnRHUQOZ7f2UWR-JyORRGlrQZQg_kzaZathsKI2MJd4ce7YQOoAPcwpTB6F_VncIwcoXcFEnhH951MlpGvLJdOLbwFj6P8d_y92jIdH39oMXFes1a2q7cb6yyaMAy6sBWU518RjWfG99U_O2D0QtWZ2I9IRXAX2JSJBaIHP6vxUQEVlAArnXk4orGP7rdrR6OSQ9wPiQfLRZbdgJEBikmlXYtzg01OzRCti-Kr4YQ6jH9qmwqMgNoc_0TDo26yUoqiTeXSS_-KzW5ShNsf6DDEYTIAGUoEUZMoOdqGqCexDeQHEacC49aHw3eR2lOY6Ts2gwu1Z4e8_11-yeOnYpK1ZZJj3O0zed8kuXDqneTXOtP51sOZmcpW-7pWM_d9GmNkOLx-nnecDKx4Q5BeVzahuYVNHjlMqfMxHJ00ty3oW1Uw_w56a4ZkKcL1tqIov_WS6kPRUznl1JN_P5ixjPK24kitfh1hOTltGQnRbkixyGAlR7rHPyDyQE0MGTjGLvqUjJoKFa7DybPHB4q1diJsj-H4IwzKZuvmfPkwGaZiWoonb0UmVar4-QDofkEdZFsRo_SYIhcjdVAuWdc5zWSW5DtEfqzHo6gga-7Kpc5kq9PUHT5sfiMxEHaivQavzQX_0AlD5K0kK4k-0zMURZja83qqi9qarwsYguVWgAxhLbMd7NNGshC_KxiPjvujkjuvAdOF9xhjb1XnTzatGMHXxu1vqF9BDSGeppEc784UsibdiiAwQ5jiuRKcBRYzwIkWvu4QqnnYB7BlRy1XyFYTlU3sotazoqm4DTAUF0c2ufVlKDB-AnxAyZMv7eUrVndtworHV6l5F0jyVUWua6g6ZQR-a3N_GSLjoPRi-n2ZEuB2S5BuZRxtnZeZNSHyPOPUQ1urnrB1QI9e9WlIDks6NLyAxOG0VlbLLRhZTQIxOGaFNxflMNPGqOLI8KALcb04Jahed9hAJg&sai=AMfl-YS4vvtxwvuaXUP3fqsnBZzDeSEFMEgTbIwYepYeS8z9RhObW43ILloD9-RY-rZ2hUqOnNNHmdzyAg0DFarOrHg-nVNmM9AH1IBhv74MCx63kOigBGhbrvpz6Ya5XzKn7NAquniM4rZcpR54dqZs2ZEYHjQHJHSYrHwguEDr6CRpA9zFn2YqfMeXyAamFYdK6rTmO73NGMaL142lCOgTILrc6-Vh51U&sig=Cg0ArKJSzHJr3MwjeWZFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=318&cbvp=1&cstd=315&cisv=r20220719.04842&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Wed, 20 Jul 2022 15:58:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/sadbundle/12012745418877302203/ Frame 395B 		23 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12012745418877302203/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31e0292b2162515346068c9d1726a329ddaf8eefa85c43d5ffaec0ff2a7655a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
64540
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
4938
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Jul 2022 22:02:59 GMT
expires
Wed, 19 Jul 2023 22:02:59 GMT
last-modified
Tue, 24 May 2022 07:43:45 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 74FF 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvmBIlxKh7nA5_kYWIeX3Rq4ur3rVaimhNUWdYq55apkTd9tf2h5TuVNnIHw-DmSHanVwQiybrbRhfrUQzVCiJ9JzB7EAxCxRSlawqCgB_-sEy06S6Aiz8pGTxNMEXb71LjQcXiklMc5_myiAENSjbYtocf04whGLoGats8fImTnHVA1Z1Vi8hzWQYCpVc7kaM8vMW9kTTd17cwUbUaRg9pjDzDK4aGcXHlnT7BBKSjjsVT3szvsdSfIpbSNgppcVXAMb-9qBCToARx-cdcEeiV2ckSwPS-rBdNhixpq2BpHw_HYmsG10yPhIhG5_QmjcVpw4tdvwySfY5LrrhHwN9BXu6D3i-b0VI8WHKLguAuybSsvZIwDyb3mq_vr64Kodf995IlWdQ5KJHgLOP62r4eNnhbcryppO2eY7UUdefa1ojGBcD6YSeH1ro6mB3MHHstBuhhRmlXMSneg0E30i2LWfE6wBTYCWxA8OCJudIP3eF_tEA0fsOXDU4u01eoXgMzC3oDNfWjRiUX-gzqlvcZr8pF-iVXHhGzsAjhjNO0ypd7NaZknrEfSQfYiG9VizKPyGfHw65FdIpOcK382z1s54qc_XQsgTdyvA5ChgnelGNuu3QUS_ELavzBXrryfMxGU1F88aC8leonPjA_FZOXaYU1jVlXDP4crxEWDIcUHQwFnrOAMd-aI6-HEl76LI1RczyzpStpsgTYV-MnVPki_BWfi3M-AvtxVJ6cD2m445Qv21MO_HUOdoim-P3e-PRMqwK9QeGa2oPRp9aHMNM8cxsRvNtVUE-QNb_bWbPZofgUNvaigJILxLZ0nax_CQVihthZztsQe00SY4QdFPrn0cQ7_BheQkuRd896AWSN_ki_Hveakg4yJTOWpZEMV4dm9-SncrW2FdtmdbnDp4rEmNRtMaVZarANPU2mxvQZXaoVgliUgS7cAPCav2UBVAHDgd-c3KMMgpvOmFWS3HZ8LMgSrRucHpWFKAesyKof9IuAsn8J5N3_EMJ_bPdV_w4kNQZMNSsVPGk21t_GfcJnl-xEKHKNVA0w59utzghKu_1QBy3GXUp9c8wQwDgbIIcuMhYLfk4eLfCSh_Kj_BfrMyoJf_Q3BGAGYRBYjKqkbNpaF3HdkzltgFs_m71ZnaRAhsGzERyDxcwlJoyXbfL9skK1n-740JSPXIlm6JjFY91vjXtnghCxB7IdGSfhisUDfXX1AuDY2NGkb9Jw33tFEQPvIQ8rMeQnQGPGHJJizAw8fKJk3Hg965dhXG9VaObsXhEBOUvDxonLRukeRuQVClfBcGt6rZZ3s8vrVQ&sai=AMfl-YQOTrHMCUu-Pj-peK1nhYAsAUSviVurvyzo1BrsD46p746vhv6GFlGqUf_vpPAWyE1MwmiKwaPkxOOQfu5e3tVaf6G6Edc3cNRmeivru70c8iDAuvIB-9Bqt7EcOP2AqweJb2bd3ruk82rifJ-tjQEvWDOdxUjEVzFI3bl9XMYscGoxnY_LDhpPWm3xWzOnyl3HjgHE4HmEkv92DRe4XELiuqUZOIc&sig=Cg0ArKJSzAT79oU_alvvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=346&cbvp=1&cstd=344&cisv=r20220719.22482&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Wed, 20 Jul 2022 15:58:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
pagead2.googlesyndication.com/bg/ Frame CE85 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
840710d4724f89679dd314bedaba5e0dca874a89e35983f04f6b02fca5f43be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 16:47:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
83478
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13821
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Jul 2023 16:47:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 02C2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BeNB1LSbYYrLsOa7-nwSVz7qwCAAAAAA4AeAEAg&bg=!fn2lfTnNAAZlvz3gRb87ACkAdvg8WsT69CC_RDr0YjJfe6fEFZjRlvx3tqe4wk9iRshEfbMxBL1_pAIAAACjUgAAAAJoAQcKAFmBYTkkKvsPODAqhOMm2ro9W8d2h8amDzwOXiHaXkQkNL1qaHIOmnyw2WvRQieCI2o6e6YiFQD28FdrpJzSlUdJkuti89ipORfhsIglnVWQSvp49MOYndQalJkDMSmhrwdmRLkAYCuoozZUtpi8kmmsIOID74wfhOgYjLGqdJ9KFXobqs5BROu_VVRl_CWcTutTjFtfIFf-_9RVsNlmFHiKbPvNb_uNUsqVQB9fsPIDBcL7YcVYkpI2AXzVxP-ccXWvCthGfNeegyY-oQSbxTBOolpH0MQDO6wRv_4rw8bgb7nrXI5mJ5VHhoIRFH8CFMqhtGFuYsd0UknB4D4RJ90PgtCYHD1HM_VAVxc2YmiZ4nywO98VvfiQ-scTH3UxbxP3Eg5qZh9uuluHdyaWeZN6_AVKpnPJiNBGVlhMmqmGJvbxNU6gkkhI2yduqtza_NpX1jyTQ1Fj-I56mb7FqUWgI-BBxXgGQvtLRG7Pk5H1QqUI6Br5qCASTOO6_0uJcPNvU8G96MBSAZQF_9buGreolLbpVlfLRoFR4SawhH_bbKUPyMJhqfFpFarlPYgG8wafa6y8kIyKREyOYp9q9i4vjp87VyWTqVIqaduKoEFqNt_Kh9YUV3oClLCwemdQcaZauKJEOMdq4Sg8LHdy23OleogqoN_1onBgW5yoCHJPX5uoHFaa8Gu3fI6cmHVFMttL5LRHeRbsIw6-LogiXcMgeYoWJ2ifRk5mUy5ViWWlx8UNFjEs08mPTKu_-ePAEqZElk3KHoFnJ2nLhIOJD8xvy4AaIN4McQCaevkjIWak8nxHKdRDP7ewlnLW7yG9gCTAORrpa7WbN3mvXlcbsBjY4Ttq80TmGEsJIVEF2k5wnDQPFhILy8kw1q6Ak846leCKMt2WvLjE5a-Hke_ReWX32FBxZlToFUTZ0cMx9Opm9GSJUEKomtRagsbZCX44vvfVjulc-S4PZekNxvoJFNh4ju9LfSj4Bw9MNNDPe2AtiFPM52jGwBwV-tvphHPTMijQmtpyZvs9qJmTWAw5DfD49sn9xim8EKKLL1zFZWzOEYqcxzFcb5548YNBWQoriiIA_qqb2lI3zg4qpvowvwffvgWqB72wn36QeRrBse4T1Jbha4tWBQ0iO8fiUXox3kxsvI8IbGxpX3qeolV0rff_XFxQU0W450n0sBc-QjbjJ2nzAkdNQgk_iB4V0eI
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/ Frame 5E5E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1534754.2082500ADARAMEDIA/B27879126.337130306;dc_ver=90.265;sz=300x250;u_sd=1;dc_adk=2228999113;ord=8q1bjo;click=https%3A%2F%2Fag.yieldoptimizer.com%2Fag%2Fct%3Fac%3D88177546%26n%3D9%26_omu%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRhXvLSbYYvuEOc6OnwT4u4-ACK36rOBquoumx6gQ_9GivcABEAEglZvKIWDJhoCA3KPEEMgBCagDAaoEogJP0AMMzwggR_VknCEiIGO6W6N3mdJrTIfG8IcDAyoJZlBnXZ_0Dk1xR1Gxr0tcHsGySizQ7vICGnKmZXwraDceEF_08aave5SsjvT19-hs0fnMMx3_o0SQmMaOT-zpyo0jUnMYPr6pWCAFJ54eKDwwQPInuOOYNuXUU2HlDJku66yks2l8FP1vpsUAp5ZsWKgPvqpCocFRwvnQhPuQe0EyfoHrr9aBoqbOLG0iflEqwdGiyyxfAUAI-s8AMx4WO2tUNyysFLyWwN6MGEBMHUL6Ds8wIaCitcd4vh5N60llUvTWp4AINTi_Eu3WmP84mCn7GpAd2LbRZq6oSkgVVSegajvIEuRvQ4mwFEobRM5twjkHOksujoRDlwQlmX1IEb0nf8AE6qrG34QE4AQDkAYBoAZNgAeZ0qiAAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBAIiGEQARgdMgOKggE6AoBA8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0NjgwgAoDmAsByAsBgAwBsBOP2O4P0BMA2BMKiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-RodZ-gocGWblSdZVHtdIBj7vq4wkg6AAwXKBXHWo2BUiTYQkYfhQ%26sig%3DAOD64_3vNzoxOUxBhekMpt3vZeF8KelD6A%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-B3wqH9O9xoHnNVstNQqAodsfbBsRlL_KF0IcRimBhrYLtRwHiPvFf9K9A6Mxzo6MbJUw4g4-HpEJ30X9CFWIlnV7okZpPkQqDuYCqSnCJeIUTSRm2Q7kyH6SC9ASFalaJqwl4RZheZEPni_3ncrr2_9gtngQ%26cry%3D1%26dbm_d%3DAKAmf-D2pEyob6sSn_ubBIACcAxItjf6Sz9LKEbU59ZVYMzNjkJF-vSmQVG97akiaTH_8tc2opzKKvuMtXAHoQNGSSeOI8pDkppwjdUBVG0MKYfal8PaPsYF_9jBiAb0IFg4avvfDucLc4B8QLIBVEN31WTVm0x9XRnC-P0RVp7H0bJn8vm3KZYv8FA-x3oT9Ekq1ghFH2o0xuyLDA4K3PskUSruUbTcbU5P3t2WgC3q2-9rmEReg2atff28oxvjndQkCJJNSjGeUDnB13oyY1l1a332N1vzZncXiAqeFstRPJD8X5VNxA0qBkoqDmhyzZuoZiX-iOpdLj0mP4DilmDVqZoP4mKOzQBQXJWqJaNb4MciMb3ijAbDPAnRkYoJY4CRvswRPvhlt2qE6jQSMUuIIQwYA6Vuxo7EBMIh_3Tds6mq_YPAyYAxPAZ5LFfwPSZ0sJ_kIKfZnjPuxQs-juWFu00Ts_wfeg%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.hawtcelebs.com%2F$0;xdt=1;crlt=pUrm1EN*2O;stc=1;chaa=1;sttr=244;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:19:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2356
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:19:23 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5E5E 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvuKc8-SndvwTv_FrGRSDdZdzeOQDqvpXMnbnGywb0bLQiLY40nE5W7fYoWDyeRRg1DvIy6yLzAZEZWIFfbg765NLHRi83PHTf0JXd_xVwffZ3BPsbCOqCp4sacva71WI_CSsGXJAnUnUDdJWYiPq5LEwcswJUMkiCvP1I&sig=Cg0ArKJSzEmZlNQ7SQUJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220719.69514&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1534754.2082500ADARAMEDIA/B27879126.337130306;dc_ver=90.265;sz=300x250;u_sd=1;dc_adk=2228999113;ord=8q1bjo;click=https%3A%2F%2Fag.yieldoptimizer.com%2Fag%2Fct%3Fac%3D88177546%26n%3D9%26_omu%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRhXvLSbYYvuEOc6OnwT4u4-ACK36rOBquoumx6gQ_9GivcABEAEglZvKIWDJhoCA3KPEEMgBCagDAaoEogJP0AMMzwggR_VknCEiIGO6W6N3mdJrTIfG8IcDAyoJZlBnXZ_0Dk1xR1Gxr0tcHsGySizQ7vICGnKmZXwraDceEF_08aave5SsjvT19-hs0fnMMx3_o0SQmMaOT-zpyo0jUnMYPr6pWCAFJ54eKDwwQPInuOOYNuXUU2HlDJku66yks2l8FP1vpsUAp5ZsWKgPvqpCocFRwvnQhPuQe0EyfoHrr9aBoqbOLG0iflEqwdGiyyxfAUAI-s8AMx4WO2tUNyysFLyWwN6MGEBMHUL6Ds8wIaCitcd4vh5N60llUvTWp4AINTi_Eu3WmP84mCn7GpAd2LbRZq6oSkgVVSegajvIEuRvQ4mwFEobRM5twjkHOksujoRDlwQlmX1IEb0nf8AE6qrG34QE4AQDkAYBoAZNgAeZ0qiAAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBAIiGEQARgdMgOKggE6AoBA8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0NjgwgAoDmAsByAsBgAwBsBOP2O4P0BMA2BMKiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-RodZ-gocGWblSdZVHtdIBj7vq4wkg6AAwXKBXHWo2BUiTYQkYfhQ%26sig%3DAOD64_3vNzoxOUxBhekMpt3vZeF8KelD6A%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-B3wqH9O9xoHnNVstNQqAodsfbBsRlL_KF0IcRimBhrYLtRwHiPvFf9K9A6Mxzo6MbJUw4g4-HpEJ30X9CFWIlnV7okZpPkQqDuYCqSnCJeIUTSRm2Q7kyH6SC9ASFalaJqwl4RZheZEPni_3ncrr2_9gtngQ%26cry%3D1%26dbm_d%3DAKAmf-D2pEyob6sSn_ubBIACcAxItjf6Sz9LKEbU59ZVYMzNjkJF-vSmQVG97akiaTH_8tc2opzKKvuMtXAHoQNGSSeOI8pDkppwjdUBVG0MKYfal8PaPsYF_9jBiAb0IFg4avvfDucLc4B8QLIBVEN31WTVm0x9XRnC-P0RVp7H0bJn8vm3KZYv8FA-x3oT9Ekq1ghFH2o0xuyLDA4K3PskUSruUbTcbU5P3t2WgC3q2-9rmEReg2atff28oxvjndQkCJJNSjGeUDnB13oyY1l1a332N1vzZncXiAqeFstRPJD8X5VNxA0qBkoqDmhyzZuoZiX-iOpdLj0mP4DilmDVqZoP4mKOzQBQXJWqJaNb4MciMb3ijAbDPAnRkYoJY4CRvswRPvhlt2qE6jQSMUuIIQwYA6Vuxo7EBMIh_3Tds6mq_YPAyYAxPAZ5LFfwPSZ0sJ_kIKfZnjPuxQs-juWFu00Ts_wfeg%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.hawtcelebs.com%2F$0;xdt=1;crlt=pUrm1EN*2O;stc=1;chaa=1;sttr=244;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jul 2022 15:58:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
6027979152748401947
s0.2mdn.net/simgad/ Frame 5E5E 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/6027979152748401947
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5d7a47985453e79ff8d0be4ab22f35ac07eb5309ae3af0cf02382405db717a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 04:07:05 GMT
x-content-type-options
nosniff
age
42694
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53045
x-xss-protection
0
last-modified
Tue, 24 May 2022 19:04:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 20 Jul 2023 04:07:05 GMT
analytics
tag.yieldoptimizer.com/ps/ Frame 5E5E 		43 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag.yieldoptimizer.com/ps/analytics?pxid=120439&
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.52.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.52.190.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:38 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 145D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
220374
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Jul 2022 02:45:45 GMT
expires
Tue, 18 Jul 2023 02:45:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ae008513ce41bae6ed8eb085c3a71631.js
s0.2mdn.net/sadbundle/12012745418877302203/ Frame 395B 		81 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12012745418877302203/ae008513ce41bae6ed8eb085c3a71631.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12012745418877302203/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
275d7e0034a2d177fa57d9b750285effb821a9232f875655c98cf1bee45bddd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12012745418877302203/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 14 Jul 2022 15:39:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
519553
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21257
x-xss-protection
0
last-modified
Tue, 24 May 2022 07:43:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Jul 2023 15:39:26 GMT
truncated
/ Frame 5E5E 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d84a0b1762ac236a63b725af33ec3de2b13c62867991e036b658d1daf1f89a81

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/png
ae008513ce41bae6ed8eb085c3a71631.js
s0.2mdn.net/sadbundle/4174954331676773194/ Frame 2B78 		81 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4174954331676773194/ae008513ce41bae6ed8eb085c3a71631.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4174954331676773194/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
275d7e0034a2d177fa57d9b750285effb821a9232f875655c98cf1bee45bddd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4174954331676773194/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 14 Jul 2022 15:09:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
521365
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21257
x-xss-protection
0
last-modified
Tue, 24 May 2022 07:44:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 14 Jul 2023 15:09:14 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CBF5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7S1tLibYYp7EI_OaoPMPxK2q8A4AAAAAOAHgBAI&bg=!VlWlVRHNAAZlvz3gRb87ACkAdvg8WlrdGW5rEqC0I-diPatV3_V9w2Tl-ZE61KXRnukYT3LS3sZFqQIAAAEXUgAAAAJoAQeZAuk7Rz26TJRnKjpS3cnFPtlXUX2iyGOAxHgKhsSHS0Vdw2VuROgRjhgKoOXQl-ffJQSsSH5TWqOoAmMQAP7NcQkH4zW8L6fftox9PglgDlIb4y1ZDzYQZ_IOURL_NbH2n9zsfep4Fj556LDdTPjuCgZAq6Yo8URkUEe_I4CxU_BzEfFxmX4B4SF1aFZCF-UyM1ZH6yYUFJF28V4Q0aatxBSsI_ZgDFpnyWgqN1HYs6wXZVAQZxO_LIZSTkQqtAvBqRamDSEeFX9BYYRfGS25mWoojntPXoo1sgErhzwGGSVO7CURPG3aStHlbsXMhF76nWlIOXwzh0pXvdkxENFuOs_AhueVnQZ4KoEpvgkybWb6zGuBHFDOzqM_kJDC4aj4NoeGNe2BRXQ67XO-IbVaHljIjc1Zu_fac_-qSq5zlj83uZ7WtxKyKEvBWaQqQLR3N8RTgsOetENux19VZ-eKqntbyVL2TYJbhHBjmvSELKCybNdOrJxa0u1vAyHmzHEGPk1TWSH3ZNOMaDlyNdqXNNXHT1BU41bSSSUNuTK4w8k75k6PgnNe8WkRsEjRzMnHhAchzbbmEUsX80b24sM9O1CAchMji30_c-kZEaernCEwEdBv7qNg3qVIJpaq6_TKi65MbC1tSj7UO9fH1x0WXRIpg2R6tHxgrbU_ikoZts0K7yB_-b2Gvr8z83x4hv4oxVF9VsdyakhMllYDqQ6UiBGeOy7WeTGDbBU78REj8cV5vW4XkLt4Wk_eaRUQ90v95RjTc32YZSdo9swORKYOdNy2CN9Wc8YUITaXziQ476No3tkgDbjsmpCujnw0RQbdKFhVaZ-s-SKfcKLb2qjZ7AHOjVVhvsxQaL_FM4XR1thBhRyn4-EijTgq_A5KnqcaxOlJuukYdAOlTRUO3CCZUknpGSVvEusDNy1lrx8btw6N2qu6IaTNVMogkphaKVre08mlI2-e4kg-1WentGe09QMVGhGjdygvI3tW
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5E5E 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvuKc8-SndvwTv_FrGRSDdZdzeOQDqvpXMnbnGywb0bLQiLY40nE5W7fYoWDyeRRg1DvIy6yLzAZEZWIFfbg765NLHRi83PHTf0JXd_xVwffZ3BPsbCOqCp4sacva71WI_CSsGXJAnUnUDdJWYiPq5LEwcswJUMkiCvP1I&sig=Cg0ArKJSzEmZlNQ7SQUJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=170&vt=11&dtpt=169&dett=2&cstd=0&cisv=r20220719.69514&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1534754.2082500ADARAMEDIA/B27879126.337130306;dc_ver=90.265;sz=300x250;u_sd=1;dc_adk=2228999113;ord=8q1bjo;click=https%3A%2F%2Fag.yieldoptimizer.com%2Fag%2Fct%3Fac%3D88177546%26n%3D9%26_omu%3Dhttps%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRhXvLSbYYvuEOc6OnwT4u4-ACK36rOBquoumx6gQ_9GivcABEAEglZvKIWDJhoCA3KPEEMgBCagDAaoEogJP0AMMzwggR_VknCEiIGO6W6N3mdJrTIfG8IcDAyoJZlBnXZ_0Dk1xR1Gxr0tcHsGySizQ7vICGnKmZXwraDceEF_08aave5SsjvT19-hs0fnMMx3_o0SQmMaOT-zpyo0jUnMYPr6pWCAFJ54eKDwwQPInuOOYNuXUU2HlDJku66yks2l8FP1vpsUAp5ZsWKgPvqpCocFRwvnQhPuQe0EyfoHrr9aBoqbOLG0iflEqwdGiyyxfAUAI-s8AMx4WO2tUNyysFLyWwN6MGEBMHUL6Ds8wIaCitcd4vh5N60llUvTWp4AINTi_Eu3WmP84mCn7GpAd2LbRZq6oSkgVVSegajvIEuRvQ4mwFEobRM5twjkHOksujoRDlwQlmX1IEb0nf8AE6qrG34QE4AQDkAYBoAZNgAeZ0qiAAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBAIiGEQARgdMgOKggE6AoBA8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0NjgwgAoDmAsByAsBgAwBsBOP2O4P0BMA2BMKiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJ-RodZ-gocGWblSdZVHtdIBj7vq4wkg6AAwXKBXHWo2BUiTYQkYfhQ%26sig%3DAOD64_3vNzoxOUxBhekMpt3vZeF8KelD6A%26client%3Dca-pub-3831894559014614%26dbm_c%3DAKAmf-B3wqH9O9xoHnNVstNQqAodsfbBsRlL_KF0IcRimBhrYLtRwHiPvFf9K9A6Mxzo6MbJUw4g4-HpEJ30X9CFWIlnV7okZpPkQqDuYCqSnCJeIUTSRm2Q7kyH6SC9ASFalaJqwl4RZheZEPni_3ncrr2_9gtngQ%26cry%3D1%26dbm_d%3DAKAmf-D2pEyob6sSn_ubBIACcAxItjf6Sz9LKEbU59ZVYMzNjkJF-vSmQVG97akiaTH_8tc2opzKKvuMtXAHoQNGSSeOI8pDkppwjdUBVG0MKYfal8PaPsYF_9jBiAb0IFg4avvfDucLc4B8QLIBVEN31WTVm0x9XRnC-P0RVp7H0bJn8vm3KZYv8FA-x3oT9Ekq1ghFH2o0xuyLDA4K3PskUSruUbTcbU5P3t2WgC3q2-9rmEReg2atff28oxvjndQkCJJNSjGeUDnB13oyY1l1a332N1vzZncXiAqeFstRPJD8X5VNxA0qBkoqDmhyzZuoZiX-iOpdLj0mP4DilmDVqZoP4mKOzQBQXJWqJaNb4MciMb3ijAbDPAnRkYoJY4CRvswRPvhlt2qE6jQSMUuIIQwYA6Vuxo7EBMIh_3Tds6mq_YPAyYAxPAZ5LFfwPSZ0sJ_kIKfZnjPuxQs-juWFu00Ts_wfeg%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.hawtcelebs.com%2F$0;xdt=1;crlt=pUrm1EN*2O;stc=1;chaa=1;sttr=244;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jul 2022 15:58:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
pagead2.googlesyndication.com/bg/ Frame 145D 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
840710d4724f89679dd314bedaba5e0dca874a89e35983f04f6b02fca5f43be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 16:47:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
83478
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13821
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Jul 2023 16:47:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 77F4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRSmfLibYYuOtI6aeoPwP9aOS-AoAAAAAOAHgBAI&bg=!hoWlhcHNAAZlvz3gRb87ACkAdvg8Wr06kochaJB6h1tL9h9S3nlVj_w8OFi6hSQURYsqkRoxQ66RVgIAAAEOUgAAAAFoAQeZAt4ZA_X36_Jmp24LKtB-cUySIvwCTCm6wyx9sSnFrTFzN4FdlRAdWKHsifaBLDi75xPkvGcanju6NSklCVtiHVy7jubmO98cWFf4wt_9iBgR_pMW5I90vUA9V_HDN80Bfbewuxj0wr0RDkB6fH6pa-wcJo2egzbCc1OjWrRWX-LF0uYZebY9kmdDIWfJ82jWnggzpYn4m211DgiyNhYEcBrEcZlb_7D28KtfpTCOczR6cN8gAHoZ6WrgQfK05CoRZmADNa6wL5Y5gZmnF7J9bYEnKN6ZzQzQXhW4TbXM6XSFH2w12Eb8KOTdOjit2BloSXW85_jZv7p_fuPZQWxs6_ogdC04rdQGa7qRmqzHCCUkPXpbQf4wFCVLNbCRr56kKsTIIhO4DONHnsuBx5ZAPf8N2ANoqiGtTexwp318tKSprFupisa-g0NKLBxrjNTmoT-VPRgsHCXWxPuSxBphYXnUexkWlExE_Uh1qiqLAXysfWq57-loNQFO9rwl-C-3CzeCrPs3NYKUql1iOkk_Vmny1igpyDXmnA8ESBpNkzEpKzawRbhcTJLQ6C0Tyu0O03BBGkTH9Ni-WGh5DWSc1sLafnPUV1NrVpbqvhBuwBtuLqMW1syXzMUtSP8o31aeMJI325HKa3C7Xtqd6iXyGL6YBDiIhs8jLwtYo3Dw7Pt9AoFZ-wa8O5V9ZDhIDxj6qz1cTO90untBGAiRAda2TM58G5a-sgzhSQVqcqIZj4sbloC__rkWCXsZNDT3t8kkwCA66N81pJyrW8JpHDhpvVXRkC9sjDgUFOwBT9tkKx87iQOCRzrvScNZozaUGCr6lv0IHv90x_FH7t3g_UtwUCy51foKq41Bey21hENv70-cDbaYz-dn0gcjnnx97gL03tLsHdEjt8m3DSoAC_EAH5RLb8_L6s7BdcbUxMvrtP8KdL22za2cOZ24fmzLPCxyVEJWkctf7rXZY7icAUMXZg
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 395B 		2 KB
539 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:500
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12012745418877302203/ae008513ce41bae6ed8eb085c3a71631.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
42fc207ebec992c03f7e8b3bf2f56ed07d798add6da0d4e91777eef7c9262875
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 15:56:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 20 Jul 2022 15:58:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Jul 2022 15:58:39 GMT
86ccedcc9309160aa571c98eb04247d4.png
s0.2mdn.net/sadbundle/12012745418877302203/media/ Frame 395B 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12012745418877302203/media/86ccedcc9309160aa571c98eb04247d4.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12012745418877302203/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72dca416a3755410f3d658fd925d2de5267e9612bc14d59e3ce1e89d3447bd32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12012745418877302203/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 22:02:55 GMT
x-content-type-options
nosniff
age
64544
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37026
x-xss-protection
0
last-modified
Tue, 24 May 2022 07:43:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jul 2023 22:02:55 GMT
74e9428b96a1e5e0156f1d5959b8fe8b.svg
s0.2mdn.net/sadbundle/12012745418877302203/media/ Frame 395B 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12012745418877302203/media/74e9428b96a1e5e0156f1d5959b8fe8b.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12012745418877302203/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e681d6365415cf8330fea21c1ed612e92fc63d64aeaa0277100dae9f0bb37ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12012745418877302203/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 22:03:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64539
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4009
x-xss-protection
0
last-modified
Tue, 24 May 2022 07:43:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jul 2023 22:03:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CE85 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B3oMrLibYYonLI4ePxAOZnovAAgAAAAA4AeAEAg&bg=!2tml2Z3NAAZlvz3gRb87ACkAdvg8WmjC_-8cQiSmbu9MxYlGNwBz1N5HDyOSC-HAaGn1zFlgsSQGhQIAAAEQUgAAAANoAQeZAuIw7iJEIKIUEA-dali_pHlu0l39edGQc8GT4lH_qZRpZxsJWZyS8jQxLxBMlIH2XC41eZ9cPZ0WBBH7vdZOHXpMPjqg-ZCVVFjuc_Qe22O-rUobYM0qL50SXKmgMIbey_JRxEgXIG8AzYiR9PR9Gk9MV5559mCl3tgOR-Qz7zEudMTKPpWYfcaBX7TgbqhwJ1oNouR0pmpMVBw8pSm2fokHiIwZUk2Joj1tWLx_l-4CydIEa7xqa6qnfatOLxrLrLCyOWZWV8iBw_Pupp-WZ92ANiokU3P_M7mzn7QMeZA-5m570CRMSctRC3H1Iy5esa8dEGFO51wm_RwlWnI5gxLfWvC3PVqdHULvFd3LrfH0Y8qqnwJhg36GXdg7Yh4L4H9boZf-mqSak4V5mfOhLy6Y0bJyMo0zK72AdgQRkLlkyqZw1MZSsG-nWn7tjainHpU5IbsN_11Ue5roYof8EuI3Nds1iW80kYorpk55y4WuMrLnQ6AvUISlGPxMoeUGl9FYNtR9hurK4X4HMaoBgLvhrAUYhG_nYufo7iM3bPkZjuyRy0m8SbZbt0GkuscYmzOGS7uEIoV0KksT8uJ3LmuG_EjzCDCcshyAHSZJx6QgT0UKTUl8fNK8zjrSYyM6kQjhqa_oNt813YPAJMF2zOsMJr6nuAMQRM5RRojBDTpv3uXgAwBL7PrlpjU3Rirj2jGrPacY_JRdK1Fd2mxgd7WKXWIgNz9ETW8mYkvlTYAkwZGmdLsohX6zX22RRGD3m81kKQTj4lGbu0KS33BYWIgj58848ggbwMyfG3XdZyOyvhN0xqfvANHwc85JEz08vlyhipPQwLypeu-ImNd27wWomUXWAT_70rtrZdq86y958Lcjm_7VqhPjy6wP9I7UxpqAHOm_0p0wQ5TBHIYYwtc0H9ZU17zzaIRYCNxhBN_EhxnUe43ZEWsM4dKmCFGybI5oOTpKOgHLdDsQaJaQpATovQ0
Requested by
Host: fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
URL: https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 2B78 		2 KB
539 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:500
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4174954331676773194/ae008513ce41bae6ed8eb085c3a71631.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
42fc207ebec992c03f7e8b3bf2f56ed07d798add6da0d4e91777eef7c9262875
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 14:02:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 20 Jul 2022 15:58:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Jul 2022 15:58:39 GMT
0c7821a914766f964493fdff528a4751.png
s0.2mdn.net/sadbundle/4174954331676773194/media/ Frame 2B78 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4174954331676773194/media/0c7821a914766f964493fdff528a4751.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4174954331676773194/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bac1ba805c5ac438464a53166f85869b9617d85f902ef6e843028e7641c8f13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4174954331676773194/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 22:03:21 GMT
x-content-type-options
nosniff
age
64518
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43219
x-xss-protection
0
last-modified
Tue, 24 May 2022 07:44:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jul 2023 22:03:21 GMT
74e9428b96a1e5e0156f1d5959b8fe8b.svg
s0.2mdn.net/sadbundle/4174954331676773194/media/ Frame 2B78 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4174954331676773194/media/74e9428b96a1e5e0156f1d5959b8fe8b.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4174954331676773194/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e681d6365415cf8330fea21c1ed612e92fc63d64aeaa0277100dae9f0bb37ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4174954331676773194/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 22:08:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150583
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4009
x-xss-protection
0
last-modified
Tue, 24 May 2022 07:44:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jul 2023 22:08:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 145D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9yjnLybYYrLgC9WIoPMPrtyDwAUAAAAAOAHgBAI&bg=!3N-l35vNAAZlvz3gRb87ACkAdvg8WluVi_9-8CE_4x-kLG_yIpAzrFhk088L3_esZSHai8qlgbqZiwIAAABmUgAAAAJoAQeZAuB0zQ3wpOCMZMiqbSiynwZqiaA0g6DkcGL8LQptBOtNela59ufQ5ePVNoHHhpq4PJOWejBkX8basoo-YVitIg2FGzoHmEVQRrph0BCLX6S9mr_TW9R35voAXMKFZXW2sDuDj7sj-LMkk5JzRAN0u7uvgc-psghw3p4ND8A-g5zcy9YNX-HBw5oSwPIsdCkOHMoW4NC8yIsAdJbwd4S8sXlW4W4e3y7siCCVtkv3wU8TYp7BvHl-K1plyauwxHU27yi9Pz7o9LMRqhuj-Srfm3GYv7krwVRf3SokTSQNKu6gpqs99jKt7eLXAJDBeWr-h_tX4uB14hbHtqvRve_1L0J9srdLgsaZ3ruhfOucZEn7d_g5kNasw561rg4524UP2qj7cAeffdCmgQav8cRhUmbdjDvX-_BvqIr1uwCAPG22iA772pOAw2Cs6qs2VuuPdfc4wLEudTEeNlg9aQVE76Zp9xM-dntR72w7TzBXpuOAzKYNJX2bT3MUBmbtHlxvGZlMk4VcjtuRXoeI7IPdfEtpj9aGYAvQRSaSLPVsAhwVpk3v3MMrsIykZOD8l4HzbfWmIZJFPdxi-KVRvY9auQCyc2DhYkWJPMvSThxiJgkih1QwAVavTtAYGysQtrJj_KVQNHUNdM5CafiH7n7sa-gEVAC7qR7MCwsNW672NHeKpPRU4CDTkBuC_qSrMgTu_PHfJj8jQ9P4XJWPp_pCToYdQRziSz_chm8_SW1xfdYBhEdAgqfSpPHnizcN1et9fCV09_JkEi9hv4GvSkk8EK-uCueGQb9UJViyWYcfsGwmIoBhKuekGtQSAL7kQlQ5zXgn6jjqweWNzYLtSa6F5Sx1lQclfxqCY97Hpx730xf3dmGg62e8thM7XXEnxgCbqxxRKyByxC7Me8AKHJnzucuL_lKmKuaRbm-_FGy_ZciXgme9qcmsdJa1tYB7jCQ_pz1SuA4EEaag08IUaUaKvs0P
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 395B 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 19:32:09 GMT
x-content-type-options
nosniff
age
591990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jul 2023 19:32:09 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2B78 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 19:32:09 GMT
x-content-type-options
nosniff
age
591990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jul 2023 19:32:09 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 47D8 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu8u64nu6zFS2eLl16Ly7znVCyYf1uPULTiQHMFSQkdymXb-XiFxll-I0ta2sH-TpvZihxVIPfezaWLB4uyTpM0Wfds9Ohc1JNtTYdLWRG0yMCnrfD3n6mFIwGss17osFP537OSJ2zN-S5c0JpWHNME1KZtVgmRcNv_tUQCvKmAiSpx1Ba3E83OjCc5VQ2uz_U2vK3rpir5KijySL_YsIlzdqBNE8nY3NxYoXEUB4VsIWsphDJvkJVJwwQJzgm8k1uhNt3dD6APZ54XpTE27IcVzpBVYZYIl1KSBEThqc2VDzJHdzu1hPnMgtcWqM7oemVj3UKp3E7HmKkTVYHkuw1eiqLRFnRHUQOZ7f2UWR-JyORRGlrQZQg_kzaZathsKI2MJd4ce7YQOoAPcwpTB6F_VncIwcoXcFEnhH951MlpGvLJdOLbwFj6P8d_y92jIdH39oMXFes1a2q7cb6yyaMAy6sBWU518RjWfG99U_O2D0QtWZ2I9IRXAX2JSJBaIHP6vxUQEVlAArnXk4orGP7rdrR6OSQ9wPiQfLRZbdgJEBikmlXYtzg01OzRCti-Kr4YQ6jH9qmwqMgNoc_0TDo26yUoqiTeXSS_-KzW5ShNsf6DDEYTIAGUoEUZMoOdqGqCexDeQHEacC49aHw3eR2lOY6Ts2gwu1Z4e8_11-yeOnYpK1ZZJj3O0zed8kuXDqneTXOtP51sOZmcpW-7pWM_d9GmNkOLx-nnecDKx4Q5BeVzahuYVNHjlMqfMxHJ00ty3oW1Uw_w56a4ZkKcL1tqIov_WS6kPRUznl1JN_P5ixjPK24kitfh1hOTltGQnRbkixyGAlR7rHPyDyQE0MGTjGLvqUjJoKFa7DybPHB4q1diJsj-H4IwzKZuvmfPkwGaZiWoonb0UmVar4-QDofkEdZFsRo_SYIhcjdVAuWdc5zWSW5DtEfqzHo6gga-7Kpc5kq9PUHT5sfiMxEHaivQavzQX_0AlD5K0kK4k-0zMURZja83qqi9qarwsYguVWgAxhLbMd7NNGshC_KxiPjvujkjuvAdOF9xhjb1XnTzatGMHXxu1vqF9BDSGeppEc784UsibdiiAwQ5jiuRKcBRYzwIkWvu4QqnnYB7BlRy1XyFYTlU3sotazoqm4DTAUF0c2ufVlKDB-AnxAyZMv7eUrVndtworHV6l5F0jyVUWua6g6ZQR-a3N_GSLjoPRi-n2ZEuB2S5BuZRxtnZeZNSHyPOPUQ1urnrB1QI9e9WlIDks6NLyAxOG0VlbLLRhZTQIxOGaFNxflMNPGqOLI8KALcb04Jahed9hAJg&sai=AMfl-YS4vvtxwvuaXUP3fqsnBZzDeSEFMEgTbIwYepYeS8z9RhObW43ILloD9-RY-rZ2hUqOnNNHmdzyAg0DFarOrHg-nVNmM9AH1IBhv74MCx63kOigBGhbrvpz6Ya5XzKn7NAquniM4rZcpR54dqZs2ZEYHjQHJHSYrHwguEDr6CRpA9zFn2YqfMeXyAamFYdK6rTmO73NGMaL142lCOgTILrc6-Vh51U&sig=Cg0ArKJSzHJr3MwjeWZFEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1218&vt=11&dtpt=900&dett=3&cstd=315&cisv=r20220719.04842&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jul 2022 15:58:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 74FF 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvmBIlxKh7nA5_kYWIeX3Rq4ur3rVaimhNUWdYq55apkTd9tf2h5TuVNnIHw-DmSHanVwQiybrbRhfrUQzVCiJ9JzB7EAxCxRSlawqCgB_-sEy06S6Aiz8pGTxNMEXb71LjQcXiklMc5_myiAENSjbYtocf04whGLoGats8fImTnHVA1Z1Vi8hzWQYCpVc7kaM8vMW9kTTd17cwUbUaRg9pjDzDK4aGcXHlnT7BBKSjjsVT3szvsdSfIpbSNgppcVXAMb-9qBCToARx-cdcEeiV2ckSwPS-rBdNhixpq2BpHw_HYmsG10yPhIhG5_QmjcVpw4tdvwySfY5LrrhHwN9BXu6D3i-b0VI8WHKLguAuybSsvZIwDyb3mq_vr64Kodf995IlWdQ5KJHgLOP62r4eNnhbcryppO2eY7UUdefa1ojGBcD6YSeH1ro6mB3MHHstBuhhRmlXMSneg0E30i2LWfE6wBTYCWxA8OCJudIP3eF_tEA0fsOXDU4u01eoXgMzC3oDNfWjRiUX-gzqlvcZr8pF-iVXHhGzsAjhjNO0ypd7NaZknrEfSQfYiG9VizKPyGfHw65FdIpOcK382z1s54qc_XQsgTdyvA5ChgnelGNuu3QUS_ELavzBXrryfMxGU1F88aC8leonPjA_FZOXaYU1jVlXDP4crxEWDIcUHQwFnrOAMd-aI6-HEl76LI1RczyzpStpsgTYV-MnVPki_BWfi3M-AvtxVJ6cD2m445Qv21MO_HUOdoim-P3e-PRMqwK9QeGa2oPRp9aHMNM8cxsRvNtVUE-QNb_bWbPZofgUNvaigJILxLZ0nax_CQVihthZztsQe00SY4QdFPrn0cQ7_BheQkuRd896AWSN_ki_Hveakg4yJTOWpZEMV4dm9-SncrW2FdtmdbnDp4rEmNRtMaVZarANPU2mxvQZXaoVgliUgS7cAPCav2UBVAHDgd-c3KMMgpvOmFWS3HZ8LMgSrRucHpWFKAesyKof9IuAsn8J5N3_EMJ_bPdV_w4kNQZMNSsVPGk21t_GfcJnl-xEKHKNVA0w59utzghKu_1QBy3GXUp9c8wQwDgbIIcuMhYLfk4eLfCSh_Kj_BfrMyoJf_Q3BGAGYRBYjKqkbNpaF3HdkzltgFs_m71ZnaRAhsGzERyDxcwlJoyXbfL9skK1n-740JSPXIlm6JjFY91vjXtnghCxB7IdGSfhisUDfXX1AuDY2NGkb9Jw33tFEQPvIQ8rMeQnQGPGHJJizAw8fKJk3Hg965dhXG9VaObsXhEBOUvDxonLRukeRuQVClfBcGt6rZZ3s8vrVQ&sai=AMfl-YQOTrHMCUu-Pj-peK1nhYAsAUSviVurvyzo1BrsD46p746vhv6GFlGqUf_vpPAWyE1MwmiKwaPkxOOQfu5e3tVaf6G6Edc3cNRmeivru70c8iDAuvIB-9Bqt7EcOP2AqweJb2bd3ruk82rifJ-tjQEvWDOdxUjEVzFI3bl9XMYscGoxnY_LDhpPWm3xWzOnyl3HjgHE4HmEkv92DRe4XELiuqUZOIc&sig=Cg0ArKJSzAT79oU_alvvEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1261&vt=11&dtpt=915&dett=3&cstd=344&cisv=r20220719.22482&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jul 2022 15:58:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
choice.js
quantcast.mgr.consensu.org/choice/274pYeudnKvDs/www.hawtcelebs.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/274pYeudnKvDs/www.hawtcelebs.com/choice.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2162:7600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
747e8f5454d77ac3ee2339c3490cb7b805d59d7fedd4cc0682ae6ed9c33b7d25

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
gzip
last-modified
Tue, 09 Feb 2021 19:08:19 GMT
server
AmazonS3
age
27
etag
W/"9de17307c4f74768ad3438dca5916747"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4a7ef8cbf68469938b3b0dd42dbc4de8.cloudfront.net (CloudFront)
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
EWR52-C3
x-amz-cf-id
fI7ZmPv-iuJNPqMUprquLprT26Qr6KgmDL47d6g71Oc7jDb8joejgA==
vld.json
services.vlitag.com/uv/ 		12 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.vlitag.com/uv/vld.json?page_url=https%3A%2F%2Fwww.hawtcelebs.com%2F&mtk=78&ctt=1658329159
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=036e05035cbef88431e89138f2969605
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bd89d0776acdb8565abd79559d140909e68570f7d74a6f0141d21aed4122f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
cf-cache-status
HIT
last-modified
Wed, 20 Jul 2022 15:42:03 GMT
server
cloudflare
age
997
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cf-ray
72dce64ca95767c9-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
12
x-robots-tag
noindex, nofollow, noarchive, nosnippet
036e05035cbef88431e89138f2969605.js
tag.vlitag.com/v1/1658329159/ 		540 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.vlitag.com/v1/1658329159/036e05035cbef88431e89138f2969605.js?cc=US
Requested by
Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=036e05035cbef88431e89138f2969605
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca7776311a40664b65d73ab73c168ce0b908053c8ae48810ee7d7b388413d72a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
3128
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
last-modified
Wed, 20 Jul 2022 15:06:32 GMT
cf-ray
72dce64c794b8dfc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-robots-tag
noindex, nofollow, noarchive, nosnippet
expires
Thu, 20 Jul 2023 15:58:40 GMT
widget_v3.js
cdn.whizzco.com/scripts/widget/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.whizzco.com/scripts/widget/widget_v3.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3c4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f31ed4edda66b286ae5e18c8a4e87d66bd6e87869a0ed339788cd5b97ba65c28

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
via
1.1 d7ccd294f57ffa5420f0e5dee702a7ba.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
509
x-cache
Hit from cloudfront
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 29 Jun 2022 11:01:29 GMT
server
cloudflare
etag
W/"25c382bb07747b1cf6e92ca18709afe2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBIuXg%2BYkB0wenADzmFzlJGh1VZSpc92%2FZMrEsgJ8SnRZRHE1QpvlY4y%2BPheqVjND61Svnr%2BBEuP7jeCDVeWY87yZ%2FhP1Tcbp5uBIDuRMHstJRcZKdBs3kv1fJ9rFGnAnuZvzDVknGU0i9tNcCQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-cf-pop
ATL56-C1
cf-ray
72dce64cacff9af2-MIA
x-amz-cf-id
2WOwmmU-SkPtkl5e5ZjiSRvrEgbRDOTZcbRMuU_ezVCOZm6lansrSA==
js15_as.js
s10.histats.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:50:12 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip
137.74.122.0/26
etag
"-375139978"
x-cacheable
Matched cache
content-type
text/javascript
x-cdn-pop
bhs
accept-ranges
bytes
content-length
4364
x-request-id
1054638659
e.js
live.demand.supply/x/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/x/e.js?ce=fs&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id
01G4E422F7E356P34AG2RM71WZ
date
Wed, 20 Jul 2022 15:58:40 GMT
cf-cache-status
HIT
age
791486
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
72dce64c6c869aec-MIA
rrv7.js
bid.underdog.media/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/rrv7.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2162:8e00:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b6febcb3f5b6a0ce6826deca1106f885a9fcbd7cfab9607ba5d002fbadb66bc9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 14:47:55 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 14:30:04 GMT
server
AmazonS3
age
4246
etag
"0a76d0d668ebb35c941d60687a93ded0"
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 4a7ef8cbf68469938b3b0dd42dbc4de8.cloudfront.net (CloudFront)
cache-control
max-age=7200
x-amz-cf-pop
EWR52-C3
accept-ranges
bytes
content-length
2191
x-amz-cf-id
zr47gvRB6w4b_MSZBp6iHLAYmMIg---jl06jEO1ZxEVmymVoj12sww==
udmVideoPlayer-v1.1.8.js
bid.underdog.media/ 		605 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/udmVideoPlayer-v1.1.8.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2162:8e00:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0964a2c0874062268cd661e63dc7f77a51394229fed893a78a9b25442651e23

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Thu, 14 Jul 2022 10:19:47 GMT
content-encoding
gzip
last-modified
Mon, 14 Mar 2022 17:48:12 GMT
server
AmazonS3
age
538733
etag
"abbb49e13e8eec0b231b7bf452e4ceab"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 4a7ef8cbf68469938b3b0dd42dbc4de8.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
EWR52-C3
accept-ranges
bytes
content-length
154939
x-amz-cf-id
OnunxZ6L56CV0TEal-8th7LvzMTBhBhPsUjRH-zMJdoue0wle4wr7g==
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022071401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6d2de39b920dda85ff1ce727e780f948816f301765d4f36e98d922e1ef99fbf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11007
x-xss-protection
0
rtads
api.whizzco.com/demand/v1/ 		386 B
768 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.whizzco.com/demand/v1/rtads
Requested by
Host: cdn.whizzco.com
URL: https://cdn.whizzco.com/scripts/widget/widget_v3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3c4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0113aa214f14f694828b66647ee291880d116322d367731c778bdecdcf6ab9fd

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGL%2F%2BAEQ21oqEDwA%2FFup0%2F6troy0DIQ1JYNJj%2BTQJ%2FQGAwuaIbYZTJGmWhm5f0f6iHOUtzo4WAvWAyrkY0%2BMtrxz9NnIovrIK8I10Wmx7mz2Vrnf12b381J%2FCs9BDvJxaJTs8gGyD%2FlrQXESuX8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
72dce64e18a29af2-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rtads
api.whizzco.com/demand/v1/ 		502 B
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.whizzco.com/demand/v1/rtads
Requested by
Host: cdn.whizzco.com
URL: https://cdn.whizzco.com/scripts/widget/widget_v3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3c4d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79b539165a07d73c606ca3021814f17ae94fa1575211e666b657d1d33d7a46ee

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0johHwDYLTz%2Ffl%2F9j8XXZOvEbr6Vr5aB5cS1kNg78G%2BUgc259T35qnLE5T9i67rmFRV87g4QcraScc%2FgbQAwcRGnh6VHagsme5Idz3kMzbQUe64KacmF%2B8e3KMxxHNvS41YugglxjpmKU0PVJo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
72dce64df8499af2-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rtads
api.whizzco.com/demand/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.whizzco.com/demand/v1/rtads
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c1dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, HEAD, OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72dce64d187e9ab1-MIA
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UWpAKRdrJAZTQLOBrXD6OhUonoJcg5YrCS8ZB72WRKqNWsR0eI6WLFXmXASiXJ0gQNBE9Y1ZNeU8aCJVhUcEItYGVEVgAt2mmKj%2FWidUE6gAVRcSat5vLP5qkBbex2Hk%2FCy4OmdrPbA5egew1k0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
rtads
api.whizzco.com/demand/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.whizzco.com/demand/v1/rtads
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:c1dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, HEAD, OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72dce64d18819ab1-MIA
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=la3VMM30KsWZVcHI%2BmsFoAKSWvF6cQoEfqB%2Fz8AFJBw7hzyI9MGcdwDlHV89QCYJcSi%2B4TcsFeu77uuDwguFV9keuH2UVuE%2FjqGA9bo48OZ%2ByGwyz8sfjVgBaroD70IwgsAzcdaUVb11EVRwFYc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
/
t.dtscout.com/i/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Requested by
Host: waust.at
URL: https://waust.at/c.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.230 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-158-69-139.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5afbaeaaea207603a84b0129b429c202213ad50a9076c0eeab49858abcdeebb0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:40 GMT
X-T
0.644
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
X-S
mtl3
Expires
Wed, 20 Jul 2022 15:58:39 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-10995097-8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3379
date
Wed, 20 Jul 2022 15:02:21 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 20 Jul 2022 17:02:21 GMT
underdog
underdog.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://underdog.technoratimedia.com/openrtb/bids/underdog?src=prebid_prebid_6.21.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:40 GMT
server
nginx
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
trinity.json
apex.go.sonobi.com/ 		958 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222b2cd07687e45f%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-middle-728x90%22%2C%223a1dca90d2b562%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-middle-728x90%22%2C%22428a58a77685b6%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-middle-728x90%22%2C%2250167e3103d09b%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-middle-728x90%22%2C%226aaab0906d2e9%22%3A%224d5f61413a994ea882b1%7C160x600%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-160x600%22%2C%227bbf71820774ff%22%3A%224d5f61413a994ea882b1%7C160x600%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-160x600%22%2C%22837a1c04dfbb3d%22%3A%224d5f61413a994ea882b1%7C160x600%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-160x600%22%2C%229c0888a99bc29a%22%3A%224d5f61413a994ea882b1%7C160x600%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-160x600%22%7D&ref=https%3A%2F%2Fwww.hawtcelebs.com%2F&s=0ef50297-bb4d-4124-97b2-42e446b2fa93&pv=7ad008a2-4660-4290-b417-50c718457257&vp=desktop&lib_name=prebid&lib_v=6.21.1&us=5&ius=0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22udmserve.net%22%2C%22sid%22%3A%222993%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
54da7aa310a90d5d322d4b18671f07cb08f652ff83e8a54ea4ea1fd70a5e8d64
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-40
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-type
application/json
content-length
560
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
underdog
underdog.technoratimedia.com/openrtb/bids/ 		0
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://underdog.technoratimedia.com/openrtb/bids/underdog?src=prebid_prebid_6.21.1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
303449309
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		598 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a97447e8c04e5e743f0e0a6ecc199fd2d1370d54015c10db9f55f59e5065d31e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 20 Jul 2022 15:58:40 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b417bb6d-af9b-4792-a658-2be9f312f717
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24042&site_id=403056&zone_id=2257012%3B2257012%3B2257012%3B2257012%3B2257020%3B2257020%3B2257020%3B2257020&size_id=2%3B2%3B2%3B2%3B9%3B9%3B9%3B9&p_pos=atf&rp_schain=1.0,1!udmserve.net,2993,1,,,&rf=https%3A%2F%2Fwww.hawtcelebs.com%2F&tg_i.pbadslot=slider-middle-728x90%3Bslider-middle-728x90%3Bslider-middle-728x90%3Bslider-middle-728x90%3Bslider-160x600%3Bslider-160x600%3Bslider-160x600%3Bslider-160x600&tk_flint=pbjs_lite_v6.21.1&x_source.tid=229adf10-71bb-4b2f-a707-26d7de0deabd%3B229adf10-71bb-4b2f-a707-26d7de0deabd%3B229adf10-71bb-4b2f-a707-26d7de0deabd%3B229adf10-71bb-4b2f-a707-26d7de0deabd%3Baed3b646-7dbf-477d-a582-f76bd35c0c13%3Baed3b646-7dbf-477d-a582-f76bd35c0c13%3Baed3b646-7dbf-477d-a582-f76bd35c0c13%3Baed3b646-7dbf-477d-a582-f76bd35c0c13&l_pb_bid_id=26f51120ff95243%3B27aa8ad0bd1fe49%3B2815e50c94fda66%3B296f43a5a0584c7%3B301c474acdc3bd6%3B31f2fdbd03f2d7d%3B323ddf69a6cbd21%3B33db26d22808c22&p_screen_res=1600x1200&rp_floor=0.09574468085106383&rp_secure=1&rp_hard_floor=0.09574468085106383&rp_maxbids=1&p_gpid=slider-middle-728x90%3Bslider-middle-728x90%3Bslider-middle-728x90%3Bslider-middle-728x90%3Bslider-160x600%3Bslider-160x600%3Bslider-160x600%3Bslider-160x600&slots=8&rand=0.8478329199905135
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::116 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
17b8fbb0401ceec10be6457fe8e49781aafee5fea2d9c44ed4a73dfd1b310baa

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:40 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
383
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
025b0838d8cee874c7941f4d6509713806750c37b656c1154b1678939aa3e0ef

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
1abc28f84150069b3d3bbd74976b8a616e5d18cb3307eecaf58ce7932cb522c1

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
ba20c04523ca1a6317201ed9e6c18c2c1c6add8c1704b19326ef3273a89843ea

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
c136ff382ff9c1956d3230ffb83159ca00838dadaa3e239c37bd2c7ddce562f5

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
ab0dcc631acbeab223d019bdfe387a024a158966dec43ad3cbc7fccc4e8b9046

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
2f818630ddc58f8a3a0562ec7b56aac0b77496ca62171ede1477578a2e0f3c71

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
8bded7c44334fb1338ab3e44fa582d533544416d6bc7df18fc4875c58dbeded3

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
d633bf877db4883e785b16e5374a1222ebcfe02b794fa85cba39166a4aac1436

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
c
prebid.a-mo.net/a/ 		361 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
93f15c1e8e89766e1a58ce3a799a32451ddc9a9f0ff57cc09ad60cbf7d4bd426

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:39 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
149
content-length
231
/
d.adroll.com/bid/prebid/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/bid/prebid/
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.214.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-214-150.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:40 GMT
access-control-allow-credentials
true
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b4373065c&cmd=bid&reserve=0.10465116279069767&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
26e71839283aaac2e69b63b08431b0f03407e723c8b131fab4e5b79475380eaf

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b4373065c&cmd=bid&reserve=0.10465116279069767&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
0e0d4e4b8fbfa0a9ab7ebdf70d4e39986c3e0964886c1101bd00403435139fa2

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b4373065c&cmd=bid&reserve=0.10465116279069767&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
6b4a0088aec91c494c6d23bd0e061bf198cfa09dae193ce7e17cfdaf84e80ced

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
hb
ssc.33across.com/api/v1/ 		139 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dv6qxAKmGr7ikOrkHcnlKl
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
0cad8820e9cacebba08ca2a8742b0e683e752846c13c20d6b55ddcffb2402f49

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
img.fetch
udmserve.net/udm/ 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=14863;tid=23;ev=1;dt=6;refresh=2;cb=614a634ccb14d6e;product=reel;trigger=reel;
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
489332be3c0056ec9699f616efc965b42051061ae468aff37b0f51328c71d019

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:40 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Type
application/x-javascript
Expires
0
/
whos.amung.us/pingjs/ 		29 B
145 B 		Script
General
Check archive.org
Download Go to
Full URL
https://whos.amung.us/pingjs/?k=a9etg89wet&t=HawtCelebs%20%E2%80%93%20Latest%20Celebrities%20Pictures&c=c&x=https%3A%2F%2Fwww.hawtcelebs.com%2F&y=&a=0&d=4.145&v=27&r=2499
Requested by
Host: waust.at
URL: https://waust.at/c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
67.202.94.86 Chicago, United States, ASN32748 (STEADFAST, US),
Reverse DNS
amung.us
Software
/
Resource Hash
4731e1923dffc46272facb2508502ba154fc7c744a1aac37ad7811fd8abe29df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
gzip
content-type
text/javascript;charset=UTF-8
activeview
pagead2.googlesyndication.com/pcs/ Frame 47D8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss9owM4IbjTPww7YCijSZTe6tIbteobcPBp8tdpCb7ql0PsO0Y6YAkG7y8txEpVwV2bpVJlltUZEa0RU2sZKq86XMovTYEArqU9pFXiMSCDO1G-kpFXwwgeDWlUC4vZVGcCOqWq&sai=AMfl-YRkMMAmviH4lJyhHWq-o5WLQFYQH7ErNGPlWuWFdXY58Y9wljBYKU6xIDIJVOimq5ed12Nw9TsVd2FnyI64DHVPdJNGGYngQ2moe0DcZ_tbBDlcU8d333e_KYaW6aQ&sig=Cg0ArKJSzMVi_H_IyNpgEAE&cid=CAASJ-RodCF7l4-BYmNv3GVjfjHYis7b-Rft-093-vFDDHpKbu_axaGhTg&id=lidar2&mcvt=1039&p=760,1288,800,1329&mtos=1039,1039,1039,1039,1039&tos=1039,0,0,0,0&v=20220718&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3898746532&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658332718173&rpt=699&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 74FF 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfbAtTkmm9Hony_F1q6Sr0FkWcOf5Exlxos47MFbbph8Bj-GhAwD7g16HF_7H4rL_q92X9sR-pcEKgDCmWQcW4PZIBE9dpXOZKcc8bVWGj2NRyAzwGxmHANPNEDBC5i4_KmyKl&sai=AMfl-YTd9U2djEF4cVyn34d5SGqz-9AgU19P9QcmfcLPgICrGNAtz4Dw133vAN6XO0TkTZLms_6NIAnlZDnFSoPriYT6WbU-1qd3v6UHesR7gUe6r8sWXOBJxg86VXqme2o&sig=Cg0ArKJSzPdGtyly3xLlEAE&cid=CAASJ-RoT7Ys88lHYhI80EhqZofBeMIGre4R5FsTR39XPLNExKp2vtkyhA&id=lidar2&mcvt=1042&p=400,391,440,432&mtos=1042,1042,1042,1042,1042&tos=1042,0,0,0,0&v=20220718&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3020928236&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658332718159&rpt=685&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid-7.2.0.js
assets.vlitag.com/prebid/default/ 		528 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1658329159/036e05035cbef88431e89138f2969605.js?cc=US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d12f95611aa8608d4744913c13489910bc27a45225a61b5f7e5f5e00f519e02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2461895
cf-polished
origSize=541446
cf-bgj
minify
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Wed, 22 Jun 2022 04:06:59 GMT
server
cloudflare
etag
W/"62b29563-84306"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=16070400
cf-ray
72dce64dcb488dfc-MIA
expires
Sun, 22 Jan 2023 15:58:40 GMT
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1658329159/036e05035cbef88431e89138f2969605.js?cc=US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f69c00df57efb858d8d68fd8de34c80a259af2becb27723d73d92d2727e86ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28538
x-xss-protection
0
server
sffe
etag
"1278 / 275 of 1000 / last-modified: 1658315072"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Jul 2022 15:58:40 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		373 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1658329159/036e05035cbef88431e89138f2969605.js?cc=US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60cf5e118ca1c179bf1b725f60b86930d7e154da36fb207c1fffc9fd7ee2cf83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127179
x-xss-protection
0
expires
Wed, 20 Jul 2022 15:58:40 GMT
sf_host.min.js
assets.vlitag.com/plugins/safeframe/src/js/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1658329159/036e05035cbef88431e89138f2969605.js?cc=US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1c79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
217806
cf-ray
72dce64dcb498dfc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 01 Nov 2019 05:04:50 GMT
server
cloudflare
etag
W/"5dbbbcf2-9806"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=16070400
x-robots-tag
noindex, nofollow
expires
Sun, 22 Jan 2023 15:58:40 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		140 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1658329159/036e05035cbef88431e89138f2969605.js?cc=US
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.109.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-109-24.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
16af933f9846ccea77bac90bbfbc9d807b0bdb047f6d7439ca8d866375581b3f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 20 Jul 2022 15:25:11 GMT
via
1.1 e7e267d22aaab825174c9e30c630f528.cloudfront.net (CloudFront), 1.1 749177a97cae42477f22c33c927ca0ce.cloudfront.net (CloudFront)
last-modified
Thu, 30 Jun 2022 20:51:39 GMT
server
AmazonS3
age
2010
etag
W/"075df3dec453a3febd9aaae8d9bd0411"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
IAD89-P2, JFK50-P3
content-encoding
gzip
x-amz-cf-id
PfTMFakzEaWGVnpBAk9tpd6hRW_aGaNPZaXwFkh7rNUS04WPbez3SQ==
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/274pYeudnKvDs/www.hawtcelebs.com/choice.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
dafa3ce4de4cc56876b0fc6c36628fbcade9f4b07d7f27e4ca67744d91b2beb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
gzip
etag
"77f5L8LR6ldZZZ+q4Q+xaw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Wed, 27 Jul 2022 15:58:40 GMT
rules-p-274pYeudnKvDs.js
rules.quantcount.com/ 		3 B
447 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-274pYeudnKvDs.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 12:16:32 GMT
via
1.1 6a2d00c5c73022efc4bc2786f44b3cdc.cloudfront.net (CloudFront)
age
13622
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 19:47:21 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
EWR53-P1
accept-ranges
bytes
x-amz-cf-id
rtKOk6C3sUFFdLYE59TrHaKQLorkVICYYWqY5soyWYbNGndXCZ3BEg==
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		177 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.hawtcelebs.com
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/274pYeudnKvDs/www.hawtcelebs.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2162:7600:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0dbe8557cf989bc417149292624d7cbf6bdfdbb38de706b401ab705933a7a9e1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:27 GMT
content-encoding
br
age
20
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-max-age
86400
access-control-allow-origin
*
last-modified
Tue, 05 Jul 2022 18:41:01 GMT
server
AmazonS3
etag
W/"59be037dc1c45f10dd05d31809da5dc3"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
via
1.1 4a7ef8cbf68469938b3b0dd42dbc4de8.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
EWR52-C3
x-amz-cf-id
ePtVJ_K5BHrEtkNbW8Cx6fzNaciXH8rmVfXVuCv4EI76gjMHFp9PeQ==
pixel;r=1526186210;source=choice;rf=3;a=p-274pYeudnKvDs;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=0;fpa=P0-1034272385-1658332717914;pbc=;ns=0;ce=1;qjs=1;qv=623fd1d5-20220713234410;cm=;gdpr...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1526186210;source=choice;rf=3;a=p-274pYeudnKvDs;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=0;fpa=P0-1034272385-1658332717914;pbc=;ns=0;ce=1;qjs=1;qv=623fd1d5-20220713234410;cm=;gdpr=0;ref=;d=hawtcelebs.com;dst=0;et=1658332720273;tzo=0;ogl=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:40 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
0.php
s4.histats.com/stats/ 		380 B
515 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?1890596&@f16&@g1&@h1&@i1&@j1658332720299&@k0&@l1&@mHawtCelebs%20%E2%80%93%20Latest%20Celebrities%20Pictures&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-53772000&@b3:1658332720&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.hawtcelebs.com%2F&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.0.58 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ns500326.ip-192-99-0.net
Software
/
Resource Hash
5411aadbe4b7c1f687597c3cbc837bbe00341a1cf54570a117e3dfd323458f73

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:40 GMT
Connection
close
Content-Length
380
Content-Type
text/html;charset=UTF-8
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Jul 2022 15:58:40 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2110486559&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hawtcelebs.com%2F&ul=en-us&de=UTF-8&dt=HawtCelebs%20%E2%80%93%20Latest%20Celebrities%20Pictures&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1777654531&gjid=116901715&cid=837706208.1658332718&tid=UA-10995097-8&_gid=1251686778.1658332720&_r=1&gtm=2ou7i0&z=1865297989
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
t.dtscout.com/idg/ Frame C1F6 		1 KB
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=4C3016583327209843EADB3AECDD644B
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.230 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-158-69-139.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d2d90782b363bf6f907dd572d1281a9b6a43f3a8d5d758b676c9f053b959903

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 20 Jul 2022 15:58:40 GMT
Expires
Wed, 20 Jul 2022 15:58:39 GMT
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
dtscout
pd.sharethis.com/pd/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.122.191 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-122-191.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
208d4378ed7130ef069bc8656c21423ffd06c1aafb2e708584b0fbae4420622c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:40 GMT
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
2273
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
application/javascript
/
t.dtscout.com/pv/ 		51 B
319 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=hawtcelebs.com&_ss=s9shebcz06&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=63uv&_cb=_dtspv.c
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.230 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip230.ip-158-69-139.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7ded4562307b0aafd4ceff0deca6818a2925f4f3c5011653d98a23bb8f56b9de

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:40 GMT
X-T
0.215
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
X-C
0
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
Expires
Wed, 20 Jul 2022 15:58:39 GMT
tc.js
cdn.tynt.com/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/tc.js
Requested by
Host: waust.at
URL: https://waust.at/c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34d3c5bccdafcfd082aba4d2c845ac06ef9a24ae683225d596117f0e53ff1300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Jun 2022 14:45:34 GMT
server
cloudflare
age
90767
etag
W/"62bb140e-4523"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
72dce64fbc0367bd-MIA
expires
Sat, 23 Jul 2022 15:58:40 GMT
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
image/gif
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 82D2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
3363
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 15:02:37 GMT
expires
Thu, 20 Jul 2023 15:02:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C97A 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
67cf3763fc9d4e5d82d051cbb940dec1471b5eac88554645d87b685aaaa98004
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-S-YEw9sQ-dY2_MVEhQBmyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-S-YEw9sQ-dY2_MVEhQBmyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 15:58:40 GMT
expires
Wed, 20 Jul 2022 15:58:40 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame 5E5E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0ItRA6VZpqIrpP-KoGfKi7nRUqKXZqIyStusZKqO_JZvtbEXXGPenD5F71O2vvwtpUQW2DPpDt-_m5ZlQwNyffo5R9yBJDsA&sig=Cg0ArKJSzE9LDf39AX8jEAE&id=lidar2&mcvt=1008&p=0,0,250,300&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20220718&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=2228999113&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658332718228&rpt=1237&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5E5E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssGPQvdJ7XwXlc4e-3unpahSJg9olDS4IZg66h84NOxbv4HEWKsp9OnC250PFr1TX2_kKueCHFOuWdUx602s3HRuswM6ukQtBVgfHIB353VVyjiaeYQ_0JEels&sai=AMfl-YTglbCGY6tezmyRCUTCqh0l2KJVW6x6HHj9-VxYnx-0_SS-7o06S71LySt66D9c8mTg19yroRdqlGRe97yBY6bZ9drYIachVp2s3FYbOpoIxhzH0VpNpKHSihY2eSQ&sig=Cg0ArKJSzF7OsKmCJ_rKEAE&cid=CAASJ-RodZ-gocGWblSdZVHtdIBj7vq4wkg6AAwXKBXHWo2BUiTYQkYfhQ&id=lidar2&mcvt=1010&p=380,1029,652,1329&mtos=0,1010,1010,1010,1010&tos=0,1010,0,0,0&v=20220718&bin=7&avms=nio&bs=0,0&mc=0.92&if=1&vu=1&app=0&itpl=20&adk=1274167511&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658332718228&rpt=1233&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
pagead2.googlesyndication.com/bg/ Frame 82D2 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
840710d4724f89679dd314bedaba5e0dca874a89e35983f04f6b02fca5f43be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 16:47:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
83479
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13821
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Jul 2023 16:47:21 GMT
ajs.js
cdn2.decide.dev/_js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.decide.dev/_js/ajs.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:6e00:3:7df3:55c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b4837f2f0bced02a9549681ac5cf6f2966a89f317c3a7de35b9f1ffea8937ebb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 13:28:21 GMT
via
1.1 google, 1.1 00a6901a148285ca8b56f0d0c1104a48.cloudfront.net (CloudFront)
last-modified
Fri, 15 Jul 2022 22:22:35 GMT
age
9019
etag
W/"19c1-18203f4dd28"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=86400
x-amz-cf-pop
EWR52-C4
accept-ranges
bytes
content-encoding
gzip
x-amz-cf-id
XUfj8m9ff1o0NFyoOhKpaQENiMxat5Xu5pQWA9Ia5Bkp1SscY9vT_g==
tshow
api.whizzco.com/dtracking/v1/ 		15 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.whizzco.com/dtracking/v1/tshow
Requested by
Host: cdn.whizzco.com
URL: https://cdn.whizzco.com/scripts/widget/widget_v3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c1dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBBFAvVrfIoS%2B93j2WFnEaPmCTEuvRN9Ww8j71ZK8sAfA7ai6%2Fmd5KN6SRQFo73mPdMjJimBu7HGkdYsNbIYHVKM4CigPvoq9YDPX1mp47o8eGPTlgdqB73YatvXTNGgfQ%2BILQYtOun9Eh8jrTk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
72dce65088870a1a-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15
tshow
api.whizzco.com/dtracking/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.whizzco.com/dtracking/v1/tshow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c1dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, HEAD, OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72dce64f9eff0a1a-MIA
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=064u48TiXxXMK7UGtaCPNNg2%2B6vBsjVRVX9%2B1Wz4%2BopQofelgM9%2B7rNMcjaQA7hznfcC9n0uD841ML%2Bm3tAWRamanEnJ7WtlOO40nLbcEhB0buoCF7KHXJPUsiri7dMPvFPXzUHfqXaKCpX4ry4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.109.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-109-24.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 01:26:40 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
52321
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 29 Jun 2022 23:14:57 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
ohN.Ia8q4H3SKA9S.12ooUiZoNn.3Gnl
via
1.1 a65e9b4047452e76aa43b68828db2d7e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
JFK50-P3
content-type
application/javascript
x-amz-cf-id
IyM-a-HY7NaCjO2AO5M7BoaMaTVWWPJKLnnFWlWCgGVDBr4ZnJer7Q==
underdog
underdog.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://underdog.technoratimedia.com/openrtb/bids/underdog?src=prebid_prebid_6.21.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:40 GMT
server
nginx
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
trinity.json
apex.go.sonobi.com/ 		987 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2263c9d963af71726%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09999999999999999%7Cgpid%3Dreel-728x90%22%2C%22647a8006fb8a899%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09999999999999999%7Cgpid%3Dreel-728x90%22%2C%22658969f87461892%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09999999999999999%7Cgpid%3Dreel-728x90%22%2C%2266d9b6ae54be521%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09999999999999999%7Cgpid%3Dreel-728x90%22%2C%2267670fd86fa14c2%22%3A%229deebb29fccb6ed4404b%7C300x250%7Cf%3D0.16666666666666669%7Cgpid%3Dreel-300x250%22%2C%2268c3dd82fac957%22%3A%229deebb29fccb6ed4404b%7C300x250%7Cf%3D0.16666666666666669%7Cgpid%3Dreel-300x250%22%2C%2269b7460627281dd%22%3A%229deebb29fccb6ed4404b%7C300x250%7Cf%3D0.16666666666666669%7Cgpid%3Dreel-300x250%22%2C%22704275746ddd95a%22%3A%22076311570b44811073b6%7C%7Cf%3D3.344444444444444%7Cgpid%3Dreel-400x250%22%2C%22712edaa4fc911bf%22%3A%22cc4a74d908fc7d1eac48%7C%7Cf%3D3.344444444444444%7Cgpid%3Dreel-320x180%22%7D&ref=https%3A%2F%2Fwww.hawtcelebs.com%2F&s=97a4af58-0450-46e3-9b25-af7c0b0e7622&pv=7ad008a2-4660-4290-b417-50c718457257&vp=desktop&lib_name=prebid&lib_v=6.21.1&us=5&ius=0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22udmserve.net%22%2C%22sid%22%3A%222993%22%2C%22hp%22%3A1%2C%22rid%22%3A%2253dc946d-53c1-4152-9e00-4c975cc85a64%22%7D%5D%7D&coppa=0
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
b62c111248c0f1c634ec6f9ec89d920295b80b730d50ed982303f1f24eb68fc0
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-40
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-type
application/json
content-length
575
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
underdog
underdog.technoratimedia.com/openrtb/bids/ 		0
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://underdog.technoratimedia.com/openrtb/bids/underdog?src=prebid_prebid_6.21.1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
404713098
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		714 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b7e97bc42925b3851f43e93b3c9ba0c575805a3bb38796e3f552d3485289bb13
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 20 Jul 2022 15:58:40 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
139a97f8-42dc-41d4-a0c5-fe65de130d52
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.73.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-73-141.compute-1.amazonaws.com
Software
/
Resource Hash
939c234f0cfb4ab2fcc745c8e54be7f28c4539bd4435e3447f410c850110985f

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
content-encoding
gzip
x-prebid
pbs-java/1.94.0
content-type
application/json
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.73.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-73-141.compute-1.amazonaws.com
Software
/
Resource Hash
40fd340757592ac787d36a000dca4811970eda90286385ac4cdbe2680d305225

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
gzip
x-prebid
pbs-java/1.94.0
content-type
application/json
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.73.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-73-141.compute-1.amazonaws.com
Software
/
Resource Hash
e35826ea94105f6db9cbbe89d32755fe84706096c0bb22aca7954c024d40566c

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
content-encoding
gzip
x-prebid
pbs-java/1.94.0
content-type
application/json
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24042&site_id=403056&zone_id=2257012%3B2257012%3B2257012%3B2257012%3B2257008%3B2257008%3B2257008%3B2257008&size_id=2%3B2%3B2%3B2%3B15%3B15%3B15%3B15&p_pos=atf&rp_schain=1.0,1!udmserve.net,2993,1,53dc946d-53c1-4152-9e00-4c975cc85a64,,&rf=https%3A%2F%2Fwww.hawtcelebs.com%2F&tg_i.pbadslot=reel-728x90%3Breel-728x90%3Breel-728x90%3Breel-728x90%3Breel-300x250%3Breel-300x250%3Breel-300x250%3Breel-300x250&tk_flint=pbjs_lite_v6.21.1&x_source.tid=e481fb6d-5ab9-40b2-b5a2-ec99b14b77b7%3Be481fb6d-5ab9-40b2-b5a2-ec99b14b77b7%3Be481fb6d-5ab9-40b2-b5a2-ec99b14b77b7%3Be481fb6d-5ab9-40b2-b5a2-ec99b14b77b7%3Bad9d9c96-b159-49a0-9410-16c62274593f%3Bad9d9c96-b159-49a0-9410-16c62274593f%3Bad9d9c96-b159-49a0-9410-16c62274593f%3Bad9d9c96-b159-49a0-9410-16c62274593f&l_pb_bid_id=89d70439229d944%3B9016b53ff3e5f5%3B91e4c9324af0a88%3B922b3d53b2824e1%3B9342515d1b4ab62%3B9458f8ee6329a8d%3B950e532229f5382%3B96529c0c086fd62&p_screen_res=1600x1200&rp_floor=0.09574468085106383%3B0.09574468085106383%3B0.09574468085106383%3B0.09574468085106383%3B0.15957446808510642%3B0.15957446808510642%3B0.15957446808510642%3B0.15957446808510642&rp_secure=1&rp_hard_floor=0.09574468085106383%3B0.09574468085106383%3B0.09574468085106383%3B0.09574468085106383%3B0.15957446808510642%3B0.15957446808510642%3B0.15957446808510642%3B0.15957446808510642&rp_maxbids=1&p_gpid=reel-728x90%3Breel-728x90%3Breel-728x90%3Breel-728x90%3Breel-300x250%3Breel-300x250%3Breel-300x250%3Breel-300x250&slots=8&rand=0.14820903363823135
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::116 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
76adbc01770ed65f73492f91fd49a9d23d95b9150a5232f5786ea3a9fd51dfe7

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:40 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
376
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
bb7769f781e63da1d34bf82fa179835903731fe182444d4a590eab210eb00cfc

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
291c4797b461861fe7c412db352b67d6fca87718181b8b74deed785b72450055

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
45d432db9526422d366d431ebff572adfbcc807c69b2c819816e5eeaf7aa52f5

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
821f90e927cfe1be50462e648aa329841e4906b1a7540485f5f57e38ff698c42

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
018995f66b8ca6200d3390a9c9f93600b5520109bb08e0fc4f29cb6ec5010f68

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
111f013210ac23b4539631d459df481346d851b4b7e400795e1ec751aa5688d7

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
1160129e1a22359cca633d2aded338de98ac212ed619bf23fe92384124911771

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
77ee057f3fca99f15c3075a7e915fa24637f65268f1b1dd466a66da0b61fb0b1

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
9a9d5dafcdbe06ff13b1acb632ce67d229625cfd6963ff1072fc292c376202eb

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
3abbd2526eeec5664438974a7cf887b9a972fe61fa5cc1e5e99583ce6ff33b9e

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
21ee300bfd9885653093598704517de6f087604866b1b45d9225db6c3f83b6e2

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
7fb49699465bd0ad85d59b9cf0dd03558baef898d728b685aebe1e5e04630e6e

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
7d1c8babb03cfb8bba7dba9729e372ed5b7d74fb69d26bea0409b7f24dfa8bb0

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
47fafebd562058b4a4999265d22647fb2d871b5d7577eeb3c4c0d2fdb77d7df6

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
7a839f7f5541f448239ef91040d93699595e360ae2cddcdc1e663777de25a7aa

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e98e004596f9acb560d94b3cbdea79b5d82045f2c64917b01d10f7070cc47e2d

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
c
prebid.a-mo.net/a/ 		459 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
15874dbfec320c1219481122375b9fa26e41e5a647a18362c3e568eefc182e84

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:39 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
126
content-length
274
/
d.adroll.com/bid/prebid/ 		0
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/bid/prebid/
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.214.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-214-150.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:40 GMT
access-control-allow-credentials
true
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b44a2065d&cmd=bid&reserve=0.17441860465116282&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
1d8b18157b06b8e1728d355129fef62d1f6371bf73552e5a06546ed5db297aca

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9690ec017574ff17bd043f82f90029&cmd=bid&reserve=0.13953488372093023&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
532ba64228ebf97f389c08b77a8bd908076f9e20067aafa70b6270c841ccebb7

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
hb
ssc.33across.com/api/v1/ 		17 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dr5CFEKmGr7ikOrkHcnlKl
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
561804a862b5aaf9e01bd5570d1e6147debfc6820c95ed0250a7a2b45aff2fca

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
delivery.js
assets.revcontent.com/master/ 		153 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: cdn.whizzco.com
URL: https://cdn.whizzco.com/scripts/widget/widget_v3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
712c641e37b7088744d7e7617cbbf19cb50fa37114f4429aa64d075ca68af958

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 18:55:15 GMT
server
AmazonS3
x-amz-request-id
4ABJE75P8JAVSEKF
etag
"47e9b2663e680f75631a5a407788ab7c"
x-hw
1658332720.cds028.mi1.hn,1658332720.cds248.mi1.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
49938
x-amz-id-2
divppIW0ceSuBE1uS8E0PFEyyIi/FeVx6yK5ty0YgW3XaNQ6PXmDSa/ur2ll9W5W9V16vBQWzJg=
tshow
api.whizzco.com/dtracking/v1/ 		15 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.whizzco.com/dtracking/v1/tshow
Requested by
Host: cdn.whizzco.com
URL: https://cdn.whizzco.com/scripts/widget/widget_v3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c1dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J13AuInF0Gq3oWR9nmm6Ny%2B97YD0NDctxaSEYlD1hGeiN%2BzeSgzNapUrtYidoaH3atR9IT2gqJAd%2BJDZUp2dHQaGW2%2BPhJc3L%2BaVcTLGwta67efu9My8EKkFZBIbmL6XbvZ3hSCD0dbbHYTScPs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
72dce650a8cd0a1a-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15
tshow
api.whizzco.com/dtracking/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.whizzco.com/dtracking/v1/tshow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:c1dd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET, POST, HEAD, OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
1800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72dce64fcf310a1a-MIA
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rN80FXrqGdDanNg076tjXQ3qY%2BOV%2BdHBpr%2FVWBols9q3ZalRXsp1QqdSBSlXKAUceKw%2Fz1%2Fk40VMG28Gd3HD3W6fLk8Ja%2BQEsxztM1i5y8ijlqU3nOI8W2jQjnLoHrxhurVvZR%2F%2BQp4%2Fht4V1kk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
collect
stats.g.doubleclick.net/j/ 		2 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-10995097-8&cid=837706208.1658332718&jid=1777654531&gjid=116901715&_gid=1251686778.1658332720&_u=YAhAAUAAAAAAAC~&z=748625031
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 20 Jul 2022 15:58:40 GMT
content-type
text/plain
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
e.dtscout.com/e/ 		8 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?1890596&@f16&@g1&@h1&@i1&@j1658332720299&@k0&@l1&@mHawtCelebs%20%E2%80%93%20Latest%20Celebrities%20Pictures&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-53772000&@b3:1658332720&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.hawtcelebs.com%2F&@w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
158.69.139.238 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ip238.ip-158-69-139.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
79371fa45ccdd4c78740113f0b95d06ca340f2935470fcbb1df0aa39b7ad9015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:40 GMT
X-T
1.285
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
close
X-S
mtl2
Expires
Wed, 20 Jul 2022 15:58:39 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.126.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-126-46.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2e59d2e46b3f5e4d48e78ce4e354b02833536d27766eaf0e1f0865267d6aa58

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 20 Jul 2022 06:44:58 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 16:25:49 GMT
server
AmazonS3
age
33223
etag
W/"c82c3c8af23ca79ed9a481ef89bd8286"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 7972cbd1699f1a8b6ef2e0b1fa50ca3e.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
EWR52-C3
x-amz-cf-id
uRm0kVeo9ckL6XW07yBIxjKB7QFQQgbBqpcF7Z3i8Skc8zNJor1riw==
/
t.dtscdn.com/widget/ 		0
406 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=4C3016583327209843EADB3AECDD644B&nid=0&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fwww.hawtcelebs.com%2F&r=
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.55.120.93 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:53:22 GMT
X-T
0.67
x-server
web3.ny1.dtscdn.com
Cache-Control
no-cache
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
Expires
Wed, 20 Jul 2022 15:53:21 GMT
e
a.dtssrv.com/ 		21 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.dtssrv.com/e?i=4C3016583327209843EADB3AECDD644B
Requested by
Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:dc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1039ca16a0188fb2c0b4ceb185e439b68851b0502ae5fae129ec0b4266037e4d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AX5YM2089DY4tRFjWQjakAwJZgLs%2F0m5edKtguDE59qBOIMub%2F0T4uh989Q9NHDzzV6wILpHToUTi1e75duTXSZi1i6%2FCaUCFdXcqG%2BgzfDZcLGYNcfrTBd1srNmB2WHXFO%2FMScZ4uE5hgw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
s-maxage=0
access-control-allow-credentials
true
cf-ray
72dce650be98030e-MIA
expires
Wed, 20 Jul 2022 17:58:40 GMT
match
ps.eyeota.net/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=4C3016583327209843EADB3AECDD644B
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
  • https://pixel.onaudience.com/?partner=147&mapped=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&icm&gdpr=0&gdpr_consent=&cver
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=cd2175c102830f52/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=23b3b44991744da7949e4f4ef5c970c5&gdpr=0
  • https://pixel.onaudience.com/?partner=236&icm&cver&gdpr=0&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D0%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m
  • https://ps.eyeota.net/pixel?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=f63871517374122b
  • https://ps.eyeota.net/pixel/bounce/?gdpr=0&gdpr_consent=&pid=3b2cb90&t=gif&uid=f63871517374122b
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnFzZ1BFVzBoSUd1UmN5NW5zSG1yXzZHZWNwTXlKZy1QRlRubnVaeG4xMTA&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESENyfHxS6kN4Ej61QN2qj_mE&google_cver=1
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESENyfHxS6kN4Ej61QN2qj_mE&google_cver=1
Protocol
HTTP/1.1
Server
3.233.22.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-22-19.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:42 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=3b2cb90&google_gid=CAESENyfHxS6kN4Ej61QN2qj_mE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
geoip
apis.cmp.quantcast.com/ 		49 B
153 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.cmp.quantcast.com/geoip
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.hawtcelebs.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.4.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-4-79.compute-1.amazonaws.com
Software
/
Resource Hash
1ea50329b826918b0b803777e2f5ac48a3570aa1f9c06bc92b6a1731ae37654a

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 20 Jul 2022 15:58:40 GMT
content-length
49
content-type
application/json; charset=utf-8
t.dhj
t.sharethis.com/1/d/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.86947768720819&stid=ZHoABWLYJjAAAAAIUHkGAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.17.240 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-17-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a771adb35e71a737f66b1301c31702f80cbc29924e9fc9f407ccc5985bbc239f
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:40 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1361
Expires
Wed, 20 Jul 2022 16:58:40 GMT
dtscout
pd.sharethis.com/pd/ 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&event_source=dtscout&rnd=0.86947768720819&exptid=ZHoABWLYJjAAAAAIUHkGAw%3D%3D&fcmp=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.122.191 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-122-191.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:40 GMT
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ Frame C97A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022071401&jk=1722149225813891&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
img.fetch
udmserve.net/udm/ Frame 7FB9 		0
687 B 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=7;p=1;rri=1658332717380_753048_38.132.118.68;mid=43264;zzz=1;version=v2.13.7-confiant;cb=0.8451975990707119;session=1;style=slider;vis=visible;traffic_info=%7B%7D;;radid=1658332717380_753048_38.132.118.68
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:40 GMT
Expires
-1d
Connection
Keep-Alive
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Length
0
Content-Type
application/x-javascript
edge-logo-white.png
bid.underdog.media/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bid.underdog.media/edge-logo-white.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2162:8e00:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d443235c5040b9e5a2461f69bcef0930f5820c356830bb0c59a4953d16f8a59e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 07:01:34 GMT
via
1.1 4a7ef8cbf68469938b3b0dd42dbc4de8.cloudfront.net (CloudFront)
last-modified
Tue, 17 Nov 2020 21:08:31 GMT
server
AmazonS3
age
1846627
etag
"876f68d4ff152e17573c3a8f3cc1a580"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
x-amz-cf-pop
EWR52-C3
accept-ranges
bytes
content-length
15804
x-amz-cf-id
ZlrJcaMmE-kkFPt9yoqQrWx1KINaMUePdSdraD7RuGxz-FroeemdUA==
config
c.amazon-adsystem.com/cdn/prod/ 		0
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.hawtcelebs.com&pubid=9cf0c4f1-7630-476b-9141-f4472e005192
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.109.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-109-24.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 14:29:28 GMT
via
1.1 749177a97cae42477f22c33c927ca0ce.cloudfront.net (CloudFront)
server
Server
age
5351
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
JFK50-P3
x-amz-cf-id
9dhXOcA1E_dWb7ou_nR9yPPgsaX58uJOTnPBuOwF-WHzcZ1_l-BBHA==
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220720
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fe4c804a20b8c333014cfa14370d529406baa39ce3d80bf03398f63fe29f722
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3461
x-jsd-version
1.0.1407
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19150-FRA, cache-iad-kiad7000023-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66a-RrIZ3BgdiZbd+gYTQL0yHX71+xo"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7i51bGGznHhnRz6ES4dKhtaAKEAvcULBYB3VmxrHg6yZAvDynoJFRyZj92Rn5w7PZJaTh8eOXy0484%2Bq%2BYcPXUmxayjmHiyRBDIJF5wzRy4DVn4%2FKgI7FQS2SLoM7BrZP5rGbQZxYBT%2FI56Yc6Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
72dce6512cdcb3da-MIA
access-control-expose-headers
*
p
ic.tynt.com/b/ 		35 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=w!a9etg89wet&lm=0&ts=1658332720742&dn=TC&iso=0&t=HawtCelebs%20%E2%80%93%20Latest%20Celebrities%20Pictures
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
etag
"4bc8846c-23"
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges
bytes
content-type
image/gif
content-length
35
server
nginx/1.16.1
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
bid
c.amazon-adsystem.com/e/dtb/ 		187 B
659 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.hawtcelebs.com%2F&pid=g95TCzhgOhGcR&cb=0&ws=1600x1200&v=8.1.0&t=1000&slots=%5B%7B%22sd%22%3A%22vi_7872651_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_7872651_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C63%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.109.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-109-24.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
e9d4ea9a68849273c2928009596af50cb978ffcb3fcb10792566eabf37428b56
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
via
1.1 749177a97cae42477f22c33c927ca0ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
x-amz-rid
DSHB3VQHSPEV7B501JZ9
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
187
x-amz-cf-id
DYZaZkw7hCLTDyK_NTC6Ci2WV7sKix_EHNNVA60xNfsPF7bwDFpN4g==
geoip
apis.cmp.quantcast.com/ 		49 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.cmp.quantcast.com/geoip
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.hawtcelebs.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.4.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-4-79.compute-1.amazonaws.com
Software
/
Resource Hash
1ea50329b826918b0b803777e2f5ac48a3570aa1f9c06bc92b6a1731ae37654a

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 20 Jul 2022 15:58:40 GMT
content-length
49
content-type
application/json; charset=utf-8
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzdNMZAZZqqZ-ZPyB-PPMT-MArK-APeeTayPyUZtRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNKYUZTRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpbi6QK4qgWK8OKX7kUk%2FD0H07gq%2F%2FGcM3JG5Y6uA1jw7twOzcsM%2BRQpo43FUtX%2FYwwg%2F5PSdgU3s4XqEeuJ%2Bcwow9izJp0f2%2FOGN8W6sdPWxMFw97rxy8OhGBNYv8LpF%2Flog5tCS98opZeuQVMnhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce6515dea9ae3-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzdNKZBrATZa-eAeB-PUUU-MrMa-UMYaeqqKKqTaRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNKYUZTRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2BBBP%2F%2BdP%2BPVbR5UE8pJNJ7LvK52vA5e25i3orslu7%2BtaunqwiwbDDPjGjCL3fAjU9jopO0h8MDZd9o0C5lscRu4bcFin1EZEJzVWI3QWI8Mz2%2FZTM2a%2FYMXj%2F8FS3dTK0sGCQoSjRMTqGN7qutsQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce6515dee9ae3-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
bid
c.amazon-adsystem.com/e/dtb/ 		187 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.hawtcelebs.com%2F&pid=g95TCzhgOhGcR&cb=1&ws=1600x1200&v=8.1.0&t=1000&slots=%5B%7B%22sd%22%3A%22vi_78390_1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C63%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.109.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-109-24.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
8b156d86773c2ca2990249a70041071531e3bad16f48a19d89cfde330ca8609c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
via
1.1 749177a97cae42477f22c33c927ca0ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
x-amz-rid
FRBR42SR5SPBFZAY05WE
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
187
x-amz-cf-id
r34aHWNZawJ1cveP2RU7SbKmrB6qvdx67SS8qls9Y3GPA8UL_p66Mw==
1572962830.jpg
assets.vlitag.com/widget/2019/11/05/ 		192 KB
192 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2019/11/05/1572962830.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1d79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2033187
cf-polished
degrade=85, origSize=227959, status=webp_bigger
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
196267
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Tue, 05 Nov 2019 14:07:11 GMT
server
cloudflare
etag
"5dc1820f-37a77"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Sun, 22 Jan 2023 15:58:40 GMT
cache-control
public, max-age=16070400
accept-ranges
bytes
cf-ray
72dce6516fc7b3e3-MIA
cf-bgj
imgq:85,h2pri
1596163502.jpg
assets.vlitag.com/widget/2020/07/30/ 		104 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2020/07/30/1596163502.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1d79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
454451
cf-polished
qual=85, origFmt=jpeg, origSize=140376
content-disposition
inline; filename="1596163502.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
106784
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Fri, 31 Jul 2020 02:45:02 GMT
server
cloudflare
etag
"5f2385ae-22458"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Sun, 22 Jan 2023 15:58:40 GMT
cache-control
public, max-age=16070400
accept-ranges
bytes
cf-ray
72dce6516fc5b3e3-MIA
cf-bgj
imgq:85,h2pri
1648753746.png
assets.vlitag.com/widget/2022/03/31/ 		141 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2022/03/31/1648753746.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1d79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4eb2060150d9fc24ee035cb939a77e9d386616cbb36979dce9cf9276492e1ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
103834
cf-polished
origFmt=png, origSize=241444
content-disposition
inline; filename="1648753746.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
144498
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Thu, 31 Mar 2022 19:09:07 GMT
server
cloudflare
etag
"6245fc53-3af24"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Sun, 22 Jan 2023 15:58:40 GMT
cache-control
public, max-age=16070400
accept-ranges
bytes
cf-ray
72dce6516fc3b3e3-MIA
cf-bgj
imgq:85,h2pri
1648753124.png
assets.vlitag.com/widget/2022/03/31/ 		395 KB
396 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2022/03/31/1648753124.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1d79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49250ed8e3698633fe130e218b05ca9f44a8acb04833bd280c2ad570ffcc3cf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
38725
cf-polished
origFmt=png, origSize=658743
content-disposition
inline; filename="1648753124.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
404536
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Thu, 31 Mar 2022 18:58:44 GMT
server
cloudflare
etag
"6245f9e4-a0d37"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Sun, 22 Jan 2023 15:58:40 GMT
cache-control
public, max-age=16070400
accept-ranges
bytes
cf-ray
72dce6516fc4b3e3-MIA
cf-bgj
imgq:85,h2pri
1592801729.jpg
assets.vlitag.com/widget/2020/06/22/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2020/06/22/1592801729.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1d79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
109920
cf-polished
qual=85, origFmt=jpeg, origSize=103053
content-disposition
inline; filename="1592801729.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75514
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Mon, 22 Jun 2020 04:55:29 GMT
server
cloudflare
etag
"5ef039c1-1928d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Sun, 22 Jan 2023 15:58:40 GMT
cache-control
public, max-age=16070400
accept-ranges
bytes
cf-ray
72dce6516fc1b3e3-MIA
cf-bgj
imgq:85,h2pri
1572962870.jpg
assets.vlitag.com/widget/2019/11/05/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/widget/2019/11/05/1572962870.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1d79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
465800
cf-polished
qual=85, origFmt=jpeg, origSize=151033
content-disposition
inline; filename="1572962870.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
109336
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Tue, 05 Nov 2019 14:07:50 GMT
server
cloudflare
etag
"5dc18236-24df9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Sun, 22 Jan 2023 15:58:40 GMT
cache-control
public, max-age=16070400
accept-ranges
bytes
cf-ray
72dce6516fc0b3e3-MIA
cf-bgj
imgq:85,h2pri
geoip
apis.cmp.quantcast.com/ 		49 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apis.cmp.quantcast.com/geoip
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.hawtcelebs.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.4.79 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-4-79.compute-1.amazonaws.com
Software
/
Resource Hash
1ea50329b826918b0b803777e2f5ac48a3570aa1f9c06bc92b6a1731ae37654a

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 20 Jul 2022 15:58:40 GMT
content-length
49
content-type
application/json; charset=utf-8
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzdNTKByYMUq-reTy-Prqr-qyAT-PrreUZUawTMaRdzNwqfftkRlmNBAAbYZARwlNqdqmgfRkjmNBAAbYZARrdzNqdqmgfRwkjNARmNBaARleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pIESxe%2F7JgE3PVELMAd5JwL%2Fu2E2Z9FCiasapKc29wInxdfbMPRJRO%2BibMWT8NtvesWVJq4pNNTQhDBrzT6%2B%2BfFZGXZOy9zDg6J5BhvacJ%2FQxBHuNQWFjgaPj%2F%2F2KMWnSsF5CnlDHhUGgGN24Rv0tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce6515df49ae3-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
generate_204
tpc.googlesyndication.com/ Frame 82D2 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?WbZPug
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
videoplayback
r4---sn-hp57kn6y.googlevideo.com/
Redirect Chain
  • https://media.vlitag.com/vid/?id=aOSRX0RXaas&t=y
  • https://redirector.googlevideo.com/videoplayback?expire=1658343349&ei=VfvXYo-5DcSDkwaF_JzICA&ip=184.164.141.146&id=o-AHrELxchHiFlErI4eaNnd2bsJjLk4QeyRzuhfJvTK_S1&itag=134&aitags=133%2C134%2C135%2C1...
  • https://r4---sn-hp57kn6y.googlevideo.com/videoplayback?expire=1658343349&ei=VfvXYo-5DcSDkwaF_JzICA&ip=184.164.141.146&id=o-AHrELxchHiFlErI4eaNnd2bsJjLk4QeyRzuhfJvTK_S1&itag=134&aitags=133%2C134%2C1...
0
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r4---sn-hp57kn6y.googlevideo.com/videoplayback?expire=1658343349&ei=VfvXYo-5DcSDkwaF_JzICA&ip=184.164.141.146&id=o-AHrELxchHiFlErI4eaNnd2bsJjLk4QeyRzuhfJvTK_S1&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=lT-KhqPUij1E8NlmMGO9fJMEdaF_0Ds&vprv=1&mime=video%2Fmp4&ns=dnA96sftmSBK2UloVbRmZqkH&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=1GQdZHesJ6hp7xH3&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALuF4x1h7d71QFXRwiBaZvZGsfZ3EviBfRd7O1EbPdi9AiBwiFgW3btblgEZTYPM7JKhiGIj6WedDcxJA5LfDkQrmQ%3D%3D&cms_redirect=yes&mh=3a&mip=2001:550:1d05:1::12&mm=31&mn=sn-hp57kn6y&ms=au&mt=1658332394&mv=m&mvi=4&pl=48&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgVh5vtu3b1oyEB263fQjmMrt-62zQ6v7kpNKRuhawto0CIE6OY1mcmGyyURN58ozvGyK47TdDOIV6gQbht37csApQ
Protocol
H3
Server
2607:f8b0:4021:7::9 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r4---sn-hp57kn6y.googlevideo.com/videoplayback?expire=1658343349&ei=VfvXYo-5DcSDkwaF_JzICA&ip=184.164.141.146&id=o-AHrELxchHiFlErI4eaNnd2bsJjLk4QeyRzuhfJvTK_S1&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=lT-KhqPUij1E8NlmMGO9fJMEdaF_0Ds&vprv=1&mime=video%2Fmp4&ns=dnA96sftmSBK2UloVbRmZqkH&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=1GQdZHesJ6hp7xH3&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALuF4x1h7d71QFXRwiBaZvZGsfZ3EviBfRd7O1EbPdi9AiBwiFgW3btblgEZTYPM7JKhiGIj6WedDcxJA5LfDkQrmQ%3D%3D&cms_redirect=yes&mh=3a&mip=2001:550:1d05:1::12&mm=31&mn=sn-hp57kn6y&ms=au&mt=1658332394&mv=m&mvi=4&pl=48&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgVh5vtu3b1oyEB263fQjmMrt-62zQ6v7kpNKRuhawto0CIE6OY1mcmGyyURN58ozvGyK47TdDOIV6gQbht37csApQ
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1307
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-10995097-8&cid=837706208.1658332718&jid=1777654531&_u=YAhAAUAAAAAAAC~&z=3745877
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 20 Jul 2022 15:58:41 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
289 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
193edc77bef9fe78df5a2e67b7d3dee9b0371b3a9db2fa1552daf20af4f59424

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
server
ATS/9.1.0.46
age
1
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
cdb
bidder.criteo.com/ 		18 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.2.0&cb=54739477072
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
v1
btlr.sharethrough.com/universal/ 		766 B
966 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.193.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-193-118.compute-1.amazonaws.com
Software
/
Resource Hash
66584fed865f49b6295682617de442504a13e1f800abcab2cc8faca87765cebc

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 20 Jul 2022 15:58:41 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
484
prebid
ib.adnxs.com/ut/v3/ 		248 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8d3ba0dfb90ce66e1bf8d1d96543835d5437169c496ba80a0ea637b59284a1c7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:40 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f1873ea0-1153-4e2c-8b8e-867ca80f7c13
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
248
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
useast.quantumdex.io/auction/ 		0
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
72dce6521f2c6dc7-MIA
unruly_prebid
targeting.unrulymedia.com/ 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		459 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
15874dbfec320c1219481122375b9fa26e41e5a647a18362c3e568eefc182e84

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
102
content-length
274
auction
tlx.3lift.com/header/ 		19 B
508 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.2.0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&tmax=1000&us_privacy=1---
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.229.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-229-211.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
accept-ch
sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
ROS
pbjs.e-planning.net/hb/1/2c995/1/www.hawtcelebs.com/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ROS?rnd=0.39745589516073365&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=7.2.0&ncb=1&vs=FF&crs=UT...
  • https://pbjs.e-planning.net/hb/1/2c995/1/www.hawtcelebs.com/ROS?ct=1&r=pbjs&rnd=0.39745589516073365&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=7.2.0&ncb=1&vs...
432 B
849 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2c995/1/www.hawtcelebs.com/ROS?ct=1&r=pbjs&rnd=0.39745589516073365&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=7.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&ccpa=1---&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522hawtcelebs.com%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522gwqtxekeva_xon21058336769654%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=3e454c00-a647-473c-8fb6-cfd95d428962
Protocol
H2
Server
172.98.26.125 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
2992739582d1128d83dbc9e7e5bb31db0cde5ddcc0d74b23b2fc8a2b86d0bc35

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.hawtcelebs.com
expires
Wed, 20 Jul 2022 15:58:41 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
432
x-sid
IAD-1216

Redirect headers

date
Wed, 20 Jul 2022 15:58:41 GMT
server
openresty
access-control-allow-origin
https://www.hawtcelebs.com
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2c995/1/www.hawtcelebs.com/ROS?ct=1&r=pbjs&rnd=0.39745589516073365&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=7.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&ccpa=1---&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522hawtcelebs.com%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522gwqtxekeva_xon21058336769654%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=3e454c00-a647-473c-8fb6-cfd95d428962
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
IAD-1216
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:41 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
267 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRmNKYUZTRzdNqKTaMMKK-eyBr-PByU-aBMt-atTBPqreKtYKRlmNKYMbaARdzNwqfftkRqxeNco_KMKYUZT_MRwkjNTRkjmNKYMbaARwlNnqiggllh,ekoztg,liqktzikgxui,qhhftbxl,jxqfzxdrtb,xfkxsn,qdb,zkohstsoyz,thsqffofu,kzwigxltRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dEKWQ3Emsmn9t8ZQPuMB1avlHZSmRJ0Q23ESVwg0qlApU2OCDhU%2FDQugFryvX291lIgh1UXIVa4Twswc0QxHdthlQNJUwxwx3XQ5eBo0%2Fg2oR7Uiaim1QaFFRnNw1jKErrcEKuR31iIcmaRyej9fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce651aedf9ae3-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRmNKYUZTRzdNBYPTqYYK-KPyT-PZBw-qAUw-UqYAaAwBAAqrRlmNaKAbaARdzNwqfftkRqxeNco_KMKYUZT_KRwkjNTRkjmNaKAbaARwlNqhhftbxl,jxqfzxdrtb,qdb,zkohstsoyz,thsqffofu,kzwigxltRleNpl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZKNNlSRFpmLtv8qaSo7UZa5n6ynehGXQ0MALcsuPOD%2B7xbXOJCnqefgh3Ll96vIGqqEn7kUb%2FovNs%2F1%2FZcp28QCmKz3bop23LUBLvap%2F7ombrYtbbM5RaCyAif2QogFbUx3NMJo4g9vaOSf9Tgbhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce651aee29ae3-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ 		199 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.60.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-212.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5eb141717f51c44f96058d241cfd4183c21632385e0b9fa1163ca9d8f7f606d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
content-encoding
gzip
last-modified
Fri, 08 Jul 2022 20:07:19 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=86174
accept-ranges
bytes
content-type
application/javascript
content-length
62062
expires
Thu, 21 Jul 2022 15:54:55 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
server
ATS/9.1.0.46
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 20 Jul 2022 15:58:41 GMT
/
colossusssp.com/ 		2 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.111.123 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.hawtcelebs.com
Date
Wed, 20 Jul 2022 15:58:41 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
prebid
ib.adnxs.com/ut/v3/ 		139 B
988 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c45a131d246c40d6b1222edda96c89b6c156af22eb77e0baa5ce4b0d4abc26f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:40 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
6b7b4f60-0fbc-4c74-8619-c4034266bf65
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
139
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:41 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
9cafff4e0fc9eaa5d9ca9185c6c53fe8cfce7272d7c0fd57de72a27c513ef111

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
unruly_prebid
targeting.unrulymedia.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		459 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
15874dbfec320c1219481122375b9fa26e41e5a647a18362c3e568eefc182e84

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
101
content-length
274
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
43ab813eff7b800c276a9d7566d5dddfb56295e6c825ce2be2e73657e080fd92
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:41 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
d6dd602a-6d00-42e0-93f1-37b10c01b055
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ROS
pbjs.e-planning.net/hb/1/2c995/1/www.hawtcelebs.com/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ROS?rnd=0.39745589516073365&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=7.2.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%...
  • https://pbjs.e-planning.net/hb/1/2c995/1/www.hawtcelebs.com/ROS?ct=1&r=pbjs&rnd=0.39745589516073365&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=7.2.0&ncb=1&vs=F&crs=UTF-8&fr=ht...
416 B
833 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2c995/1/www.hawtcelebs.com/ROS?ct=1&r=pbjs&rnd=0.39745589516073365&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=7.2.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&ccpa=1---&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522hawtcelebs.com%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522gwqtxekeva_xon21058336769654%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=3e454c00-a647-473c-8fb6-cfd95d428962
Protocol
H2
Server
172.98.26.125 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
2e6d2f3c96455e33110ac4ee9d19f6c7bf6dfe46fa80250f30a4be1c00611407

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.hawtcelebs.com
expires
Wed, 20 Jul 2022 15:58:41 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
416
x-sid
IAD-1216

Redirect headers

date
Wed, 20 Jul 2022 15:58:41 GMT
server
openresty
access-control-allow-origin
https://www.hawtcelebs.com
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2c995/1/www.hawtcelebs.com/ROS?ct=1&r=pbjs&rnd=0.39745589516073365&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=7.2.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&ccpa=1---&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522hawtcelebs.com%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522gwqtxekeva_xon21058336769654%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=3e454c00-a647-473c-8fb6-cfd95d428962
access-control-allow-credentials
true
content-type
text/html; charset=iso-8859-1
x-sid
IAD-1216
v1
btlr.sharethrough.com/universal/ 		694 B
949 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.193.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-193-118.compute-1.amazonaws.com
Software
/
Resource Hash
d68041a6277f299fffb0599b9ad770df15db1143829fdb11b22c799144b81e11

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 20 Jul 2022 15:58:41 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
467
auction
tlx.3lift.com/header/ 		19 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.2.0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&tmax=1000&us_privacy=1---
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.229.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-229-211.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
accept-ch
sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
/
prebid.smilewanted.com/ 		0
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
72dce65279d69aba-MIA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
header
hb.aralego.com/ 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-772A2DB77778DAD8029A88BA72B224B&tdid=&schain=&eids=&pubProvidedId=%5Bobject%20Object%5D&pubcid=3e454c00-a647-473c-8fb6-cfd95d428962&u=https%3A%2F%2Fwww.hawtcelebs.com%2F&host=www.hawtcelebs.com&xr=0&w=300&h=250&usprivacy=1---
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 West Mifflin, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.hawtcelebs.com
Date
Wed, 20 Jul 2022 15:58:41 GMT
Access-Control-Allow-Credentials
true
Connection
close
cdb
bidder.criteo.com/ 		18 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.2.0&cb=32987960687
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
pbjs
useast.quantumdex.io/auction/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
72dce6521f2e6dc7-MIA
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRmNBaARzdNYTraZrrY-wtrr-PZZZ-qTUK-aaPtrwyMMAraRlmNBAAbYZARdzNwqfftkRqxeNco_KMBaA_TRwkjNTRkjmNBAAbYZARwlNegsgllxlllh,qhhftbxl,kzwigxlt,nqiggllh,xfkxsn,qdb,gyzdtroq,thsqffofu,liqktzikgxui,zkohstsoyz,ldostvqfztr,xeyxffts,ekoztg,jxqfzxdrtbRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7FVeu2LZaTV8RQaHB5bG4SmawaQLzHUg0%2FMzmuFWO1SPPtB236bvE8acTB8LPEcZsHCAFvlEGrg%2FeU0ptzmj8uvMiruegRE%2Bj25JH4Lseah9B6upAUrFH9GnqA%2FiJ3r4iW55X0H7S%2BFNa5wkweSeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce6523d089acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
14975484333070182
decide.dev/lad/ Frame EF41 		62 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://decide.dev/lad/14975484333070182?pubid=ld-3479-2787&pubo=https%3A%2F%2Fwww.hawtcelebs.com&rid=&width=160
Requested by
Host: cdn2.decide.dev
URL: https://cdn2.decide.dev/_js/ajs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.139.129 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
129.139.149.34.bc.googleusercontent.com
Software
/
Resource Hash
c20b1655f6bd97382e802009ef8c44e6869e56b9df00b2e048877bf7a557e94a

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, max-age=0, must-revalidate, no-store
content-encoding
gzip
content-length
20081
content-type
text/html; charset=utf-8
date
Wed, 20 Jul 2022 15:58:41 GMT
via
1.1 google
/
t.dtscdn.com/widget/ 		0
407 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=4C3016583327209843EADB3AECDD644B&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fwww.hawtcelebs.com%2F&r=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.55.120.93 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 16:06:05 GMT
X-T
0.92
x-server
web13.ny1.dtscdn.com
Cache-Control
no-cache
Content-Type
application/javascript; charset=UTF-8
Transfer-Encoding
chunked
Expires
Wed, 20 Jul 2022 16:06:04 GMT
e
a.dtssrv.com/ 		21 B
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.dtssrv.com/e?i=4C3016583327209843EADB3AECDD644B
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::ac43:dc33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61882128b488e476b0a26afa14e818e3f39775b715f139653e23345613071dda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAme7X7T2k8yG6uHnDq%2FribXWBRKX3PYOH4GX2CR7DrZD1iu2wn84EtjxObnFzivsT23TVLMTwcqN3GrB8gt8tAb8M3jkCXcmHJDgMkHkVOPmk9jsOJCM70jIl0cxrrTUe0%2BmIiIWb4NU7c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
s-maxage=0
access-control-allow-credentials
true
cf-ray
72dce6525f140329-MIA
expires
Wed, 20 Jul 2022 17:58:41 GMT
dtscout
pd.sharethis.com/pd/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/dtscout
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.122.191 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-122-191.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
208d4378ed7130ef069bc8656c21423ffd06c1aafb2e708584b0fbae4420622c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:40 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
transfer-encoding
chunked
Content-Type
application/javascript
afwu.js
cdn.tynt.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/afwu.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cde22d0deb6b245505ad6283394dc8af651c841b4dc18ae22846bb489de32c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 28 Jun 2022 14:45:43 GMT
server
cloudflare
age
90766
etag
W/"62bb1417-2a93"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
72dce652188b67bd-MIA
expires
Sat, 23 Jul 2022 15:58:40 GMT
tpid=4C3016583327209843EADB3AECDD644B
bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=4C3016583327209843EADB3AECDD644B
  • https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=4C3016583327209843EADB3AECDD644B
49 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=4C3016583327209843EADB3AECDD644B
Protocol
H2
Server
52.73.102.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-102-235.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.44.237
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=4C3016583327209843EADB3AECDD644B
cache-control
no-cache
x-server
10.40.46.93
content-length
0
expires
0
optimus_rules.json
tags.crwdcntrl.net/lt/c/3825/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.126.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-126-46.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Jul 2022 15:56:57 GMT
content-encoding
gzip
age
105
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 19 Jul 2022 16:25:49 GMT
server
AmazonS3
etag
W/"6db43f44304c37d76768275ee4f01ba4"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
via
1.1 9c1dd3a19b345bbdabc718a69ac89c3c.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
EWR52-C3
x-amz-cf-id
n-gvh3qIRXbuKpDuFuZY7iTveGW_M5N5h4DuCxYebLNah0HLfuhD1Q==
v2
de.tynt.com/deb/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=w!a9etg89wet~wu!&dn=TC&cc=1&r=&us_privacy=1---
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
b666d5f775c9ba0aa22fc85a1a7829dfd03042f29103cfb53ce815ea9de07080

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
1411
expires
Sat, 26 Jul 1997 05:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 0362
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-sharethrough_n-LoopMe_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_smrt_cnv_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-sharethrough_n-LoopMe_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_smrt_cnv_3lift&dcc=t
339 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-sharethrough_n-LoopMe_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_smrt_cnv_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c8a1d73c0c379a65e2633ab420a8736eb7ebe46171dbeee5d03fecf506f8b5d5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
339
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 20 Jul 2022 15:58:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
H7X4Z55PQ9PRDF2MWJD7

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Jul 2022 15:58:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-sharethrough_n-LoopMe_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_smrt_cnv_3lift&dcc=t
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
0TE9VAX6ZQCZWY19Z7A6
t_.htm
t.sharethis.com/a/ Frame DD19 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1004.23341&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.86947768720819&stid=ZHoABWLYJjAAAAAIUHkGAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.17.240 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-17-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Wed, 20 Jul 2022 15:58:41 GMT
Expires
Wed, 27 Jul 2022 15:58:41 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
v2
de.tynt.com/deb/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=w!a9etg89wet~wu!&dn=AFWU&cc=2&r=
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
3eb1e17058a518b1e111dda1164d63480f84a03ba15f1898eac4b36a9b7f8791

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:40 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
1046
expires
Sat, 26 Jul 1997 05:00:00 GMT
t.dhj
t.sharethis.com/1/d/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.3364247300669725&stid=ZHoABWLYJjAAAAAIUHkGAw%3D%3D
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/dtscout
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.17.240 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-17-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a771adb35e71a737f66b1301c31702f80cbc29924e9fc9f407ccc5985bbc239f
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:41 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
application/javascript
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
1361
Expires
Wed, 20 Jul 2022 16:58:41 GMT
dtscout
pd.sharethis.com/pd/ 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pd.sharethis.com/pd/dtscout?_t_=px&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&event_source=dtscout&rnd=0.3364247300669725&exptid=ZHoABWLYJjAAAAAIUHkGAw%3D%3D&fcmp=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.122.191 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-122-191.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:41 GMT
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
image/gif
t_.js
t.sharethis.com/1.1004.23341/a/US/ Frame 6517 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1.1004.23341/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1004.23341&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.17.240 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-17-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
176ff4118c06a15907655b533309bf79da619e09b4e4bdbda171ad6a320d8632
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1004.23341&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:41 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8802
Expires
Wed, 27 Jul 2022 15:58:41 GMT
t_.htm
t.sharethis.com/a/ Frame C142 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/a/t_.htm?ver=1.1004.23341&cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/1/d/t.dhj?cid=c010&cls=C&rnd=0.3364247300669725&stid=ZHoABWLYJjAAAAAIUHkGAw%3D%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.17.240 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-17-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=604800
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1160
Content-Type
text/html
Date
Wed, 20 Jul 2022 15:58:41 GMT
Expires
Wed, 27 Jul 2022 15:58:41 GMT
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
X-Robots-Tag
noindex, nofollow
53cde3c0b3770a6109854f7855f663244f6fc3d7ecd8b98c28af3ee08a8f58cb_small
cdn1.decide.dev/uploads/ Frame EF41 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.decide.dev/uploads/53cde3c0b3770a6109854f7855f663244f6fc3d7ecd8b98c28af3ee08a8f58cb_small
Requested by
Host: decide.dev
URL: https://decide.dev/lad/14975484333070182?pubid=ld-3479-2787&pubo=https%3A%2F%2Fwww.hawtcelebs.com&rid=&width=160
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:2400:9:d7ff:bd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
03ab021bf7592a701b5239b3bec197b355f6a97b23a0a89e26be9aadc55392ed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://decide.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 04:03:18 GMT
via
1.1 326fd0f07e6ce3b75fa751c6965f21c8.cloudfront.net (CloudFront)
last-modified
Mon, 28 Mar 2022 20:50:11 GMT
server
AmazonS3
age
42924
etag
"ff5c85f8d20aec8cebff7f31d421fb8a"
x-cache
Hit from cloudfront
x-amz-version-id
VazdYTfTEzJ6lhHgTdhzxaGf2uqbAW2Y
x-amz-cf-pop
EWR53-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
14161
x-amz-cf-id
R1PZRPnlj_a1gCLUfI0x1F6Z_F1GZRpfewdKDXtEn-Vfmt-oOfEJhQ==
19ff593d888d9229363e60fb81c0864ccd52feec27a3b6d753a1a2f0c5ceb8d4_small
cdn1.decide.dev/uploads/ Frame EF41 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.decide.dev/uploads/19ff593d888d9229363e60fb81c0864ccd52feec27a3b6d753a1a2f0c5ceb8d4_small
Requested by
Host: decide.dev
URL: https://decide.dev/lad/14975484333070182?pubid=ld-3479-2787&pubo=https%3A%2F%2Fwww.hawtcelebs.com&rid=&width=160
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:2400:9:d7ff:bd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e1c7b2eade6a07b161c6ca0124c8a02404bc34dfe468cb519219443f7eab960

Request headers

accept-language
en-US,en;q=0.9
Referer
https://decide.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 12:02:10 GMT
via
1.1 326fd0f07e6ce3b75fa751c6965f21c8.cloudfront.net (CloudFront)
last-modified
Thu, 26 May 2022 16:07:02 GMT
server
AmazonS3
age
14191
etag
"52650b515415b6658a75bc28d8dc800e"
x-cache
Hit from cloudfront
x-amz-version-id
riZKqaShywuVrcUTyHQV_YsRy8B1updm
x-amz-cf-pop
EWR53-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
23784
x-amz-cf-id
4dcCmonxQMo0ihEQzQA2S1pfe9CycE_eO5Q2qGZLfUyjFIoC5RXEaw==
3619cd0ab265b176408574534558b74d765737b6340257955107006ed7a4eeda_small
cdn1.decide.dev/uploads/ Frame EF41 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1.decide.dev/uploads/3619cd0ab265b176408574534558b74d765737b6340257955107006ed7a4eeda_small
Requested by
Host: decide.dev
URL: https://decide.dev/lad/14975484333070182?pubid=ld-3479-2787&pubo=https%3A%2F%2Fwww.hawtcelebs.com&rid=&width=160
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:2400:9:d7ff:bd00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e4750ab4269bbd4a010bb44391946cb8f98d0c019949ab7393c3e420666cff7f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://decide.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 12:04:54 GMT
via
1.1 326fd0f07e6ce3b75fa751c6965f21c8.cloudfront.net (CloudFront)
last-modified
Thu, 19 May 2022 16:53:54 GMT
server
AmazonS3
age
14028
etag
"2da26db23e43f769cbd56165cf4ea4ac"
x-cache
Hit from cloudfront
x-amz-version-id
rIkQfelDkeEI.Dt6_7EptZZDHNXQDBnt
x-amz-cf-pop
EWR53-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
12394
x-amz-cf-id
7XAFtE3XI5KrW-yY16bH-EEKxgFf2uDizosYKKT7u2acQVZPAnfG8g==
img.fetch
udmserve.net/udm/ Frame F910 		0
483 B 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=14863;tid=2;dt=7;p=1;rri=1658332720272_114644_38.132.118.68;mid=47859;zzz=%5B47859%2C1658332720%2C%22at5Qumv3CWShZ%2FgiFtMYEw%22%5D;version=v2.13.7-confiant;cb=0.7328291869422401;refresh=2;qqq=3.0303030303030303;style=reel;vis=visible;traffic_info=%7B%7D;
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:41 GMT
Expires
-1d
Connection
Keep-Alive
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Length
0
Content-Type
application/x-javascript
ab
nym1-ib.adnxs.com/ Frame F910 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&e=wqT_3QLyGPDtcgwAAAMA1gAFAQiwzOCWBhCck_KgtsC-6UAY7uT1xczg1fESKjYJXY2CORvI4T8RNtKWimH-2z8ZAAAAgBSuA0AhNtKWljii4D8pGsVyS6sh5T8xAAAA4HoU3j8wrOnHCzj_T0DRFEgCUPGg0KoBWPbImQFgAGjJ47kBeMW7BYABAYoBA1VTRJIBA1VTRJgBrAKgAfoBqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigKVAXVmKCdhJywgMzQzNDM0LCAxNjU4MzMyNzIwKTt1ZignaScsIDQ1NDkxMTEsIDE2NTgzMzI3MjApOwEdLGcnLCAxMjUyMzYwOEY7ADBzJywgMjY5MjM2MTgwRh8AMHInLCAzNTc4MzA3Njk2HwDwsJICqQ8hZjVRWEhnalFqcWNWRVBHZzBLb0JHQUFnOXNpWkFUQUFPQUJBQUVqUkZGQ3M2Y2NMV0FCZ19nRm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUUdvQVFHd0FRQzVBWU9PdVhHMHMtUV93UUhjQ3ZjSXJ5SGxQOGtCQUFBQUFBQUE4RF9aQVF6cVctWjBXZThfNEFIMzA1VUM5UUZHOEg0X21BSUFvQUlCdFFJQQEzCHZRSQEH8ItBd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNT0NJNzM4UnNRQVJnQ0xRQUFRRUNpQXc0SWp2ZnhHeEFMR0FJdEFBQkFRTG9EQ1U1WlRUSTZORGt5Tk9BRDZ5NkFCTjZubGdTSUJMajQxUWlRQkFHWUJBR3FCTWNIQ1BfX19fXwkFCHdFUQkJCQEIQVJqCQkFAQw4QklQBQkJAQh3RW8JCQkBCEFURAkJBQEIOEJPMiwABEZBBRcNAQRBVTZYAABVNiwAAFkNJwUBBEFXNlgAAGE2LAAAdwUlDQEEQVg2WAAIZ0FIDRoBAQg4Qmk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAADDBBR3NBkAAyOhgAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FMAfENAQH4NhAAHGtBTF9UNWdDDSEFAQhBYUE6EAA6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAARZQS4pAgxfQVlnNhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAAhZQUUlyQ0BCEFZZzYQAABaOiAAAFo6IAAAYTogAABhOiAAAGI6IAAAYjogAABjOiAAAGM6IAAAZDogAABkOiAAAGU6IAAAZTogAABmOiAAAGY6IAAIWUFGDfsFAQhBWWc2EAAAWjogAABaOiAAaGJJRUNnanlnLUlNRU43NGxnMjZCQm9JN1FnUqWtGEFBQTBEOFoBCA0BIGd6UC1hRHNFRQ0QFEEwRF9KQhENJEFBQTJBUUE4UVEBCwkB8D5JSUZId2p2cENVUUJSZ0JJZ05GVlZJcERPcGI1blJaN3o4eE9iVElkcjZmdWotSUJid21tQVhVNzdDQUFha0YJRRhBQThELXhCHVcId1FVERsISVFNCSgcd0VnOHp6X1IuKAAAMhUoaER3UC1BRjlJTUU4QVhZc1B3Ri1BV0steFNDQgWUPEtJQmdTUUJnR1lCZ0NoQmcRXyhBQXFBWUVzZ1lrQx2AAEUdDABHHQwASR0MOHVBWUuaAsUBIVJTS3VxdzqtByxQYkltUUVnQUNnQU0dNUxPZ2xPV1UweU9qUTVNalJBNnk1SjktADk1mQhBQUI9mQRCaBGvDDBEOXARDAxBQUJ4HQwQNEFJSUKqjQEESkERmPBMUEFf2ALFyQLgArrfTeoCG2h0dHBzOi8vd3d3Lmhhd3RjZWxlYnMuY29tL_ICEAoGQURWX0lEEgYzNDM0MzTyAhIKBkNQR19JRBIIMTIWEgkY8gISCgVDUAEnAAkiCAk48gINCghBRFZfRlJFURIBCRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4QEAoFSU8BYSAHNDU0OTExMfIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fCQgAMAiAMBkAMAmAMUoAMBqgMAwAOsAsgDANgDqfQu4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQNMzguMTMyLjExOC42OKgEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANIEDjI2NDEjTllNMjo0OTI02gQCCAHgBADwBPGg0KoBiAUBmAUAoAX______wEFuAGqBSRiYWRhMzkzZS0wZjViLTI3MWMtY2Y5OS01OGZhYjdlODczNGPABQDJBQAAAQIU8D_SBQkJAQoBAWzYBQHgBQHwBfcQ-gUECAAQAJAGAJgGALgGAMEGASAwAADwP9AGygnaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUgN3CzuHkAAyAfFuwXSBw0VdQE4CNoHBgknbOAHAOoHAggA8AesgYcDiggCEACVCAAAgD-YCAE.&s=50809e2bd05d72c5cfbdbdbdfb135ebe8bdb0f41&pp=0.437401
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c5ad6a4ef692126850d2b5edc80ee1fe55a1a0fdf936a34eed1e9b2c088c0417
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:41 GMT
Content-Encoding
gzip
X-Creative-ID
357830769
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f8436094-f88d-4376-88d0-909df15dc96c
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
imp
lbs-event.gcp.lineate-33x.net/ Frame F910 		68 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lbs-event.gcp.lineate-33x.net/imp?id=2fb98bb5-bfe2-4f0d-babc-1ad6b638483a&bidid=8617227614177133066&impid=138743630bfa751e&adid=2641_357830769&nurl=&randsalt=391031&auctionPrice=0.33&impression=AAAAAFTRGydwdgACAn1YW4ycZRnemT2PQCgaMFHJpoK2Zr7tdz6AuJRGwLQFlBKCMa7fsTt2T85OSwshwSYm2MSgxBjlyhPRNMZor7AXXhQvtPECGwmhegFNNApeYKOJNGp9vvmny4LKJDv__3_zHd7D8zzv-2_nBzd3vn9z5yZegrMhKBJK5kQWmkjwIRLmkw5aWGmFv-5aJqyRQgsaijeK5ff-5Ncvf2Nq7vzvf3vhO_Qj472V9U9dLew8E3yeMTuv7acH-9ce6S0v-11qns7teLC3mtYe3pi758Aco_P01jkMaHnr3FEtd87tXl9fzg_msLc32KWEmRd6bsfeuw_s39edW-4dynN35XhobefcnqX-2krexaiYp_OKaorj5Nz9vvh-b7QuXEcpU57iw4_JsOeh3bsf-vwU49Jy058SVDlnHxmf-VH7eGt85lLrRGvsqVZ7ZuZpfLVOtq5Z8g8PYl7OYWM-rq2cbs3285HFjSXfz-dbE9XuV1vtB-6_2Jrc3_MrvUut9p37jrcn6DxXJ9rTIxefarf40-1t9-X-xtqqX57bs7ayfniQ-99tT947WMr9k-22o6fav7jhwIHdi5lpqgtVJFEbiWTcEesFJzoWSYVmrLjUhfmcMdrV1ArLuoZybU23Lg9FOxGDJjRwSSRljgQmHInG-1hK8c7pZr7taqsYZcNlUaRUfMzExWSJlEmTYGCESdRFXrApTjM4Vdguo4ZRrZpH01z0cJeEHaPjjKih7dR7YkuwhPOcqk_CSd11jhqrhvMVM0kkb4mWLhGZuCFO-0g8ZUKI4AWGmok6yKCCJIlZRmQQAl6FRIDBLEuIzDs6nOgjhfExkZhdITAsEM-sJTYaGBeSjsY1cXLZOC8UkTkB415q4jmPpCjgIgabTApdxoRyUna148bKJlAZEZQwmbMES4RDfI1TJEZKMxUiCksRIa61tl2spaN1iGLWQTEiONVwtRhiuYdDxhSJc6yMTQxpwuqE8JWUcUBxmXidDPFWGZpK8jI0O1LBpODRE2lYgBuREctYIrw4GaXmmVrfZMUYJB9HJ2CCyGg5scgGsQLTZM4x-dREOVCYJANRyBbSZz0JMUYSlCxRhGgMdjTUgTrNxlRxxQ0jDOSCBUwS5xQnUWVnSwnSICvOGksraKx1pgFbSsFqpgVxBliR1DHiKCzPDhR2Cgu9aJIE5JfAOSlGGCK1Kkg7w521WotkYmZNNnnmqQhqSC7IvYwMLoosgMNULJJpaRTIohO8AZ60SDg3nvAMcMjgM4CaJNHcK1-MZ8bGLlAO22C54pQ265gKpmiIYqTBweOCdRn2ZRqVTJ45r0JzgFMiQfZqAEFDpsEELnPloi-cFhFdM9ELEyUtmiCquSYHFEySEvA8SKt8YDp0nRbagDnSIWrNk2rAqUZoBiG1i4V4o5Fio0AkGShRVioBTggbc7OOdeE347zrQFrkpa4WCvG1JoF8dEgaRiAWiIsuLBcZjZB5ODFziIIQmWSG2MmA2PmiJGHBYLlwFIFCmC2MaJzzkCznEJ8cES4fDQkwnbiAVOqUnBzJTw6acyoi4TojCgoR9q5yQGVECjWGeQ7Rcxroa6CaqZdMacIxAyb7UsMmEWQhTIke9BNIIOO0kUVkKSUZQJEqrZJDaUIBXnOU0QcLVGlAmyshRtBm0kMigU6bEBJlBAGKBElRlio2wHQjOFx7amTWJDpWJc8CopF7knweUlDpyhlBtVDNRY4AqEriIUBgq_0UchA49qdeAK6QJDEKoYA-QLgxMcoKJCWIz1X-kLKinM1XoAm_opWoFmCWrcIUhmBDgEy2wbCUPQQN9QTZAXYg7jVXxnEcZBXn3DaXJl45RRY5h1tag1CSQoWAcbjFRNUECDqrzDBsJLyWgee5li1RYCfKEbTAQ6GjRT0SwSQZIf3wC-XKWWkahqOFsDwWS0TE7hIzCfynVfIYTybgT3WdQFzZKI80QTcZKbGKnvGQUQ-GueypdAgA8xWBTjLTtcbpIV3ABz5E_yimSaAS4mQChkG3JCTWGoQKE1kUMsJU0ThXiyRiJUbLG1dZxE_RJqILxFGKgpRwVGhXpEqGVyw1SWYAqDbAjwJTcQ444CmkPCJG8MtYIcronCbqDLUA2mAIyjRyWBBJy6QhHLpQMkjnSgN_zEI1MFBq6VBNfCWiAEaL9vApJww3JqumqAC7NnEH5WQCcGYoPNBZT2ANDKkO0obhxmcWPCsEWwCXAF_tCBLYaEKWIaDfiCCikMzJqkC1BI2eqyKhEgoxGke_QKF5qqucdsg6aj91rluDinTYqvSQNLRusgGwLp6KgrBGlWq0QCdnIvJTyzSXyTKTAR0pGG8uotmkWW19zqjpDooODkD1AAyJnKLzQ-nVLCuRq4JQx2sxUmhGGvHL0XqeJVKTUP6lsop4RVE6PMfBUBNnm4kKmKIefQqtuo7aFokNiGYUnKH0OGbLqGqhb3FeZ6gXGirACxMTYghJ8ICiA2Wv9GqW8oDOI4Gj8NNq2Owhj9lwaENmKHFdRIvKJoscJqbEUbnRwGFjzA8BdbOgsShCWiS9NPPNyMXmHBDZJFW7uaKq2KBn8TCdcOAmBHBFjwAra4mk0FJ0C2C9AnQhjZBvzZkJvmQ76p6SQn1C5SJlSIGhfKEWAahQRxa4swn1ViIOrGuh3qJhL7oD2OrANJsqbFHnUDksURneCvQBcKyBYdCeU3BAUYg0mkOYpMEzdPfcQ2esYKOCjLqLbonV5rG2uxKFQzo4mYAuiJ6yo1YTyU1CoAyj0OFoFGzEgHlilFZJuYLuIQJPeBsQXYU-ikkgFUkFjVBnLR2VKaeHBcehCqL-5drwoLx5k2Ee6O9MOt3-S_vR7Xk1LSY_yNtv2c4pSht0cnt3e-9IXlzP_ZhXB_UHjBzp5Yd96C33Bscwgj4KYwdXcJtX1jFUl6QtSxgfDoUtQ0IOh-LWjRWG_EG2ZRt_ULzliW95Wu-vpcNxsIGhjZ4PGBn4OOhFPC_Vp_oAw3uri9XaxUFvpbo1cshvOVdV69f9wRz90FhVTVteLIeXl7F0o9f4ubg22NiyyNRFV_Z-c1gbDG8MfH_wtjgOI1Q2zX_sTHsGL4v35KOHN8623_3Aasr9tHZwbn9OPd-d27dvz7n29amv9tz58b0rd_VN79C9_UN3x9Xlvcvn2xPV31fb44j7xfYE15Jdal9TL2iJoM7UaHd8_Crf65e-X415vvRPjk-trvVX_PKp8bHT41Mzz1y-fHn6zJWb8-N4aXx1fOzS-FTzZnpyYufSYLC-ccuuXavHVhjphXmfVo8O3yV3xf5CL922edKvJp41j__rsyc_uvCbzbuXNu9e2bz78-bdXzfv3ti8--LkE_veuPbAV15c-PJkTz_53Of-_buFr23e_XTyyryfTY4NP68v_Gmy9fhU64mpy1c-rR9OtU5NwZNz9evC1OTVY2O_vOPi1Nil-nx8Gl8n6tdXp99c8s0t9-emd3ZuHGUSYBgCZhM9jC5u5Ljtub_v-MyTZ15YODe9o_OB_zdXDac2dr6Mqdd33rWFL6MfHrr9Hc8TzXnP3vil1z757M_f-Ty2uNJb3fboe3581yuPfH3hnd3YatvzmPuhzvsqzoHu1Y3Yz3l1c2of8N1Whp8_YuINnau27jTaQtw-_OUta75wW-fF763_YeHC9MQndt_BXp9uXZq-mtF5Ttk84_NQpxMz7ZmJb82cvemDB_2Tpxe-PXPPqZkWOz0z2Rk_vHroTL3uuW__2ZnpzuTwXySXZnZ2PnyFIggNPcoVveV_s-P47LWdt_3348QsNkqHV1aOPTXbnll6erb-i6ROY93DaWUj94_k-dU8ODU725kebX7mv3c5Pzv2yuwL_7zjpWce_NvHLmKPW_8x2zremei0H33sROeag1lphve1iHefmE532kvhbAcHPd9pvdQhe97_2gXdWfgP
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png
pixel
protected-by.clarium.io/ Frame F910 		68 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_VVpZeEM3NWtxRExSaUVkOUdvRVlPbW92VlZNLzMzYWNyb3NzOjMwMHgyNTA=&v=5&s=v31g8e5ac1p&id=eyJwcmViaWQiOnsiYWRJZCI6IjE0OTA5MzY5MDIwN2M0NmYiLCJjcG0iOjAuMzMsInMiOiJyZWVsLTMwMHgyNTAiLCJzcmMiOiJjbGllbnQifSwidHBfY3JpZCI6IlBCOjMzYWNyb3NzOzM1NzgzMDc2OSIsImFkb21haW4iOiJhaXJmcmFuY2UuZnIifQ%3D%3D&sb=undefined&cb=5758662&h=www.hawtcelebs.com&d=eyJ3aCI6IlZWcFplRU0zTld0eFJFeFNhVVZrT1VkdlJWbFBiVzkyVmxaTkx6TXpZV055YjNOek9qTXdNSGd5TlRBPSIsIndkIjp7ImsiOnsiaGJfYmlkZGVyIjpbIjMzYWNyb3NzIl0sImhiX3NpemUiOlsiMzAweDI1MCJdfX0sIndyIjowfQ==
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.73.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-73-102.compute-1.amazonaws.com
Software
nginx /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:41 GMT
Server
nginx
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
68
Expires
Sat, 26 Jul 1997 05:00:00 GMT
data
bcp.crwdcntrl.net/6/ 		238 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.102.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-102-235.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
dc23b9190a73bdca9d87c2a6d55165f19ea6d7336b8c0535d0c2300753b8d33d

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache
x-server
10.40.0.100
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
238
expires
0
dc.js
stats.g.doubleclick.net/ Frame EF41 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/dc.js
Requested by
Host: decide.dev
URL: https://decide.dev/lad/14975484333070182?pubid=ld-3479-2787&pubo=https%3A%2F%2Fwww.hawtcelebs.com&rid=&width=160
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c09::9b Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://decide.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4293
date
Wed, 20 Jul 2022 14:47:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17093
expires
Wed, 20 Jul 2022 16:47:08 GMT
truncated
/ Frame EF41 		11 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
171cda4d3dbdee2f4fd2fe8bb216d01ec076f528c89d7f529bb0a71d74c2cde9

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
radApi
edge.udmserve.net/ 		20 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.udmserve.net/radApi
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.120 Toronto, Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
underdogmedia.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 20 Jul 2022 15:58:41 GMT
Content-Length
20
Content-Type
application/json
truncated
/ Frame EF41 		10 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
91f7301b615782d2a44e59e5d7927da6414204b8d5b2827c803a178e44b3105a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
truncated
/ Frame EF41 		10 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
345843438b5078febeb2ecf9fda880a85dd71c44021702786ad9f615da0d69d1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type
text/javascript;charset=utf-8
/
trends.revcontent.com/api/demand/ 		638 B
745 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=268748
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.217.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-217-144.compute-1.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
8cd8581a76f914e7718208894e8e691a2a5db5c179696d5f316059b8edc6aa82
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
content-length
333
sync
trends.revcontent.com/ 		62 B
482 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/sync
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.217.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-217-144.compute-1.amazonaws.com
Software
/
Resource Hash
789b81aa8ab337c86a20d6ab8c04526c953ccce114656554dac31bc86a190716

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
etag
"88b12101-1147-42bd-8055-6997905647bc"
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=600, private, s-maxage=0, stale-while-revalidate=1800
access-control-allow-credentials
true
content-type
application/json
content-length
62
test_oracle
pd.sharethis.com/pd/ Frame 0D34 		438 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pd.sharethis.com/pd/test_oracle
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1004.23341&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.116.122.191 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-116-122-191.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
3db2657debd19868697a7c6140e672657276c176d5d5020e8d1ce5b200fc3179
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:41 GMT
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
438
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Content-Type
application/javascript
ttd
sync.sharethis.com/ Frame 6517
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/ttd?uid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/ttd?uid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
18.217.183.114 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-217-183-114.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Date
Wed, 20 Jul 2022 15:58:41 GMT
Content-Length
42
Stid
ZHoABWLYJjAAAAAIUHkGAw==
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.sharethis.com/ttd?uid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
215
sync
pippio.com/api/ Frame 6517
Redirect Chain
  • https://idsync.rlcdn.com/386076.gif?partner_uid=ZHoABWLYJjAAAAAIUHkGAw%3D%3D&gdpr=0&gdpr_consent=
  • https://idsync.rlcdn.com/1000.gif?memo=CJzIFxIjCh8IARCAVxoYWkhvQUJXTFlKakFBQUFBSVVIa0dBdz09EAAaDQixzOCWBhIFCOgHEABCAEoA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=f15643ea41e2db732037127e09d693e09a1b5172dfa998522236dc029c4bf1b4791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBmMTU2NDNlYTQxZTJkYjczMjAzNzEyN2UwOWQ2OTNlMDlhMWI1MTcyZGZhOTk4NTIyMjM2ZGMwMjljNGJmMWI0NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBmMTU2NDNlYTQxZTJkYjczMjAzNzEyN2UwOWQ2OTNlMDlhMWI1MTcyZGZhOTk4NTIyMjM2ZGMwMjljNGJmMWI0NzkxNDI2YjU0MTdkY2UyMRAAGgwIsczglgYSBAgCEABCAEoA&goog...
  • https://usermatch.krxd.net/um/v2?partner=liveramp_identity
  • https://pippio.com/api/sync?pid=709973&it=1&iv=O-AAzYc6
42 B
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?pid=709973&it=1&iv=O-AAzYc6
Protocol
H3
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jul 2022 15:58:42 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://pippio.com/api/sync?pid=709973&it=1&iv=O-AAzYc6
date
Wed, 20 Jul 2022 15:58:42 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a002-ash-prod.krxd.net
eyeota
sync.sharethis.com/ Frame 6517
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
  • https://sync.sharethis.com/eyeota?uid=212bvP8rKqdMQnT9yT6w6vb1bZnK0sKM9qgTsPHS62dg&gdpr=0&gdpr_consent=
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/eyeota?uid=212bvP8rKqdMQnT9yT6w6vb1bZnK0sKM9qgTsPHS62dg&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
18.217.183.114 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-217-183-114.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Date
Wed, 20 Jul 2022 15:58:42 GMT
Content-Length
42
Stid
ZHoABWLYJjAAAAAIUHkGAw==
Content-Type
image/gif

Redirect headers

Location
https://sync.sharethis.com/eyeota?uid=212bvP8rKqdMQnT9yT6w6vb1bZnK0sKM9qgTsPHS62dg&gdpr=0&gdpr_consent=
Date
Wed, 20 Jul 2022 15:58:42 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
m.gif
tag.crsspxl.com/ Frame 6517
Redirect Chain
  • https://tag.crsspxl.com/c.gif?t=50173&r=https%3A%2F%2Fp.nexac.com%2Fe%2Fsr%2Fa-1625%2Fs-3300%2Fs-3300.xgi%3Fcb%3D%7BCPCB%7D
  • https://tag.crsspxl.com/c.gif?cc=1&t=50173&r=https%3A%2F%2Fp.nexac.com%2Fe%2Fsr%2Fa-1625%2Fs-3300%2Fs-3300.xgi%3Fcb%3D%7BCPCB%7D
  • https://sync.sharethis.com/crosspixel?uid=912626507062985202&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3DCPX12%26google_cm%26cb%3D1658332721632
  • https://cm.g.doubleclick.net/pixel?google_nid=CPX12&google_cm&cb=1658332721632/ZHoABWLYJjAAAAAIUHkGAw==
  • https://tag.crsspxl.com/m.gif?id=&cb=1658332721632/ZHoABWLYJjAAAAAIUHkGAw==&google_gid=CAESEGBej9BoNRoBOOGrhCThMW0&google_cver=1
43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag.crsspxl.com/m.gif?id=&cb=1658332721632/ZHoABWLYJjAAAAAIUHkGAw==&google_gid=CAESEGBej9BoNRoBOOGrhCThMW0&google_cver=1
Protocol
HTTP/1.1
Server
34.232.140.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-140-51.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:41 GMT
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://tag.crsspxl.com/m.gif?id=&cb=1658332721632/ZHoABWLYJjAAAAAIUHkGAw==&google_gid=CAESEGBej9BoNRoBOOGrhCThMW0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csync.ashx
ml314.com/ Frame 6517
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHoABWLYJjAAAAAIUHkGAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
  • https://idsync.rlcdn.com/395886.gif?partner_uid=3628755140668817450
  • https://ml314.com/csync.ashx?fp=dab1c290cf06fb745b88e3981391ba4f79ccee90403495b839169164022f5eeaf4cb09cee1a4f8eb&person_id=3628755140668817450&eid=50082
43 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=dab1c290cf06fb745b88e3981391ba4f79ccee90403495b839169164022f5eeaf4cb09cee1a4f8eb&person_id=3628755140668817450&eid=50082
Protocol
H3
Server
34.111.234.236 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 21 Jul 2022 11:58:41 GMT

Redirect headers

date
Wed, 20 Jul 2022 15:58:41 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ml314.com/csync.ashx?fp=dab1c290cf06fb745b88e3981391ba4f79ccee90403495b839169164022f5eeaf4cb09cee1a4f8eb&person_id=3628755140668817450&eid=50082
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
oracle
sync.sharethis.com/ Frame 6517
Redirect Chain
  • https://tags.bluekai.com/site/59574?id=ZHoABWLYJjAAAAAIUHkGAw%3D%3D&redir=https%3A%2F%2Fsync.sharethis.com%2Foracle%3Fuid%3D%24_BK_UUID%26BK_SWAP_DEST%3D5957
  • https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
Protocol
HTTP/1.1
Server
18.217.183.114 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-217-183-114.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Date
Wed, 20 Jul 2022 15:58:41 GMT
Content-Length
42
Stid
ZHoABWLYJjAAAAAIUHkGAw==
Content-Type
image/gif

Redirect headers

location
https://sync.sharethis.com/oracle?uid=$_BK_UUID&BK_SWAP_DEST=5957
date
Wed, 20 Jul 2022 15:58:41 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame D806 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.126.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-126-46.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
33231
cache-control
max-age: 86400
content-encoding
gzip
content-type
text/html
date
Wed, 20 Jul 2022 06:44:51 GMT
etag
W/"6fcf4f5197ab24c92d090f6ac8d87e01"
last-modified
Mon, 01 Feb 2021 20:35:17 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 7972cbd1699f1a8b6ef2e0b1fa50ca3e.cloudfront.net (CloudFront)
x-amz-cf-id
avXVmxTJbANZFBva7wUKQk8nx4SCiYSwFrZC6JF82iJLWPbe-a6FTQ==
x-amz-cf-pop
EWR52-C3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
/
tag.vlitag.com/pbk/ 		738 B
735 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.vlitag.com/pbk/?t=1658329159&d=78&z=390&divID=vi_78390_1&w=300&h=250&geo=US&hn=www.hawtcelebs.com
Requested by
Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1658329159/036e05035cbef88431e89138f2969605.js?cc=US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1d79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d11bf5cc02f893e5237c37c2716f2abfa60e35efb82365d185c078412409585c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
content-encoding
br
cf-cache-status
HIT
age
996
cf-polished
origSize=740
cf-ray
72dce6549d66b3e3-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 20 Jul 2022 15:42:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
expires
Thu, 20 Jul 2023 15:58:41 GMT
cache-control
public, max-age=31536000
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cf-bgj
minify
t_.js
t.sharethis.com/1.1004.23341/a/US/ Frame 5D6C 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.sharethis.com/1.1004.23341/a/US/t_.js?cid=c010&cls=C
Requested by
Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1004.23341&cid=c010&cls=C
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.17.240 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-17-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
176ff4118c06a15907655b533309bf79da619e09b4e4bdbda171ad6a320d8632
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1004.23341&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:41 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
8802
Expires
Wed, 27 Jul 2022 15:58:41 GMT
pr
s.amazon-adsystem.com/v3/ Frame E586 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_smrt_cnv_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-sharethrough_n-LoopMe_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_smrt_cnv_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
8539bc8d2f70ef9d1edd1c228e2d4466633ec0b0a832b0b757ef0803f1831249
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=n-smaato_n-sharethrough_n-LoopMe_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_smrt_cnv_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2291
Content-Type
text/html;charset=ISO-8859-1
Date
Wed, 20 Jul 2022 15:58:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
6ZV1E0XHMBDRR29YPDXD
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=gdomg51&t=gif&cat=Entertainment&us_privacy=1---&random=1658332721308.1
  • https://ps.eyeota.net/pixel/bounce/?pid=gdomg51&t=gif&cat=Entertainment&us_privacy=1---&random=1658332721308.1
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MkxMa0dteDQ2a2luVEJZb1NVaGtkVHVCeU5oTG1FQTZ1YmdxeExNdFpqNms&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESENyfHxS6kN4Ej61QN2qj_mE&google_cver=1
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESENyfHxS6kN4Ej61QN2qj_mE&google_cver=1
Protocol
HTTP/1.1
Server
3.233.22.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-22-19.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:42 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=gdomg51&google_gid=CAESENyfHxS6kN4Ej61QN2qj_mE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
p.adsymptotic.com/d/px/
Redirect Chain
  • https://px.ads.linkedin.com/db_sync?pid=15927&puuid=CoIKSmLYJjBu1V7aKVimAg%3D%3D&us_privacy=1---&_rand=1658332721308.2
  • https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_puuid=CoIKSmLYJjBu1V7aKVimAg%3D%3D&_pu
  • https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_puuid=CoIKSmLYJjBu1V7aKVimAg%3D%3D&_pu&_expected_cookie=d375acd134b0e7d4bd75d240d92f5c58
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_puuid=CoIKSmLYJjBu1V7aKVimAg%3D%3D&_pu&_expected_cookie=d375acd134b0e7d4bd75d240d92f5c58
Protocol
H2
Server
104.18.100.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
72dce6570a109ac0-MIA
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=15927&_psign=fce45ffa363c6bb0cd2a15147c12d204&_puuid=CoIKSmLYJjBu1V7aKVimAg%3D%3D&_pu&_expected_cookie=d375acd134b0e7d4bd75d240d92f5c58
date
Wed, 20 Jul 2022 15:58:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce656994b9ac0-MIA
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
8343254669216575683
map.go.affec.tv/map/an/
Redirect Chain
  • https://map.go.affec.tv/map/3a/?pid=CoIKSmLYJjBu1V7aKVimAg%3D%3D&us_privacy=1---&ts=1658332721308.3
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fmap.go.affec.tv%2Fmap%2Fan%2F%24UID%3Fch%3D62d8263129b51300010ca2fd%26chc%3Dtt%26floc%3D%26redirect_url%3D
  • https://map.go.affec.tv/map/an/8343254669216575683?ch=62d8263129b51300010ca2fd&chc=tt&floc=&redirect_url=
0
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://map.go.affec.tv/map/an/8343254669216575683?ch=62d8263129b51300010ca2fd&chc=tt&floc=&redirect_url=
Protocol
H2
Server
99.84.126.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-126-66.ewr52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
via
1.1 6b3d2643c74a20e5b5a8b8be0da4fbfa.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C3
content-encoding
gzip
x-amz-cf-id
cvUMpfJGVmI1uAth-bKA4tiW2-SBWvPhvd_dkp9f_Y74laBIq3yeiQ==
vary
Accept-Encoding
x-cache
Miss from cloudfront

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:41 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
0a77066c-b6b5-41ce-96b4-df74aad2a114
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://map.go.affec.tv/map/an/8343254669216575683?ch=62d8263129b51300010ca2fd&chc=tt&floc=&redirect_url=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch.gif
beacon.krxd.net/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1388&partner_device_id=CoIKSmLYJjBu1V7aKVimAg%3D%3D&us_privacy=1---&random=1658332721308.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites.net%2F...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=1388&partner_device_id=CoIKSmLYJjBu1V7aKVimAg%3D%3D&us_privacy=1---&random=1658332721308.4&redirect=https%3A%2F%2Fthinkcxad.azurewebsites....
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=72b09538-e154-472b-9fb0-46549e06af35%252Chttps%253A%252F%252Fusermatch.krxd.net%252Fum%252Fv2%253Fpartner%253Dtapad&gdpr=...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&ttd_puid=72b09538-e154-472b-9fb0-46549e06af35%2Chttps%3A%2F%2Fusermatch.krxd.net%2Fu...
  • https://usermatch.krxd.net/um/v2?partner=tapad
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
Protocol
H2
Server
54.92.156.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-92-156-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1658332721
x-served-by
beacon-n003-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=tapad
date
Wed, 20 Jul 2022 15:58:41 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a007-ash-prod.krxd.net
idr.gif
p.alcmpn.com/idr/ven/1032/
Redirect Chain
  • https://sync.graph.bluecava.com/ds.png?p=145c07db-9bd4-440d-9130-b5b794ec4ce7&uid=CoIKSmLYJjBu1V7aKVimAg%3D%3D&random=1658332721308.5
  • https://p.alcmpn.com/idr/ven/1032/idr.gif?fpid=097a4bcc-ac6d-415f-ac74-4d3e599b1767&chained=true
0
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.alcmpn.com/idr/ven/1032/idr.gif?fpid=097a4bcc-ac6d-415f-ac74-4d3e599b1767&chained=true
Protocol
H2
Server
35.226.42.89 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
89.42.226.35.bc.googleusercontent.com
Software
nginx / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
server
nginx
x-powered-by
Express
strict-transport-security
max-age=31536000;
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
via
1.1 google
access-control-allow-origin
*
p3p
CP="NON DSP LAW PSAo PSDo IVAo IVDo OTPo OUR SAMo BUS UNI PRE"
location
//p.alcmpn.com/idr/ven/1032/idr.gif?fpid=097a4bcc-ac6d-415f-ac74-4d3e599b1767&chained=true
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
-1
405716.gif
idsync.rlcdn.com/
Redirect Chain
  • https://dp2.33across.com/ps/?pid=1205&random=1658332721308.6&r=true
  • https://idsync.rlcdn.com/405716.gif?partner_uid=2240489444549
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/405716.gif?partner_uid=2240489444549
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jul 2022 15:58:41 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:40 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
4000000000004000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://idsync.rlcdn.com/405716.gif?partner_uid=2240489444549
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
mapuid
secure.adnxs.com/
Redirect Chain
  • https://dp1.33across.com/ps/?pid=669&uid=CoIKSmLYJjBu1V7aKVimAg%3D%3D&us_privacy=1---&random=1658332721308.7&r=true
  • https://secure.adnxs.com/mapuid?t=2&member=1001&user=78147065046372&seg_code=33x&random=1658332721
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/mapuid?t=2&member=1001&user=78147065046372&seg_code=33x&random=1658332721
Protocol
HTTP/1.1
Server
68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:41 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
96c42874-446d-47ad-8704-840952160e61
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:40 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
402044000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://secure.adnxs.com/mapuid?t=2&member=1001&user=78147065046372&seg_code=33x&random=1658332721
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
27519
tags.bluekai.com/site/ Frame F6B5
Redirect Chain
  • https://dp2.33across.com/ps/?tt=iframe&pid=1198&us_privacy=&random=1658332721308.1&r=true
  • https://tags.bluekai.com/site/27519?id=117819492102226&ret=html&random=1658332721
71 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tags.bluekai.com/site/27519?id=117819492102226&ret=html&random=1658332721
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=w!a9etg89wet~wu!&dn=AFWU&cc=2&r=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

bk-server
d2a4
content-length
71
content-type
text/html
date
Wed, 20 Jul 2022 15:58:41 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Wed, 20 Jul 2022 15:58:40 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://tags.bluekai.com/site/27519?id=117819492102226&ret=html&random=1658332721
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP003
x-33x-status
400000000040080C
lotame-sync.html
cdn-tc.33across.com/ Frame 0A51 		343 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-tc.33across.com/lotame-sync.html
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/v2?id=w!a9etg89wet~wu!&dn=AFWU&cc=2&r=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
165059
cache-control
public, max-age=259200
cf-cache-status
HIT
cf-ray
72dce6559c4a9abd-MIA
content-encoding
gzip
content-type
text/html
date
Wed, 20 Jul 2022 15:58:41 GMT
etag
W/"62bb1405-157"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sat, 23 Jul 2022 15:58:41 GMT
last-modified
Tue, 28 Jun 2022 14:45:25 GMT
server
cloudflare
vary
Accept-Encoding
sync
pippio.com/api/
Redirect Chain
  • https://rc.rlcdn.com/361726.gif?n=1&33random=1658332721308.2
  • https://rc.rlcdn.com/1000.gif?memo=CP6JFhoNCLHM4JYGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=a68443732b33ad89de2329782d42a8c2973545e0221cfa8f0c829fc0103c6b59791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBhNjg0NDM3MzJiMzNhZDg5ZGUyMzI5NzgyZDQyYThjMjk3MzU0NWUwMjIxY2ZhOGYwYzgyOWZjMDEwM2M2YjU5NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBhNjg0NDM3MzJiMzNhZDg5ZGUyMzI5NzgyZDQyYThjMjk3MzU0NWUwMjIxY2ZhOGYwYzgyOWZjMDEwM2M2YjU5NzkxNDI2YjU0MTdkY2UyMRAAGgwIsczglgYSBAgCEABCAEoA&goog...
  • https://usermatch.krxd.net/um/v2?partner=liveramp_identity
  • https://pippio.com/api/sync?pid=709973&it=1&iv=O-AAzYc6
42 B
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?pid=709973&it=1&iv=O-AAzYc6
Protocol
H3
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jul 2022 15:58:42 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://pippio.com/api/sync?pid=709973&it=1&iv=O-AAzYc6
date
Wed, 20 Jul 2022 15:58:42 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a005-ash-prod.krxd.net
match
cms-xch.33across.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/33across?us_privacy=&33random=1658332721308.3
  • https://match.prod.bidr.io/cookie-sync/33across?us_privacy=&33random=1658332721308.3&_bee_ppp=1
  • https://cms-xch.33across.com/match?bidder_id=85&external_user_id=AABXF07FsEwAABBUGzwKHw
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch.33across.com/match?bidder_id=85&external_user_id=AABXF07FsEwAABBUGzwKHw
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
via
1.1 google
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

location
https://cms-xch.33across.com/match?bidder_id=85&external_user_id=AABXF07FsEwAABBUGzwKHw
Date
Wed, 20 Jul 2022 15:58:41 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://spl.zeotap.com/z.png?zdid=239&ctry=US&env=mWeb&eventType=pageview&zpb=wu%21&zpbcat=Entertainment&zcluid=CoIKSmLYJjBu1V7aKVimAg%3D%3D&us_privacy=&ziid=1658332721308.4
  • https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&ctry=US&env=mWeb&eventType=pageview&id_mid_4=fb06f0d5-2a23-442a-49d2-a16f1ea47dfc&reqId=f2fa54e6-7d52-400b-5171-...
  • https://mwzeom.zeotap.com/mw?adnxs_uid=8343254669216575683&zpartnerid=2&ctry=US&env=mWeb&eventType=pageview&id_mid_4=fb06f0d5-2a23-442a-49d2-a16f1ea47dfc&reqId=f2fa54e6-7d52-400b-5171-3c24724392ef&...
95 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?adnxs_uid=8343254669216575683&zpartnerid=2&ctry=US&env=mWeb&eventType=pageview&id_mid_4=fb06f0d5-2a23-442a-49d2-a16f1ea47dfc&reqId=f2fa54e6-7d52-400b-5171-3c24724392ef&us_privacy=&zcluid=CoIKSmLYJjBu1V7aKVimAg==&zdid=239&ziid=1658332721308.4&zpb=wu!&zpbcat=Entertainment
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
72dce6594dd902d6-MIA
access-control-allow-headers
*
content-length
95

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:41 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
fc743572-2550-4886-8d74-f8ae6d6e50aa
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://mwzeom.zeotap.com/mw?adnxs_uid=8343254669216575683&zpartnerid=2&ctry=US&env=mWeb&eventType=pageview&id_mid_4=fb06f0d5-2a23-442a-49d2-a16f1ea47dfc&reqId=f2fa54e6-7d52-400b-5171-3c24724392ef&us_privacy=&zcluid=CoIKSmLYJjBu1V7aKVimAg==&zdid=239&ziid=1658332721308.4&zpb=wu!&zpbcat=Entertainment
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dpx
i.simpli.fi/ 		95 B
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.simpli.fi/dpx?cid=11411&us_privacy=&33random=1658332721308.5&ref=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.47.141.243 Ashburn, United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
f3.8d.2fa9.ip4.static.sl-reverse.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache, no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
95
x-request-id
FwOU0we6PrGgaRYJPZQB
expires
Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT
bk-coretag.js
tags.bkrtx.com/js/ Frame 0D34 		51 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: pd.sharethis.com
URL: https://pd.sharethis.com/pd/test_oracle
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.5.229.102 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-5-229-102.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=15724800; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 21 May 2021 19:14:21 GMT
Server
nginx/1.15.8
ETag
W/"60a8068d-cbc2"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800
Date
Wed, 20 Jul 2022 15:58:41 GMT
Connection
keep-alive
Content-Length
16078
Expires
Wed, 27 Jul 2022 15:58:41 GMT
pixels
bcp.crwdcntrl.net/ Frame 1C6E 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C136%2C116%2C115%2C106%2C104%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.102.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-102-235.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
e3c325bd8c8ebbcc78a4b17348415bfafe2bd8c0f05439b85c05aa07afe676c9

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-length
4086
content-type
text/html
date
Wed, 20 Jul 2022 15:58:41 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.40.39.101
dcmads.js
www.googletagservices.com/dcm/ Frame F910 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:14:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2640
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8749
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 21:33:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Wed, 20 Jul 2022 16:14:41 GMT
tfav_adl_359.js
j.adlooxtracking.com/ads/js/ Frame F910 		64 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.adlooxtracking.com/ads/js/tfav_adl_359.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
5.135.142.36 Chasne-sur-Illet, France, ASN16276 (OVH, FR),
Reverse DNS
js07.adlooxtracking.com
Software
nginx/1.15.8 /
Resource Hash
0b41b8621ddf15fa1674ce5edcfdac9e966c69d8796ad2c9bcaa55995692f3d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:41 GMT
Last-Modified
Tue, 14 Dec 2021 10:12:40 GMT
Server
nginx/1.15.8
ETag
"61b86e18-ffc7"
Content-Type
application/javascript
Cache-Control
no-cache, max-age=60
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65479
rd_log
nym1-ib.adnxs.com/ Frame F910 		0
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&e=wqT_3QLyGPDtcgwAAAMA1gAFAQiwzOCWBhCck_KgtsC-6UAY7uT1xczg1fESKjYJtPAVuxrI4T8RaTaPw2D-2z8ZAAAAgBSuA0AhNtKWljii4D8pGsVyS6sh5T8xAAAA4HoU3j8wrOnHCzj_T0DRFEgCUPGg0KoBWPbImQFgAGjJ47kBeMW7BYABAYoBA1VTRJIBA1VTRJgBrAKgAfoBqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigKVAXVmKCdhJywgMzQzNDM0LCAxNjU4MzMyNzIwKTt1ZignaScsIDQ1NDkxMTEsIDE2NTgzMzI3MjApOwEdLGcnLCAxMjUyMzYwOEY7ADBzJywgMjY5MjM2MTgwRh8AMHInLCAzNTc4MzA3Njk2HwDwsJICqQ8hZjVRWEhnalFqcWNWRVBHZzBLb0JHQUFnOXNpWkFUQUFPQUJBQUVqUkZGQ3M2Y2NMV0FCZ19nRm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUUdvQVFHd0FRQzVBWU9PdVhHMHMtUV93UUhjQ3ZjSXJ5SGxQOGtCQUFBQUFBQUE4RF9aQVF6cVctWjBXZThfNEFIMzA1VUM5UUZHOEg0X21BSUFvQUlCdFFJQQEzCHZRSQEH8ItBd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNT0NJNzM4UnNRQVJnQ0xRQUFRRUNpQXc0SWp2ZnhHeEFMR0FJdEFBQkFRTG9EQ1U1WlRUSTZORGt5Tk9BRDZ5NkFCTjZubGdTSUJMajQxUWlRQkFHWUJBR3FCTWNIQ1BfX19fXwkFCHdFUQkJCQEIQVJqCQkFAQw4QklQBQkJAQh3RW8JCQkBCEFURAkJBQEIOEJPMiwABEZBBRcNAQRBVTZYAABVNiwAAFkNJwUBBEFXNlgAAGE2LAAAdwUlDQEEQVg2WAAIZ0FIDRoBAQg4Qmk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAADDBBR3NBkAAyOhgAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FMAfENAQH4NhAAHGtBTF9UNWdDDSEFAQhBYUE6EAA6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAARZQS4pAgxfQVlnNhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAAhZQUUlyQ0BCEFZZzYQAABaOiAAAFo6IAAAYTogAABhOiAAAGI6IAAAYjogAABjOiAAAGM6IAAAZDogAABkOiAAAGU6IAAAZTogAABmOiAAAGY6IAAIWUFGDfsFAQhBWWc2EAAAWjogAABaOiAAaGJJRUNnanlnLUlNRU43NGxnMjZCQm9JN1FnUqWtGEFBQTBEOFoBCA0BIGd6UC1hRHNFRQ0QFEEwRF9KQhENJEFBQTJBUUE4UVEBCwkB8D5JSUZId2p2cENVUUJSZ0JJZ05GVlZJcERPcGI1blJaN3o4eE9iVElkcjZmdWotSUJid21tQVhVNzdDQUFha0YJRRhBQThELXhCHVcId1FVERsISVFNCSgcd0VnOHp6X1IuKAAAMhUoaER3UC1BRjlJTUU4QVhZc1B3Ri1BV0steFNDQgWUPEtJQmdTUUJnR1lCZ0NoQmcRXyhBQXFBWUVzZ1lrQx2AAEUdDABHHQwASR0MOHVBWUuaAsUBIVJTS3VxdzqtByxQYkltUUVnQUNnQU0dNUxPZ2xPV1UweU9qUTVNalJBNnk1SjktADk1mQhBQUI9mQRCaBGvDDBEOXARDAxBQUJ4HQwQNEFJSUKqjQEESkERmPBMUEFf2ALFyQLgArrfTeoCG2h0dHBzOi8vd3d3Lmhhd3RjZWxlYnMuY29tL_ICEAoGQURWX0lEEgYzNDM0MzTyAhIKBkNQR19JRBIIMTIWEgkY8gISCgVDUAEnAAkiCAk48gINCghBRFZfRlJFURIBCRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4QEAoFSU8BYSAHNDU0OTExMfIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fCQgAMAiAMBkAMAmAMUoAMBqgMAwAOsAsgDANgDqfQu4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQNMzguMTMyLjExOC42OKgEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANIEDjI2NDEjTllNMjo0OTI02gQCCAHgBADwBPGg0KoBiAUBmAUAoAX______wEFuAGqBSRiYWRhMzkzZS0wZjViLTI3MWMtY2Y5OS01OGZhYjdlODczNGPABQDJBQAAAQIU8D_SBQkJAQoBAWzYBQHgBQHwBfcQ-gUECAAQAJAGAJgGALgGAMEGASAwAADwP9AGygnaBhYKEAkRGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAUgN3CzuHkAAyAfFuwXSBw0VdQE4CNoHBgknbOAHAOoHAggA8AesgYcDiggCEACVCAAAgD-YCAE.&s=242b48f2655667b23c63648f1204632ba4c914a8&bdref=https%3A%2F%2Fwww.hawtcelebs.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.hawtcelebs.com%2F,https%3A%2F%2Fwww.hawtcelebs.com%2F&
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:41 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
4d13cc36-604c-4f41-803a-39a379f0da3f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
it
nym1-ib.adnxs.com/ Frame F910 		0
815 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&e=wqT_3QLcFvDtXAsAAAMA1gAFAQiwzOCWBhCck_KgtsC-6UAY7uT1xczg1fESKjYJtPAVuxrI4T8RaTaPw2D-2z8ZAAAAgBSuA0AhNtKWljii4D8pGsVyS6sh5T8xAAAA4HoU3j8wrOnHCzj_T0DRFEgCUPGg0KoBWPbImQFgAGjJ47kBeMW7BYABAYoBA1VTRJIBA1VTRJgBrAKgAfoBqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigKVAXVmKCdhJywgMzQzNDM0LCAxNjU4MzMyNzIwKTt1ZignaScsIDQ1NDkxMTEsIDE2NTgzMzI3MjApOwEdLGcnLCAxMjUyMzYwOEY7ADBzJywgMjY5MjM2MTgwRh8AMHInLCAzNTc4MzA3Njk2HwDwsJICqQ8hZjVRWEhnalFqcWNWRVBHZzBLb0JHQUFnOXNpWkFUQUFPQUJBQUVqUkZGQ3M2Y2NMV0FCZ19nRm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUUdvQVFHd0FRQzVBWU9PdVhHMHMtUV93UUhjQ3ZjSXJ5SGxQOGtCQUFBQUFBQUE4RF9aQVF6cVctWjBXZThfNEFIMzA1VUM5UUZHOEg0X21BSUFvQUlCdFFJQQEzCHZRSQEH8ItBd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNT0NJNzM4UnNRQVJnQ0xRQUFRRUNpQXc0SWp2ZnhHeEFMR0FJdEFBQkFRTG9EQ1U1WlRUSTZORGt5Tk9BRDZ5NkFCTjZubGdTSUJMajQxUWlRQkFHWUJBR3FCTWNIQ1BfX19fXwkFCHdFUQkJCQEIQVJqCQkFAQw4QklQBQkJAQh3RW8JCQkBCEFURAkJBQEIOEJPMiwABEZBBRcNAQRBVTZYAABVNiwAAFkNJwUBBEFXNlgAAGE2LAAAdwUlDQEEQVg2WAAIZ0FIDRoBAQg4Qmk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAADDBBR3NBkAAyOhgAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FMAfENAQH4NhAAHGtBTF9UNWdDDSEFAQhBYUE6EAA6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAARZQS4pAgxfQVlnNhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAAhZQUUlyQ0BCEFZZzYQAABaOiAAAFo6IAAAYTogAABhOiAAAGI6IAAAYjogAABjOiAAAGM6IAAAZDogAABkOiAAAGU6IAAAZTogAABmOiAAAGY6IAAIWUFGDfsFAQhBWWc2EAAAWjogAABaOiAAaGJJRUNnanlnLUlNRU43NGxnMjZCQm9JN1FnUqWtGEFBQTBEOFoBCA0BIGd6UC1hRHNFRQ0QFEEwRF9KQhENJEFBQTJBUUE4UVEBCwkB8D5JSUZId2p2cENVUUJSZ0JJZ05GVlZJcERPcGI1blJaN3o4eE9iVElkcjZmdWotSUJid21tQVhVNzdDQUFha0YJRRhBQThELXhCHVcId1FVERsISVFNCSgcd0VnOHp6X1IuKAAAMhUoaER3UC1BRjlJTUU4QVhZc1B3Ri1BV0steFNDQgWUPEtJQmdTUUJnR1lCZ0NoQmcRXyhBQXFBWUVzZ1lrQx2AAEUdDABHHQwASR0MOHVBWUuaAsUBIVJTS3VxdzqtByxQYkltUUVnQUNnQU0dNUxPZ2xPV1UweU9qUTVNalJBNnk1SjktADk1mQhBQUI9mQRCaBGvDDBEOXARDAxBQUJ4HQwQNEFJSUKqjQEESkERmPQ0AVBBX9gCxckC4AK6303qAhtodHRwczovL3d3dy5oYXd0Y2VsZWJzLmNvbS-AAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOp9C7gAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA0zOC4xMzIuMTE4LjY4qAQAsgQMCAAQABgAIAAwADgCuAQAwAQAyAQA0gQOMjY0MSNOWU0yOjQ5MjTaBAIIAeAEAPAE8aDQqgGIBQGYBQCgBf___________wGqBSRiYWRhMzkzZS0wZjViLTI3MWMtY2Y5OS01OGZhYjdlODczNGPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX3EPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbKCdoGFgoQAAAAAAAAAAVHAQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPHdww7h5AAMgHxbsF0gcNCQE0AQEBOAjaBwYJJ2zgBwDqBwIIAPAHrIGHA4oIAhAAlQgAAIA_mAgB&s=9f49d9425741dd7430e18d280a8e078810b29836
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:41 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
5ad63e16-67de-46f4-adb0-8ebe2961c6b2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame F910 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:41 GMT
Content-Encoding
gzip
Age
12639613
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
29216
X-Served-By
cache-lga21978-LGA, cache-mia11359-MIA
Access-Control-Allow-Origin
*, *
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
X-Timer
S1658332722.942559,VS0,VE0
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Via
1.1 varnish, 1.1 varnish
Expires
Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
3, 2373305
ecm3
s.amazon-adsystem.com/ Frame E586
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=252eabd
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=252eabd
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_smrt_cnv_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
MBJ4KHXD8PD87AE7WKHT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 20 Jul 2022 15:58:41 GMT
via
1.1 ffa37482155641d3f809e2a4a5572070.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR52-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=252eabd
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
c5GeBQ_jK7mZXKnryde6-RfjrsOfHbh4R2Q27RMAwK2KfUFdmG9XUA==
/
onetag-sys.com/match/ Frame E586 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_smrt_cnv_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ecm3
s.amazon-adsystem.com/ Frame E586
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D?gdpr=0
  • https://s.amazon-adsystem.com/ecm3?id=1A05C166717A4D7E811C2E3453E7CCAB&ex=simpli.fi&status=ok
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=1A05C166717A4D7E811C2E3453E7CCAB&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_smrt_cnv_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
HYW3ZHBME6EFYX5JBS8Z
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Wed, 20 Jul 2022 15:58:41 GMT
x-content-type-options
nosniff
server
openresty
location
https://s.amazon-adsystem.com/ecm3?id=1A05C166717A4D7E811C2E3453E7CCAB&ex=simpli.fi&status=ok
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 19 Jul 2022 15:58:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022071401&jk=1722149225813891&bg=!gYKlgsbNAAZlvz3gRb87ACkAdvg8Wq0XpXqHqp3fSS304PuOnZWEu0rrGdZ2geeUd-fOpBZ52ER0twIAAAEuUgAAAAJoAQeZAqnALRgNG-oJCCwYyUmZJi0etwGRuSmCxkUSIP7P59NnQZf2uksVnbLBk5qAONKm9JjcoJeBX5sCTXLmZXWfPKk4ZhaeqLmvX7A9Sf-ZFPniXC5TcRpqv71c9hpaG0BRWose0x5St-J5yxNXBQT0CXGR7xoRgRgEOEVU56OghfEFluAJFTINXQ_kDz_OmlBq75lBl_-LBVbldGwr719VXWSrC3AxF3Xuaf_h6JGWvrVQdl4xT45X69uDFb1qkOUzk_4aNjWCQNgSrAevKjwc8oU_9MW-laF6InXJoT5MQYiU80YkvVWjoB3jJldwEQNT1nDMLkUvV42hdjWeusuKPZj2_O2-6f9rAESPlm8Vdv8syf3GoLFfG0gEFnGkZt3aIt33s3v3fVufRRP8kVVN-zm1vs4Xp4W3tiDbnAVqJj82ilaCja7xGcdHDQsNlM7mOfLvXcnPEDYyDr46CDK63lXUivodq7XUZuJ-TbIBub928HTWASOjpuEz8C0-QtuTbK4CLD76sbrPJLFkIYUafC3Gr0zzmVUVXVYcCRT9E4F9JvgP7fPBbUQZjnXcQb2J9ioganlJ99fHzYZrZOR3Z6xwkYa3N7a8-T37H28RmkTItlj2RBB64gU_zmvMpGaLl1dPyXsQCreNX7fgZXafzDxncaJWgkHJx1Kzja4odcc-Aw-oLwIprESWqlG5zIrb2oicfoxy-KBk6H012Jz_BL0-PAp3nOyOVqV3xwVNyOmeQEy1T75uehmkcvRW7vKRK4GHjLcGufw13dPlt2d5UDtsfdFCEeJMCVAF_KdRYCmkKlLAxgy2Hf7WsKJcQNhtEPtopayicr7PGR-qQNQ6c4CSGRuiRrqUayITXvxWZNZ7powM1lYkUN9IpulhHnezi6fWDoSTmCXnKGU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
/
match.sharethrough.com/jwumXNuB/v1/ Frame 647F 		427 B
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_smrt_cnv_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.74.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-74-97.compute-1.amazonaws.com
Software
/
Resource Hash
57c073849570882251534d31fcad2be1a0b5955bf4aca22a14c6d0a7b6610cee

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
427
date
Wed, 20 Jul 2022 15:58:41 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 90AE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_smrt_cnv_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.60.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=142003
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 15:58:41 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 22 Jul 2022 07:25:24 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame CB55 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_smrt_cnv_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 20 Jul 2022 15:58:41 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ecm3
s.amazon-adsystem.com/ Frame 83A6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0wOThOeDUxRTJ1SnVtbGFIMHVQekI3dV9lald6MkhMb35B&gdpr=0&gdpr_consent=
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0wOThOeDUxRTJ1SnVtbGFIMHVQekI3dV9lald6MkhMb35B&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_smrt_cnv_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 20 Jul 2022 15:58:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
33WQ4YGN32B4E6PCXNEB

Redirect headers

age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:41 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS0wOThOeDUxRTJ1SnVtbGFIMHVQekI3dV9lald6MkhMb35B&gdpr=0&gdpr_consent=
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.0.46
strict-transport-security
max-age=31536000
ecm3
s.amazon-adsystem.com/ Frame 3A9B
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1278341628099599906&gdpr=0&gdpr_consent=
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1278341628099599906&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_smrt_cnv_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 20 Jul 2022 15:58:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
938PS7RE53DR7BMWN7RX

Redirect headers

content-length
0
date
Wed, 20 Jul 2022 15:58:41 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1278341628099599906&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame CF9B
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&gdpr=0
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=305860817e901201&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D&...
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGZi4F71OfTAM2SYGuAAAAAAA&expiration=1658419121&is_secure=true&gdpr=0
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGZi4F71OfTAM2SYGuAAAAAAA&expiration=1658419121&is_secure=true&gdpr=0
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_smrt_cnv_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 20 Jul 2022 15:58:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
58P9WV88QK7WVMCZDDNS

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Wed, 20 Jul 2022 15:58:41 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGZi4F71OfTAM2SYGuAAAAAAA&expiration=1658419121&is_secure=true&gdpr=0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
ecm3
s.amazon-adsystem.com/ Frame 2CCE
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1862237872783926789061
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1862237872783926789061
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-sharethrough_n-LoopMe_n-onetag_pm-db5_n-simpli.fi_rbd_n-vmg_smrt_cnv_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 20 Jul 2022 15:58:41 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Permissions-Policy
interest-cohort=()
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
x-amz-rid
7JP3ZR6Q24HC42ZXFA46

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Wed, 20 Jul 2022 15:58:41 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=1862237872783926789061
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
1.jpg
assets.vlitag.com/ads//300x250/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vlitag.com/ads//300x250/1.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1d79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbbbd444a11deb8cd2e859fcaaf2ef16aac751ba04642ffafc0a35d928a52102
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
470270
cf-polished
qual=85, origFmt=jpeg, origSize=13057
content-disposition
inline; filename="1.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10964
x-xss-protection
1; mode=block
x-robots-tag
noindex, nofollow
last-modified
Fri, 01 Nov 2019 05:04:46 GMT
server
cloudflare
etag
"5dbbbcee-3301"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Sun, 22 Jan 2023 15:58:41 GMT
cache-control
public, max-age=16070400
accept-ranges
bytes
cf-ray
72dce655efa9b3e3-MIA
cf-bgj
imgq:85,h2pri
m
cm.mgid.com/ Frame 1C6E
Redirect Chain
  • https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=23b3b44991744da7949e4f4ef5c970c5
  • https://cm.mgid.com/m?c=23b3b44991744da7949e4f4ef5c970c5&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
43 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.mgid.com/m?c=23b3b44991744da7949e4f4ef5c970c5&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C136%2C116%2C115%2C106%2C104%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H3
Server
104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
72dce6572be809b6-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
location
https://cm.mgid.com/m?c=23b3b44991744da7949e4f4ef5c970c5&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
72dce6566aa709b6-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
qmap
sync.crwdcntrl.net/ Frame 1C6E
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=lotame&cspid=20&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16101%26tp%3DADEL%26tpid%3D%24{ADELPHIC...
  • https://sync.crwdcntrl.net/qmap?c=16101&tp=ADEL&tpid=d3832960-0844-11ed-8d4b-7527f8cc64c7&gdpr=0
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=16101&tp=ADEL&tpid=d3832960-0844-11ed-8d4b-7527f8cc64c7&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C136%2C116%2C115%2C106%2C104%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Server
52.73.102.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-102-235.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.11.77
content-type
image/gif
content-length
49
expires
0

Redirect headers

Location
https://sync.crwdcntrl.net/qmap?c=16101&tp=ADEL&tpid=d3832960-0844-11ed-8d4b-7527f8cc64c7&gdpr=0
Date
Wed, 20 Jul 2022 15:58:40 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
d3832961-0844-11ed-8d4b-7527f8cc64c7
qmap
sync.crwdcntrl.net/ Frame 1C6E
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=0
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C136%2C116%2C115%2C106%2C104%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Server
52.73.102.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-102-235.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.39.24
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=0
date
Wed, 20 Jul 2022 15:58:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2/gdpr=0/ Frame 1C6E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2/gdpr=0/gdpr_consent=
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2/gdpr=0/gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C136%2C116%2C115%2C106%2C104%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Server
52.73.102.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-102-235.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.42.40
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2/gdpr=0/gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
249
ltm
audex.userreport.com/sync/put/ Frame 1C6E 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://audex.userreport.com/sync/put/ltm?ltmid=23b3b44991744da7949e4f4ef5c970c5
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C136%2C116%2C115%2C106%2C104%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-25.ewr52.r.cloudfront.net
Software
nginx/1.20.0 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:41 GMT
Via
1.1 71963481e8787829babadbbb735376ee.cloudfront.net (CloudFront)
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx/1.20.0
X-Amz-Cf-Pop
EWR52-C1
X-Cache
Miss from cloudfront
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-Amz-Cf-Id
6TJQ0wDKXOdmlywQ929CtY1mTaJdQcF1MwpJ-g2nEEq3EarOj7FvHw==
tpid=72b09538-e154-472b-9fb0-46549e06af35
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 1C6E
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=23b3b44991744da7949e4f4ef5c970c5&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=72b09538-e154-472b-9fb0-46549e06af35%252Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%2...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&ttd_puid=72b09538-e154-472b-9fb0-46549e06af35%2Chttps%3A%2F%2Fsync.crwdcntrl.net%2Fm...
  • https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=72b09538-e154-472b-9fb0-46549e06af35
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=72b09538-e154-472b-9fb0-46549e06af35
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C136%2C116%2C115%2C106%2C104%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Server
52.73.102.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-102-235.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.32.170
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=72b09538-e154-472b-9fb0-46549e06af35
date
Wed, 20 Jul 2022 15:58:41 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync.gif
dmp.truoptik.com/f2d2e39fc16bc9cc/ Frame 1C6E 		0
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C136%2C116%2C115%2C106%2C104%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.108.154 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
x-content-type-options
nosniff
to-dmp-sync
s3a-dmp-use1-aws.truoptik.com
server
cloudflare
user-agent
Tru Optik DMP 1.3.1
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
cache-control
no-store
strict-transport-security
max-age=15552000; includeSubDomains
cf-ray
72dce65699062251-MIA
cf-cache-status
DYNAMIC
x-xss-protection
1; mode=block
expires
0
/
loadus.exelator.com/load/ Frame 1C6E 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadus.exelator.com/load/?p=204&g=260&buid=23b3b44991744da7949e4f4ef5c970c5&j=0&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C136%2C116%2C115%2C106%2C104%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-156-250.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
tpid=dda9e798-8e67-f003-0e5c-1d77e8b141a9
bcp.crwdcntrl.net/map/c=10098/tp=SRVT/ Frame 1C6E
Redirect Chain
  • https://px.surveywall-api.survata.com/t
  • https://bcp.crwdcntrl.net/map/c=10098/tp=SRVT/tpid=dda9e798-8e67-f003-0e5c-1d77e8b141a9
49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=10098/tp=SRVT/tpid=dda9e798-8e67-f003-0e5c-1d77e8b141a9
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C136%2C116%2C115%2C106%2C104%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Server
52.73.102.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-102-235.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.38.150
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Wed, 20 Jul 2022 15:58:41 GMT
ETag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
Server
nginx/1.19.2
X-Powered-By
Express
Content-Type
image/gif; charset=utf-8
Location
https://bcp.crwdcntrl.net/map/c=10098/tp=SRVT/tpid=dda9e798-8e67-f003-0e5c-1d77e8b141a9
Referer
px.surveywall-api.survata.com, px.surveywall-api.survata.com, px.surveywall-api.survata.com
Connection
keep-alive
Content-Length
0
gdpr=0
sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=75380306836493605940184551906796271848/ Frame 1C6E
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=23b3b44991744da7949e4f4ef5c970c5&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=23b3b44991744da7949e4f4ef5c970c5&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUI...
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=75380306836493605940184551906796271848/gdpr=0
49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=75380306836493605940184551906796271848/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C136%2C116%2C115%2C106%2C104%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Server
52.73.102.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-102-235.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.1.4
content-type
image/gif
content-length
49
expires
0

Redirect headers

DCS
dcs-prod-va6-1-v036-08590abc4.edge-va6.demdex.com 6 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
3ZBM2TkgRLQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=75380306836493605940184551906796271848/gdpr=0
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
lotame
sync.sharethis.com/ Frame 1C6E 		42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.sharethis.com/lotame?uid=23b3b44991744da7949e4f4ef5c970c5&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C136%2C116%2C115%2C106%2C104%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.217.183.114 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-217-183-114.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubDomains;
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Date
Wed, 20 Jul 2022 15:58:41 GMT
Content-Length
42
Stid
ZHoABWLYJjAAAAAIUHkGAw==
Content-Type
image/gif
usermatch.gif
beacon.krxd.net/ Frame 1C6E 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=23b3b44991744da7949e4f4ef5c970c5
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C136%2C116%2C115%2C106%2C104%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.92.156.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-92-156-105.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
cache-control
private, no-cache, no-store
x-request-time
D=30 t=1658332721
x-served-by
beacon-n024-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
image.sbxx
ib.mookie1.com/ Frame 1C6E
Redirect Chain
  • https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=23b3b44991744da7949e4f4ef5c970c5
  • https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=23b3b44991744da7949e4f4ef5c970c5
120 B
982 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=23b3b44991744da7949e4f4ef5c970c5
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C136%2C116%2C115%2C106%2C104%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
HTTP/1.1
Server
64.58.232.180 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:42 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
LAS14
Content-Type
image/png
Content-Length
120
Expires
-1

Redirect headers

Date
Wed, 20 Jul 2022 15:58:41 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Location
https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=23b3b44991744da7949e4f4ef5c970c5
p3p
CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
private
X-Server
LAS12
Content-Type
text/html; charset=utf-8
Content-Length
217
gdpr_consent=
bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-29c839e0-9eb4-49f4-6cdf-70a1802b7ee9$ip$38.132.118.68/gdpr=0/ Frame 1C6E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0
  • https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-29c839e0-9eb4-49f4-6cdf-70a1802b7ee9$ip$38.132.118.68/gdpr=0/gdpr_consent=
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-29c839e0-9eb4-49f4-6cdf-70a1802b7ee9$ip$38.132.118.68/gdpr=0/gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C136%2C116%2C115%2C106%2C104%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Server
52.73.102.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-102-235.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:42 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.13.95
content-type
image/gif
content-length
49
expires
0

Redirect headers

Location
https://bcp.crwdcntrl.net/map/c=6569/tp=STKA/tpid=0-29c839e0-9eb4-49f4-6cdf-70a1802b7ee9$ip$38.132.118.68/gdpr=0/gdpr_consent=
Date
Wed, 20 Jul 2022 15:58:42 GMT
Connection
keep-alive
Content-Length
149
Content-Type
text/html; charset=utf-8
qmap
sync.crwdcntrl.net/ Frame 1C6E
Redirect Chain
  • https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D%26src=lot%26gdpr%3D0
  • https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=0be862d8-2632-4700-b4a9-ffbbf32e26e2&src=lot&gdpr=0
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=0be862d8-2632-4700-b4a9-ffbbf32e26e2&src=lot&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C136%2C116%2C115%2C106%2C104%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Server
52.73.102.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-102-235.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:42 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.10.28
content-type
image/gif
content-length
49
expires
0

Redirect headers

Date
Wed, 20 Jul 2022 15:58:41 GMT
Server
MT3 4475 c1dc35a master ord-pixel-x57 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=0be862d8-2632-4700-b4a9-ffbbf32e26e2&src=lot&gdpr=0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 20 Jul 2022 15:58:40 GMT
gdpr=0
sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553/ Frame 1C6E
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
  • https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0
  • https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553/gdpr=0
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C136%2C116%2C115%2C106%2C104%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Server
52.73.102.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-102-235.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:42 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.40.15
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553/gdpr=0
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
token
token.rubiconproject.com/ Frame 1C6E 		0
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=7&puid=23b3b44991744da7949e4f4ef5c970c5&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C136%2C116%2C115%2C106%2C104%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
9e7742894a018a40b59a2ed2117c85b5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
gdpr=0&_test=YtgmNwAAVKvXuQAK
sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YtgmNwAAVKvXuQAK/ Frame 1C6E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0
  • https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=YtgmNwAAVKvXuQAK
  • https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YtgmNwAAVKvXuQAK/gdpr=0&_test=YtgmNwAAVKvXuQAK
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YtgmNwAAVKvXuQAK/gdpr=0&_test=YtgmNwAAVKvXuQAK
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C136%2C116%2C115%2C106%2C104%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Server
52.73.102.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-102-235.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:47 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.32.57
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:47 GMT
via
1.1 varnish
server
Varnish
x-timer
S1658332727.174020,VS0,VE0
x-served-by
cache-mia11381-MIA
x-cache
HIT
location
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YtgmNwAAVKvXuQAK/gdpr=0&_test=YtgmNwAAVKvXuQAK
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 1C6E 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=MjNiM2I0NDk5MTc0NGRhNzk0OWU0ZjRlZjVjOTcwYzU&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C136%2C116%2C115%2C106%2C104%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5907
tags.bluekai.com/site/ Frame 1C6E 		62 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=45823e5efa3f1c3294842ca71c7b46d7
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C136%2C116%2C115%2C106%2C104%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-length
62
content-type
image/gif
g.json
aa.agkn.com/adscores/ Frame 1C6E 		103 B
722 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C136%2C116%2C115%2C106%2C104%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.146.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-146-34.ewr52.r.cloudfront.net
Software
AAWebServer /
Resource Hash
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
via
1.1 c00308f66532ff493ccf2757d4085e0c.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR52-C2
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
103
x-amz-cf-id
BR0rKzoZnAPYyCl1xnSOHanQIgCXfvJcraarqp6PSKapXqD7b8Yx1Q==
expires
0
gdpr=0
sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2394348841350322825/ Frame 1C6E
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/23b3b44991744da7949e4f4ef5c970c5/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D/gdpr=0
  • https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2394348841350322825/gdpr=0
49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2394348841350322825/gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C136%2C116%2C115%2C106%2C104%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Server
52.73.102.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-102-235.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:42 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.40.9
content-type
image/gif
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=2394348841350322825/gdpr=0
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rand=602975694
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8343254669216575683/gdpr=0/ Frame 1C6E
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=602975694
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8343254669216575683/gdpr=0/rand=602975694
49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8343254669216575683/gdpr=0/rand=602975694
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C136%2C116%2C115%2C106%2C104%2C100%2C95%2C94%2C81%2C80%2C78%2C54%2C38%2C33%2C31%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol
H2
Server
52.73.102.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-102-235.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:42 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.15.55
content-type
image/gif
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:41 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
fe073705-fdca-4a72-bdb0-6ca3bf0c4ed7
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=8343254669216575683/gdpr=0/rand=602975694
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
a.gif
t.sharethis.com/d/ Frame 5D6C 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHoABWLYJjAAAAAIUHkGAw%253D%253D&tt=t.dhj&dhjLcy=1658332721128&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1004.23341&ell=d&cck=__stid&dmn=www.hawtcelebs.com&pn=%2F&qs=na&rdn=www.hawtcelebs.com&rpn=%2F&rqs=na&cc=US&cont=NA&evid=gGTVcIYAVdlN4dh0QaKE&urls=&rnd=1658332721571&cid=c010&version=1.1004.23341&cc=US&cont=NA&cls=C&repeat=0&htmLcy=173
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.17.240 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-17-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1004.23341&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:41 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Expires
Wed, 20 Jul 2022 15:58:41 GMT
sync
gum.criteo.com/ 		56 B
380 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=446&r=2&j=dspCriteoRTUSCallback&gdpr=0&gdpr_pd=0&us_privacy=1---
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e62ff111daf17418d9a23c8cf57947f202701d3d0fb370d29579f60bc9b29dc8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1725
strict-transport-security
max-age=31536000; preload;
content-length
172
expires
60
/
trends.revcontent.com/api/delivery/ 		36 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=268748&width=1600&gdpr=0&us_privacy=1---&rev_allow_cookies=1&site_url=https%3A%2F%2Fwww.hawtcelebs.com%2F&icr_url=&va=0&user_uuid=88b12101-1147-42bd-8055-6997905647bc&time=1658332721574&up=pc&bn=chrome&bv=103&widget_width=537&style_id=0&idhub[pubcid]=62c6a05b-1b7b-48a8-8fc9-ced8a4e31e88
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.217.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-217-144.compute-1.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
01e5d38d9555342f5143960c116f5593e069216a1643413993a9d0a9c06948a7
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
access-control-allow-origin
*
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
content-length
15601
impl_v90.js
www.googletagservices.com/dcm/ Frame F910 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v90.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 23:34:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
404673
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21331
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 13:07:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 15 Jul 2023 23:34:08 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16311/ Frame 0A51 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Requested by
Host: cdn-tc.33across.com
URL: https://cdn-tc.33across.com/lotame-sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.126.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-126-46.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
742451fdc2781b02e4d414c5cb363fe035e482856c13245e3c96c00872995d74

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn-tc.33across.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 20 Jul 2022 06:44:58 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 18:06:21 GMT
server
AmazonS3
age
33224
etag
W/"4a94b9a46316c2b68248813a2bc5fbd7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 7972cbd1699f1a8b6ef2e0b1fa50ca3e.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
EWR52-C3
x-amz-cf-id
injJFQ3xRrPkmhpGyrTNy2lFzJqhKBln4azUPrCrGmcx3UE6LOJ_pg==
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 90AE 		24 B
107 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=2&cb=PubMatic._uidCB
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1b6dfbc0392b3e04e6f10a39a7c097635148b6bc998c13ffbda40d5b3df488c8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
cache-control
private
expires
Sat, 30 Jul 2022 08:49:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
24
content-type
text/html; charset=UTF-8
radApi
edge.udmserve.net/ 		20 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.udmserve.net/radApi
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.120 Toronto, Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
underdogmedia.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 20 Jul 2022 15:58:41 GMT
Content-Length
20
Content-Type
application/json
map
bcp.crwdcntrl.net/6/ Frame 0A51 		156 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16311/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.102.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-102-235.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
6395dfdf272c4b6f4cabe8d50c198acceb2553e0cb6dac7c2d9c0f9a9aa8f2af

Request headers

Referer
https://cdn-tc.33across.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://cdn-tc.33across.com
cache-control
no-cache
x-server
10.40.0.172
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
156
expires
0
B25656232.300937094;dc_ver=90.265;sz=300x250;u_sd=1;gdpr=0;af-campaign-id=269236180;af-creative-id=357830769;country=US;scenario=PROSPECTING;source=APP;dc_adk=732509352;ord=2vn86e;click=https%3A%2F...
ad.doubleclick.net/ddm/adj/N246801.273391APPNEXUS/ Frame F910 		193 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N246801.273391APPNEXUS/B25656232.300937094;dc_ver=90.265;sz=300x250;u_sd=1;gdpr=0;af-campaign-id=269236180;af-creative-id=357830769;country=US;scenario=PROSPECTING;source=APP;dc_adk=732509352;ord=2vn86e;click=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick%3FtPAVuxrI4T9pNo_DYP7bPwAAAIAUrgNANtKWljii4D8axXJLqyHlP5yJHGQD-tJAbnK9yARX4xIwJthiAAAAAKz0cQH_JwAAUQoAAAIAAABxEFQVdmQmAAAAAABVU0QAVVNEACwB-gDJcQAAAAABAgUCAAAAANwAtSUeMgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521RSKuqwjQjqcVEPGg0KoBGPbImQEgACgAMQAAAAAAAAAAOglOWU0yOjQ5MjRA6y5JDOpb5nRZ7z9RAAAAAAAAAABZAAAAAAAAAABhAAAAAAAA0D9pAAAAAAAAAABxAAAAAAAAAAB4AIIBHwjvpCUQBRgBIgNFVVIpDOpb5nRZ7z8xObTIdr6fuj-JAQAAAAAAAPA_%2Fcca%3DMjY0MSNOWU0yOjQ5MjQ%3D%2Fbn%3D89541%2Fclickenc%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fwww.hawtcelebs.com%2F$0;xdt=0;crlt=3QymSaZAJV;cmpl=8;gcsr=m;stc=1;chaa=1;sttr=104;prcl=s
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s80-in-f6.1e100.net
Software
cafe /
Resource Hash
dae0684c99fd70921cadd41f0cbc6fc259020d652a5a03e5e0820e8dec632384
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42880
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
59574
stags.bluekai.com/site/ Frame DFE3 		62 B
565 B 		Document
General
Check archive.org
Download Go to
Full URL
https://stags.bluekai.com/site/59574?ret=html&phint=id%3DZHoABWLYJjAAAAAIUHkGAw%3D%3D&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Ft.sharethis.com%2Fa%2Ft_.htm%3Fver%3D1.1004.23341%26cid%3Dc010%26cls%3DC&phint=__bk_v%3D3.1.10&limit=5&r=26465930
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://t.sharethis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
62
content-type
image/gif
date
Wed, 20 Jul 2022 15:58:41 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
ecm3
s.amazon-adsystem.com/ Frame 647F 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=4d9c16ec-80de-44af-9601-927d92605670
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:41 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
EJSB9PG4DSPZZAFCFXQW
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/ Frame 647F
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.70.74.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-74-97.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame 647F
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=2
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&gdpr=0&gdpr_consent=
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.70.74.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-74-97.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
v1
match.sharethrough.com/sync/ Frame 647F
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=3
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=18694
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=L5TSHGLI-U-ECYW
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=L5TSHGLI-U-ECYW
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.70.74.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-74-97.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=L5TSHGLI-U-ECYW
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
bd0f62a3fbacfef6a33ae6abaf6daf37
Expires
0
v1
match.sharethrough.com/sync/ Frame 647F
Redirect Chain
  • https://match.sharethrough.com/jwumXNuB_CMA/v1/?q=4
  • https://secure.adnxs.com/getuid?https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=$UID
  • https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=8343254669216575683
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=8343254669216575683
Requested by
Host: match.sharethrough.com
URL: https://match.sharethrough.com/jwumXNuB/v1/?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsharethrough.com%26id%3D%24UID&gdpr=0
Protocol
H2
Server
52.70.74.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-74-97.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:41 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
55d87bb9-8701-4cb6-a8e4-9f8cd821078f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://match.sharethrough.com/sync/v1?source_id=0e8893f90b606c9c5d33f1be&gdpr=0&gdpr_consent=&source_user_id=8343254669216575683
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame CB55 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
917989d44c7b47139b83cb4be3f5a786c1635d8fb70f58c60cf356eadd60f584

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74168
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9451
Expires
Thu, 21 Jul 2022 12:34:49 GMT
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Jul 2022 15:58:42 GMT
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame F910 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Origin
https://www.hawtcelebs.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 01:41:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51413
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Jul 2022 01:41:49 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/ Frame F910 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220719/r20110914/elements/html/omrhp.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:19:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2359
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 03 Aug 2022 15:19:23 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F910 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 11:58:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
187185
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 18 Jul 2023 11:58:57 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 9250 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
220377
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Jul 2022 02:45:45 GMT
expires
Tue, 18 Jul 2023 02:45:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 51E7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.hawtcelebs.com&gdpr=0&gdpr_consent=
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
6f87cd86c391c6361adca474b987f3e4b6d81d281795120c584d0a0c1ca7f5ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 15:58:41 GMT
server-processing-duration-in-ticks
2241
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b6d1f6662fba6c649c4b906368c6c758a51a9ffc03639875681c3fc4ce2f8998
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
content-encoding
gzip
last-modified
Fri, 08 Jul 2022 20:59:27 GMT
server
nginx
etag
W/"62c89aaf-15b76"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 21 Jul 2022 15:58:42 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F910 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43203
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658144321100200"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Jul 2022 15:58:42 GMT
index.html
s0.2mdn.net/sadbundle/5561583005601304477/300x250/ Frame 3371 		112 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c787774c567e123a78d24f8d9954b472cf1fcd126c95c8cddf7d7c1d983ee034
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 15:58:42 GMT
expires
Thu, 20 Jul 2023 15:58:42 GMT
last-modified
Fri, 27 May 2022 14:06:02 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F910 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstwdQV3AH1l2vc-IkWYze2kbgYbqhdsgZN_o80RdCeuky-AMvGHwGXdNkK9vtsqeEzXOjBwO_z3BjS31WrAaO-RnNJ8ThpO0FpdMW8tQAc-fK1Ve6Z2Vi1uNcXQw-rDgEoqX0sLjHXYnJOhYPK__5c-VvKbixxwOmgWf6M&sig=Cg0ArKJSzG-umCXA4GwnEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=130&cbvp=1&cstd=123&cisv=r20220719.20444&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jul 2022 15:58:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
async_usersync.html
acdn.adnxs.com/dmp/ Frame 461F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10239&pub_id=2060307
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
38976
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 20 Jul 2022 15:58:42 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 11 Jul 2022 04:38:47 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 133201
X-Served-By
cache-lga21941-LGA, cache-mia11369-MIA
X-Timer
S1658332722.326696,VS0,VE0
vevent
nym1-ib.adnxs.com/ Frame F910 		0
840 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&e=wqT_3QLcFvDtXAsAAAMA1gAFAQiwzOCWBhCck_KgtsC-6UAY7uT1xczg1fESKjYJtPAVuxrI4T8RaTaPw2D-2z8ZAAAAgBSuA0AhNtKWljii4D8pGsVyS6sh5T8xAAAA4HoU3j8wrOnHCzj_T0DRFEgCUPGg0KoBWPbImQFgAGjJ47kBeMW7BYABAYoBA1VTRJIBA1VTRJgBrAKgAfoBqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigKVAXVmKCdhJywgMzQzNDM0LCAxNjU4MzMyNzIwKTt1ZignaScsIDQ1NDkxMTEsIDE2NTgzMzI3MjApOwEdLGcnLCAxMjUyMzYwOEY7ADBzJywgMjY5MjM2MTgwRh8AMHInLCAzNTc4MzA3Njk2HwDwsJICqQ8hZjVRWEhnalFqcWNWRVBHZzBLb0JHQUFnOXNpWkFUQUFPQUJBQUVqUkZGQ3M2Y2NMV0FCZ19nRm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUUdvQVFHd0FRQzVBWU9PdVhHMHMtUV93UUhjQ3ZjSXJ5SGxQOGtCQUFBQUFBQUE4RF9aQVF6cVctWjBXZThfNEFIMzA1VUM5UUZHOEg0X21BSUFvQUlCdFFJQQEzCHZRSQEH8ItBd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNT0NJNzM4UnNRQVJnQ0xRQUFRRUNpQXc0SWp2ZnhHeEFMR0FJdEFBQkFRTG9EQ1U1WlRUSTZORGt5Tk9BRDZ5NkFCTjZubGdTSUJMajQxUWlRQkFHWUJBR3FCTWNIQ1BfX19fXwkFCHdFUQkJCQEIQVJqCQkFAQw4QklQBQkJAQh3RW8JCQkBCEFURAkJBQEIOEJPMiwABEZBBRcNAQRBVTZYAABVNiwAAFkNJwUBBEFXNlgAAGE2LAAAdwUlDQEEQVg2WAAIZ0FIDRoBAQg4Qmk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAADDBBR3NBkAAyOhgAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FMAfENAQH4NhAAHGtBTF9UNWdDDSEFAQhBYUE6EAA6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAARZQS4pAgxfQVlnNhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAAhZQUUlyQ0BCEFZZzYQAABaOiAAAFo6IAAAYTogAABhOiAAAGI6IAAAYjogAABjOiAAAGM6IAAAZDogAABkOiAAAGU6IAAAZTogAABmOiAAAGY6IAAIWUFGDfsFAQhBWWc2EAAAWjogAABaOiAAaGJJRUNnanlnLUlNRU43NGxnMjZCQm9JN1FnUqWtGEFBQTBEOFoBCA0BIGd6UC1hRHNFRQ0QFEEwRF9KQhENJEFBQTJBUUE4UVEBCwkB8D5JSUZId2p2cENVUUJSZ0JJZ05GVlZJcERPcGI1blJaN3o4eE9iVElkcjZmdWotSUJid21tQVhVNzdDQUFha0YJRRhBQThELXhCHVcId1FVERsISVFNCSgcd0VnOHp6X1IuKAAAMhUoaER3UC1BRjlJTUU4QVhZc1B3Ri1BV0steFNDQgWUPEtJQmdTUUJnR1lCZ0NoQmcRXyhBQXFBWUVzZ1lrQx2AAEUdDABHHQwASR0MOHVBWUuaAsUBIVJTS3VxdzqtByxQYkltUUVnQUNnQU0dNUxPZ2xPV1UweU9qUTVNalJBNnk1SjktADk1mQhBQUI9mQRCaBGvDDBEOXARDAxBQUJ4HQwQNEFJSUKqjQEESkERmPQ0AVBBX9gCxckC4AK6303qAhtodHRwczovL3d3dy5oYXd0Y2VsZWJzLmNvbS-AAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOp9C7gAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA0zOC4xMzIuMTE4LjY4qAQAsgQMCAAQABgAIAAwADgCuAQAwAQAyAQA0gQOMjY0MSNOWU0yOjQ5MjTaBAIIAeAEAPAE8aDQqgGIBQGYBQCgBf___________wGqBSRiYWRhMzkzZS0wZjViLTI3MWMtY2Y5OS01OGZhYjdlODczNGPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX3EPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbKCdoGFgoQAAAAAAAAAAVHAQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPHdww7h5AAMgHxbsF0gcNCQE0AQEBOAjaBwYJJ2zgBwDqBwIIAPAHrIGHA4oIAhAAlQgAAIA_mAgB&s=9f49d9425741dd7430e18d280a8e078810b29836&type=nv&nvt=5&jm=1003&px=651&py=371&bw=300&bh=250&sid=8885501071603797365&vd=ct~0|rr~0&sv=224&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=24245420&sw=1600&sh=1200&pw=1600&ph=11573&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:42 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
e8e24df1-b270-4491-b88b-2007db96f6d2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
impression
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.217.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-217-144.compute-1.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:42 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
defaultWidget~feedWidget.delivery.js
assets.revcontent.com/master/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
84dfa737caf86f9510e44a723cfa2782d30babdb9e44007d117e6bf5fac76905

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 18:55:19 GMT
server
AmazonS3
x-amz-request-id
4ABQ8JRC9KD6KH8J
etag
"5cf1cfdb0805d3b231d3e75adbe10876"
x-hw
1658332722.cds028.mi1.hn,1658332722.cds249.mi1.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
6477
x-amz-id-2
HUCWHw4zwqvCByL3BOHcE6Xl4ga9GbBvQzS8VcdVRCrBoWjjMRXy/7xZMDQypscqywPhZwR0Sb4=
defaultWidget.delivery.js
assets.revcontent.com/master/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ac9aae896e31480718b101c96ecb2d154a2aaecaaf14160201302a7c505a5e9b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 18:55:17 GMT
server
AmazonS3
x-amz-request-id
4ABPC3DDRC4721KC
etag
"7fe4a186872be5610194d54715a9e28f"
x-hw
1658332722.cds028.mi1.hn,1658332722.cds053.mi1.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
6051
x-amz-id-2
GKFrn7Fjf8X1uQCqgKoiO72hhq2qyi+PnEWHaeTdfDYx9I44XM66PDYIbqU8IMdKdll5/jmzPj8=
commonModal.delivery.js
assets.revcontent.com/master/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/commonModal.delivery.js
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3da563d409854faad3f3b39918b789d908f34431fe654e4038859740cc01cdc0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 18:55:17 GMT
server
AmazonS3
x-amz-request-id
4ABMYF2TNQFED1GP
etag
"02e37379bb00a6592a1a066f8bb2e069"
x-hw
1658332722.cds028.mi1.hn,1658332722.cds247.mi1.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
1652
x-amz-id-2
TYMfy5JpoTSfaAnl5slApAlLr9z0ED+NcEmeqI9xIUp8EThiW3bsNX+kvgQMAB9qjWZxnqVbLBw=
/
img.revcontent.com/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
last-modified
Thu, 02 Jun 2022 15:22:42 GMT
etag
"1654183362"
x-hw
1658332722.cds253.mi1.hn,1658332722.cds043.mi1.c
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1351
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://b1sync.zemanta.com/usersync/revcontent/?puid=YzcyYjc0ODZmMjYzMTBlNjM1Yjg2OWVhZTg0ZjJmMTg%3D&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3DYzcyYjc0ODZmMjYzMTBlNjM...
  • https://stags.bluekai.com/site/23178?id=7EcbTJ0xr6mloBuw1D0R&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65DSMVXGI4ZOOJSXMY3PNZ2GK3TUFZRW63JPMNWS64DJ...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65DSMVXGI4ZOOJSXMY3PNZ2GK3TUFZRW63JPMNWS64DJPBSWYX3TPFXGGP3CNFSGIZLSHUZSMYTJMRSGK4S7OVUWIPJXIVRWEVCKGB4HENTNNRXUE5LXGFCDAURGMV4GG...
  • https://trends.revcontent.com/cm/pixel_sync?bidder=3&bidder_uid=7EcbTJ0xr6mloBuw1D0R&exchange_uid=YzcyYjc0ODZmMjYzMTBlNjM1Yjg2OWVhZTg0ZjJmMTg%3D
35 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=3&bidder_uid=7EcbTJ0xr6mloBuw1D0R&exchange_uid=YzcyYjc0ODZmMjYzMTBlNjM1Yjg2OWVhZTg0ZjJmMTg%3D
Protocol
H2
Server
54.88.217.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-217-144.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
x-powered-by
Express
content-length
35
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:42 GMT
P3p
CP="We do not support P3P header."
Location
https://trends.revcontent.com/cm/pixel_sync?bidder=3&bidder_uid=7EcbTJ0xr6mloBuw1D0R&exchange_uid=YzcyYjc0ODZmMjYzMTBlNjM1Yjg2OWVhZTg0ZjJmMTg%3D
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
175
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1658332721&us_privacy=&rev_dt=1658332721573
  • https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&rev_dt=1658332721&us_privacy=&rev_dt=1658332721573
  • https://m.fg8dgt.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&ssp_uuid=622885e8-69bc-4dce-b7b7-33df6ad940af
  • https://m.fg8dgt.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&ssp_uuid=622885e8-69bc-4dce-b7b7-33df6ad940af
  • https://x.bidswitch.net/sync?dsp_id=108&expires=14&ssp=revcontent&user_id=22aa9c10-9b20-4b15-8b51-501e79f03448
  • https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=622885e8-69bc-4dce-b7b7-33df6ad940af
35 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=622885e8-69bc-4dce-b7b7-33df6ad940af
Protocol
H2
Server
54.88.217.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-217-144.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
x-powered-by
Express
content-length
35
content-type
image/gif

Redirect headers

Location
//trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=622885e8-69bc-4dce-b7b7-33df6ad940af
Date
Wed, 20 Jul 2022 15:58:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=YzcyYjc0ODZmMjYzMTBlNjM1Yjg2OWVhZTg0ZjJmMTg%3D&rev_dt=1658332721&us_privacy=&rev_dt=1658332721573
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=YzcyYjc0ODZmMjYzMTBlNjM1Yjg2OWVhZTg0ZjJmMTg%3D&rev_dt=1658332721&us_privacy=&rev_dt=1658332721573
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=YzcyYjc0ODZmMjYzMTBlNjM1Yjg2OWVhZTg0ZjJmMTg=&bidder=154&bidder_uid=f74425d5-0fc4-4ef4-99f7-238315af2c7a
35 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=YzcyYjc0ODZmMjYzMTBlNjM1Yjg2OWVhZTg0ZjJmMTg=&bidder=154&bidder_uid=f74425d5-0fc4-4ef4-99f7-238315af2c7a
Protocol
H2
Server
54.88.217.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-217-144.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
x-powered-by
Express
content-length
35
content-type
image/gif

Redirect headers

location
//trends.revcontent.com/cm/pixel_sync?exchange_uid=YzcyYjc0ODZmMjYzMTBlNjM1Yjg2OWVhZTg0ZjJmMTg=&bidder=154&bidder_uid=f74425d5-0fc4-4ef4-99f7-238315af2c7a
date
Wed, 20 Jul 2022 15:58:42 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
ic5.php
data00.adlooxtracking.com/ads/ Frame F910 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D12%26scriptname%3Dadl_359%26tagid%3D812%26typejs%3Dtvaf%26fwtype%3D1%26creatype%3D2%26targetelt%3D%26custom2area%3D70%26custom2sec%3D2%22%7D&adloox_io=1&client=airfrance&campagne=359&banniere=0&visite_id=82063496008&seq=0&timezone=0&js=tfav_adl_359.js&date_regen=2021-12-14%2010%3A12%3A35&plat=12&tagid=812&fw=1&version=1&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=2060307&id2=269236180&id3=357830769&id4=300x250&id5=24245420&id6=343434&id7=10239&id8=12523608&id9=1361027190455366254&id10=4549111&id11=%24ADLOOX_WEBSITE&id14=custom_70_2&id20=614b730&p_d=0.165&d5=1052&tc=&d3=1600x1200&d6=found-wabbit&d7=0&appname=Netscape&fai=reel-300x250_iframe%40https%3A%2F%2Fwww.hawtcelebs.com%2F&iframe=3&fake=010000&resolution=1600x1200&nav_lang=en-US&debug=7%3A%20top%20%21%3D%20window%20%26%20friendly%20-%3E%20GLOBAL.location.href%20&url_referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&ao=https%3A%2F%2Fwww.hawtcelebs.com&nb_cpu=4&data=522662463ftttttttffffffttttftffffffffttttf&activetab=1
Requested by
Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_359.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.31.249 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.31.241.35.bc.googleusercontent.com
Software
nginx/1.19.8 / PHP/7.4.30
Resource Hash
bb71a210176037ef1b3c16f234f91b35f166f114e079270f122bf3b5c14cc72b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
content-encoding
gzip
access-control-allow-origin
https://www.hawtcelebs.com
x-powered-by
PHP/7.4.30
route
ads-prod-566bd84fd4-n98h4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
server
nginx/1.19.8
vary
Accept-Encoding
accept-ch-lifetime
86400
content-type
text/plain; charset=utf-8
via
1.1 google
cache-control
no-cache, no-store, must-revalidate
accept-ch
UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
timing-allow-origin
*
expires
0
ic5.php
data00.adlooxtracking.com/ads/ Frame F910 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://data00.adlooxtracking.com/ads/ic5.php?d1=%7B%22tag_hash%22%3A%22platform%3D12%26scriptname%3Dadl_359%26tagid%3D812%26typejs%3Dtvaf%26fwtype%3D1%26creatype%3D2%26targetelt%3D%26custom2area%3D70%26custom2sec%3D2%22%7D&adloox_io=1&client=airfrance&campagne=359&banniere=0&visite_id=25509550991&seq=0&timezone=0&js=tfav_adl_359.js&date_regen=2021-12-14%2010%3A12%3A35&plat=12&tagid=812&fw=1&version=1&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=2060307&id2=269236180&id3=357830769&id4=300x250&id5=24245420&id6=343434&id7=10239&id8=12523608&id9=1361027190455366254&id10=4549111&id11=%24ADLOOX_WEBSITE&id14=custom_70_2&id20=614b730&p_d=0.185&d5=1052&tc=&d3=1600x1200&d6=found-wabbit&d7=0&appname=Netscape&fai=reel-300x250_iframe%40https%3A%2F%2Fwww.hawtcelebs.com%2F&iframe=3&fake=010000&resolution=1600x1200&nav_lang=en-US&debug=7%3A%20top%20%21%3D%20window%20%26%20friendly%20-%3E%20GLOBAL.location.href%20&url_referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&ao=https%3A%2F%2Fwww.hawtcelebs.com&nb_cpu=4&data=522662463ftttttttffffffttttftffffffffttttf&activetab=1
Requested by
Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_359.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.31.249 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.31.241.35.bc.googleusercontent.com
Software
nginx/1.19.8 / PHP/7.4.30
Resource Hash
bb71a210176037ef1b3c16f234f91b35f166f114e079270f122bf3b5c14cc72b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
content-encoding
gzip
access-control-allow-origin
https://www.hawtcelebs.com
x-powered-by
PHP/7.4.30
route
ads-prod-566bd84fd4-xhjbh
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
server
nginx/1.19.8
vary
Accept-Encoding
accept-ch-lifetime
86400
content-type
text/plain; charset=utf-8
via
1.1 google
cache-control
no-cache, no-store, must-revalidate
accept-ch
UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
timing-allow-origin
*
expires
0
bid
c.amazon-adsystem.com/e/dtb/ 		130 B
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.hawtcelebs.com%2F&pid=g95TCzhgOhGcR&cb=2&ws=1600x1200&v=8.1.0&t=1000&slots=%5B%7B%22sd%22%3A%22vi_7872651_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_7872651_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C63%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.109.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-109-24.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
d9426dc10f95bb1705a7844de23cc7f34f6803cf825479c0a140f301d5019268
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
via
1.1 749177a97cae42477f22c33c927ca0ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
x-amz-rid
EPFEZN9EF4RNM65VDZ0J
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
130
x-amz-cf-id
VwcOix1NXiFWvhKa74bXKV6fcy8FM4no-b8EBReCLZxczllsMB_3Dg==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzdNUTZyqrUt-MyZa-PMar-qwKM-YBKeKArBtKAKRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNKYUZTRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQDnpK64quZuYjpxUkn01tjFApFqoJOQjnnLKIB7dQw3dxfjVyxMk5SWNtxEKErSBXuR%2BaYG8G6oIiVAjkh8D2ichUEb7LeqtiHISNwOfRYIVnO7wtnFVvjRcXmLPxgGNBK9FnBsQeah0a4JhhFNdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce65b6ef59acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzdNKrttPBMr-AKYP-PKwq-qUAy-eUKZqtAtYyPqRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNKYUZTRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1PuosIr88Ps%2Fme%2FH4w5IKAOB1vPbkV0wOAfIw299d2o0AVg1lukygPGRRJE546JqbWu6xe9EIZHDYU68hazOujfAXlb1neENinJkBl52uKOAPrMlFxb98K8M3dZ3g0tkZNXtHafqmq5OfKqfZyIeTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce65b6ef79acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
pagead2.googlesyndication.com/bg/ Frame 9250 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
840710d4724f89679dd314bedaba5e0dca874a89e35983f04f6b02fca5f43be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 16:47:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
83481
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13821
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Jul 2023 16:47:21 GMT
main.css
s0.2mdn.net/sadbundle/5561583005601304477/300x250/ Frame 3371 		68 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/main.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c37fd79deedf6507a9e0dbb2a5337870ee3d9054b30e707109bcab4df606a5bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 14:44:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4445
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8294
x-xss-protection
0
last-modified
Fri, 27 May 2022 14:06:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 20 Jul 2023 14:44:37 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame 3371 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 04:51:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40035
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Jul 2022 04:51:27 GMT
ADventori-2.0.0.js
adventori.com/lp/enabler/ Frame 3371 		77 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adventori.com/lp/enabler/ADventori-2.0.0.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
135.125.180.61 , France, ASN16276 (OVH, FR),
Reverse DNS
f34.adventori.com
Software
Apache /
Resource Hash
0cd7b4391a82e614ff30dcbc6fa8309600687239a37b5781c88075a19fbd0558
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 25 Mar 2022 11:11:00 GMT
server
Apache
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=300
content-length
17169
expires
Wed, 20 Jul 2022 16:03:42 GMT
engine.js
s0.2mdn.net/sadbundle/5561583005601304477/300x250/ Frame 3371 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/engine.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c180c1576187cb43db899d7f2e3536cfdbc26ecabdbfbf2a680f2e2e35ba8d0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 14:44:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4445
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2789
x-xss-protection
0
last-modified
Fri, 27 May 2022 14:06:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 20 Jul 2023 14:44:37 GMT
af_init_meta.js
s0.2mdn.net/creatives/assets/4296910/ Frame 3371 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4296910/af_init_meta.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b9753e821db7d94095343e5de7e96a94997192a8c1a096f1c9a8f8688c3d49a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:49:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
556
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4281
x-xss-protection
0
last-modified
Fri, 15 Jul 2022 16:39:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Jul 2022 16:04:26 GMT
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 20 Jul 2022 15:58:42 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:42 GMT
server
ATS/9.1.0.46
pbjs
useast.quantumdex.io/auction/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
72dce65b7ddd6dc7-MIA
unruly_prebid
targeting.unrulymedia.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:42 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		361 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
93f15c1e8e89766e1a58ce3a799a32451ddc9a9f0ff57cc09ad60cbf7d4bd426

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
160
content-length
231
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
2fc33da58bdb34aebe2fd40d8cfa397338c110120625f3561b980959fb260625

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
ROS
pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ 		432 B
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ROS?rnd=0.39745589516073365&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=7.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&ccpa=1---&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522hawtcelebs.com%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522gwqtxekeva_xon21058336769654%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=3e454c00-a647-473c-8fb6-cfd95d428962
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.125 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
2992739582d1128d83dbc9e7e5bb31db0cde5ddcc0d74b23b2fc8a2b86d0bc35

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.hawtcelebs.com
expires
Wed, 20 Jul 2022 15:58:42 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
432
x-sid
IAD-1216
v1
btlr.sharethrough.com/universal/ 		611 B
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.193.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-193-118.compute-1.amazonaws.com
Software
/
Resource Hash
e8c4ab07002d64eb3434073989a815c795658868c71aee4eadb6725d1f92d348

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 20 Jul 2022 15:58:42 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
369
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:42 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		255 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e79e411e4315addbc7c37430ed40b187291f03fdce4a4c0d0745d42a0206b0c6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:42 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
cd045ee9-358c-4ec1-b379-d70a651df96c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
255
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.2.0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&tmax=1000&us_privacy=1---
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.229.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-229-211.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:42 GMT
accept-ch
sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		188 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=123&profileId=185&av=34&wv=7.2.0&cb=96677749666
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
1804c1503a635504069478a735986974a43f866c37c35c052b7b4661142eac82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:41 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
172
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRmNKYUZTRzdNwTtMMYZA-waMa-PZYB-MMqt-PPwrwYTayUqwRlmNaKAbaARdzNwqfftkRqxeNco_KMKYUZT_KRwkjNTRkjmNaKAbaARwlNjxqfzxdrtb,qdb,thsqffofu,kzwigxlt,qhhftbxl,zkohstsoyzRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LWTY7UPVJJtcf1IquYAPWfsPrBpEAZSNE%2BXeVYUUB8%2BYXzOsOaiDIoiWP3lMgVxCx9%2F%2BeyC4S2tuwnTIjL0C5InunFnr9Aa9DpaRM406vkuaVQw%2FvT2hPDcG7F2kMKJYUKpACLjSW4hxNOITB0Qjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce65b8f3c9acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRmNKYUZTRzdNYaAwMqPa-PPKe-Pawr-Mywr-MZTTwKPKZwMURlmNKYMbaARdzNwqfftkRqxeNco_KMKYUZT_MRwkjNTRkjmNKYMbaARwlNjxqfzxdrtb,xfkxsn,qdb,nqiggllh,thsqffofu,liqktzikgxui,kzwigxlt,qhhftbxl,zkohstsoyz,ekoztgRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jISLZBHB4M%2FysxAUpNCCM9Ukz8mXihQveWNiAs9Koa%2BhlHQRHvF80BVykxtCW%2F1%2F3DWYczifVkEjED4iQGHEOdaeodRkX0mgLly%2BE5lAsAUBgSki4L1j8JF9swhOZ27hUN2vSWfuSblaTtdsGzSXfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce65b8f3d9acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
rc-logo.png
cdn.revcontent.com/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.revcontent.com/assets/img/rc-logo.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
/
Resource Hash
f4241710e57486ad91102e31823e855469608e1aea362f1f0e059609c9eb9a56

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
last-modified
Mon, 18 Jul 2022 15:02:56 GMT
etag
"1658156576"
x-hw
1658332722.cds057.mi1.hn,1658332722.cds202.mi1.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=43
accept-ranges
bytes
content-length
2091
sid
mug.criteo.com/ Frame 51E7
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=hawtcelebs.com&sn=ChromeSyncframe&so=0&topUrl=www.hawtcelebs.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=ek7ck3xWSDlZNzZMYklEVEVRck9HTUdHdkEvdHE3S09MZndud2hSNkVadHdXcUNvUTlBcS8xQVl2SU5XZ0dLL2JnSGVaRzNlSXczODVrQ1VlWjNpdUJqamd6dmxtQ2VPeFNwblh2aGdudDVrUXUwb1F3dzJOWTVzdnl2YS...
433 B
637 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ek7ck3xWSDlZNzZMYklEVEVRck9HTUdHdkEvdHE3S09MZndud2hSNkVadHdXcUNvUTlBcS8xQVl2SU5XZ0dLL2JnSGVaRzNlSXczODVrQ1VlWjNpdUJqamd6dmxtQ2VPeFNwblh2aGdudDVrUXUwb1F3dzJOWTVzdnl2YS9QT3VnWTJNcEtoNEZJWnlpa0RvbFMzOFZPZDV0bDNrZTVqRGtpVEJMK2JpaE85cExjVlNERDZZNkdwY3NjOTkrc25iVGhJUDRFZDk4b3ZDU2MvL2xNY1BBVkJ0SUtMQnAzN2dqWWx1ckxZbmFMWVJkWC83a1Fnd1gza0gzZmRRcHlxTXRmQmkra1FhcG9la3dkcVZ6cVNGUlBDVXpOQT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
e9105a60cf41379142eea4fb3e0a70aacc055a01a3e1ebbb08ff99145f7154b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:42 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
6321
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:41 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=ek7ck3xWSDlZNzZMYklEVEVRck9HTUdHdkEvdHE3S09MZndud2hSNkVadHdXcUNvUTlBcS8xQVl2SU5XZ0dLL2JnSGVaRzNlSXczODVrQ1VlWjNpdUJqamd6dmxtQ2VPeFNwblh2aGdudDVrUXUwb1F3dzJOWTVzdnl2YS9QT3VnWTJNcEtoNEZJWnlpa0RvbFMzOFZPZDV0bDNrZTVqRGtpVEJMK2JpaE85cExjVlNERDZZNkdwY3NjOTkrc25iVGhJUDRFZDk4b3ZDU2MvL2xNY1BBVkJ0SUtMQnAzN2dqWWx1ckxZbmFMWVJkWC83a1Fnd1gza0gzZmRRcHlxTXRmQmkra1FhcG9la3dkcVZ6cVNGUlBDVXpOQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1303
content-length
541
expires
0
/
prod-use.perf-serving.com/imp_notice_c2s/v1/3ziZcv9Zuz6mlz7MAxZHOWKKvapOt2vv6bz7qa8ecU5Bos4qnko-e7Spo94Wuz0XA9zs-fnp_uAGg7iykN-UaoOeJUmgm5eUmPIWGvQ-b2fH0mjMXiqWPAIaQgt-lyAUrN2S2czXWH7a4ItgG9bqf71gA... 		43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-use.perf-serving.com/imp_notice_c2s/v1/3ziZcv9Zuz6mlz7MAxZHOWKKvapOt2vv6bz7qa8ecU5Bos4qnko-e7Spo94Wuz0XA9zs-fnp_uAGg7iykN-UaoOeJUmgm5eUmPIWGvQ-b2fH0mjMXiqWPAIaQgt-lyAUrN2S2czXWH7a4ItgG9bqf71gA4gDnJxI_YAugEg8SGFd-QgQDe45rwWXsoVlktHn1ZQZWX4oQ8ryofbN4BAxB0vSVRIee2vVSmevjaZXzUwG18LaDGWq9NB3xq_9rohwE1jGI-3O2JHeyoIxozjYobHoYx2phKF1RISTrceDFS1iXIS4M4DDINY6ihmWRmtCnWYg74vEPA_hTHZr-9_fW9OTjl74GMmbSBzn5eZqUS3U1VKnEBSwyau0CRoZK_tYol1I2AwzW8JZQwNDHcRx08PsxCmcrjunsxmejfTrRkmMAW5tdb5WSm4xhUBTtlcHIW9d8ajd2YjL1mUJy-d8q3iPOKQCAcbp5HXq4yEj0utJC6czxaPQ9m-ykqlPHM_9S2wHhBZB10z7PAy8gs67TmUImPczaRnamuWjh-cCjnkvPi_sLGoBx0FUkrsmXieYqNPbD-CIOBPE8AI_vElrw92Ej9dFKxGvGy20GqlhoBBC_NUarGrL-7KknyGyNHqHFtJMqUU4HVtX_gvRzzvbG3qZlDSltVNUr9kjpwWxtsGZL8-0fVzrU_BNxKSOqwbIvrlW4TLPcIloVvrpqu5m_X7jWwU6GOeCu2Wi4hWb8W4_kK8wPg2acdzxB1xTRVbqiDdCzTolhYyyJ8YIxyvUdz6bsmm3dKhriUwd7bllSsI2Tory9A0CPMIn7rn-4IvU-WOqyt7kesvjpjUSMJD7VnLvP0mZcPJmA2U5yWvstsO2LAotdfHsLoIrpii7OsUvBkrkyV9AuIELryXp8RpJBPEI_3ZpY9bTEAIHACu1yc3Vd1N3k_kJDu4YfD-A2hkNy1x9eEkr9O1rCUHCYrVrIuL4a8EHcPBVt4DV46_AkONdGJh7eQa3krgnmWWRBQmFvL0AUXAG8WphTN_mbjDisJlHJgXfm2uml_cOKw7hr7QYxoBdEsFgw9c09Lb8cb_CrQTVV2R8iIzOz-1248bd4z9Q0uM3ESDFYevH5DcN3eFmef8Ya9gl3Dri2nkiUbIGGLdcRjfe2dvtrtnSCCtWyaLTdaOzGdbAUaR6bx3udHDXlD1gPaKVxJf5qRG7yZ0sP3YZNVNv0To7cNHY2bl-_gImRwCx3cbLws-Y0eEEL6umsThzzyNDvPq9RkHuIxE9qH2JYulFR9XA2cszvgGZ8qY_acSbfYyCg49zYiycmyAXa4CnS9-DfWoJ6jkxx3-gpBbS0YpTU-XhdCil2qqoyTO71glUVFUaJhobFh2kCYfYCO-ylnhGtPVF0l3pXwlC-lIo/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.20.91 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
91.20.211.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
pixel_sync
trends.revcontent.com/cm/
Redirect Chain
  • https://us-east-sync.bidswitch.net/sync?ssp=revcontent&dsp_id=366&imp=1
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=revcontent&bsw_user_id=622885e8-69bc-4dce-b7b7-33df6ad940af
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=f74425d5-0fc4-4ef4-99f7-238315af2c7a&ssp=revcontent
  • https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=622885e8-69bc-4dce-b7b7-33df6ad940af
35 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=622885e8-69bc-4dce-b7b7-33df6ad940af
Protocol
H2
Server
54.88.217.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-217-144.compute-1.amazonaws.com
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
x-powered-by
Express
content-length
35
content-type
image/gif

Redirect headers

Location
//trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=622885e8-69bc-4dce-b7b7-33df6ad940af
Date
Wed, 20 Jul 2022 15:58:42 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
prod-use.perf-serving.com/imp_notice_c2s/v1/aCwJ6kjUTDlO0NhgBvbOW_FzAV1T1WJTRQXphu9NK7cL5Z7X3PdrARsI-KTnpnKD8XM4NctYmveuPDmt1JAaUlSce-VQ-xme9yCb9cVV-ajrIjuxF-V74qri7LLRljznFLVzdcgfqlyIhU65BBT07e6Ks... 		43 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-use.perf-serving.com/imp_notice_c2s/v1/aCwJ6kjUTDlO0NhgBvbOW_FzAV1T1WJTRQXphu9NK7cL5Z7X3PdrARsI-KTnpnKD8XM4NctYmveuPDmt1JAaUlSce-VQ-xme9yCb9cVV-ajrIjuxF-V74qri7LLRljznFLVzdcgfqlyIhU65BBT07e6KsQJFQHmSi9MOL0IzdMcE0xuMWYgmw_FwgHUWNLg79NX-yaQaJzc2JK7GenVpg5X6clq8eslnT6AeeIphmwwgfuNfjt169DDZQJbL8w0ILbWaSxi1T0b9NsSrDGSKZF6uRjn0Bf8vvH0tG-zRAkWzsvv6KDIW9_YIynBgrwWyPGWGCQ1UtKOLCBTjadVDreYUDMGpAlu0vdYWb-5uFyFyp5l8Szowq3yHMdiw7I357ZZe7KrED1ZZRzIkQx6BQmtiYZd0JLHWE-g_-pNtzJndCEJLNIkn8pIaLydxQef8hyyuQ72oP2tSwigeDdvJDyo0Q6ZXtOaz5OE_ZDZ8QnD6tBOMlC9HQusP4L6EGadi2MVlKMVPGeCALiynlpwMGxAsUxSB0__TTMwo92ZFJ6fcZuMrIKIPzlZyOXT3XUwrTDR208X1e90f-KaMhz-t7m5lsekdbKHmoiMHYGanvZSPeQU2YY17mvuu3jxJWJ2LQYcn3AvnnD10mCJwHwnwBkSeucnSojb178Z2KWP3Al-bAc61EsBKhCgCOyBaa7IzOrosFSqgu2QNrtXNalO8Ktl-sJvuXaD7UrC5HxAXLHvBVP29e6xNbn9PCslgiawk9Er295HWPl4qzSjhgON129wO3V5hmlk8lvjfAOIoytN6Exw7gwavuie7Rd7mJahL4wfcMA4E-gVxx-lext_xsUEJUZKIVkrEVo62YlBMTex27mQ6v-e03wRajyE-sudauCGdfcgeON_5kGvmjB4Nn3Y8p8CbC7Hol7K5tRT-XSZtx6NsiDKxasSpyMBhD9FYDryTVUQ4UPzk_BVQEvxqoloO5aCDZe8UNAcoszcq48kf_bKTYSCP_ss5arXcb0cexvOglRWtSygCMJiOB-iVRVs6ggVNF8uLNd0-34LsuGlaVP6o9IpStleENomAS9K87Ruix95jryxJPmhTFSpdvTLwxgUukYW2NXjJaabayDB7TybNvZBgz_h0pwsHAY52xjQ0ufsfskQx4FxDlQQz0WODLR9Q_4Z58QfosAOquHGoknj2Tv_KTdO2fs1AKTKAamE6M19NLThIs9nK9X5p1QGY07sd32QJ4L8n2j3xydhWxeManjjFIbnfTcXFI4fwCKzTWoyDK1Ko9wS_d9gPDIZzfDsHMTcr_F1OrL3Hhk9yY3n_vXHtoascKiaiiIhNROhHK-mYQqxEsCv4N65DKjAVjDw8CZXLykWvIVWU9ZVmxOZJjim_41cQRBTRJG0/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.211.20.91 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
91.20.211.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
async_usersync
ib.adnxs.com/ Frame 461F 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=10239&pub_id=2060307&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=10239&pub_id=2060307
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:42 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
837a7a85-045f-44bc-ad51-16b48b92a67a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
events
bidder.criteo.com/csm/ 		0
219 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixels
ssp-sync.criteo.com/user-sync/ 		662 B
764 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?ccpa=1---&countrycode=US
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.73 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
7681103bc0f9d31eeb86c705c3a942c93f33f841d65b8101e2cebf920ee30b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
content-encoding
br
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
https%3A%2F%2Fimages.perf-serving.com%2Favm%2F15162%2F21-800x600.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https%3A%2F%2Fimages.perf-serving.com%2Favm%2F15162%2F21-800x600.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
27d53d06f4320607d5f28af2130a90d28d2cb3f1322dd14710f28ce99d508e5d
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=2;cpu=1;start=2022-07-07T20:37:53.596Z;desc=hit,rtt;dur=0
content-length
10197
last-modified
Tue, 14 Jun 2022 15:16:29 GMT
server
Cloudinary
etag
"201ad02885efc17a82076bc507602dc3"
vary
Save-Data
x-hw
1658332722.cds064.mi1.hn,1658332722.cds253.mi1.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
https%3A%2F%2Fimages.perf-serving.com%2Favm%2F15139%2F27902-800x600.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https%3A%2F%2Fimages.perf-serving.com%2Favm%2F15139%2F27902-800x600.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
bf74d05ef3658bb17a776ac753f5fd5dc934674c820cfc3fae82dff138b4265b
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=61;cpu=0;start=2022-05-10T17:40:06.399Z;desc=miss,rtt;dur=0,cloudinary;dur=32;start=2022-05-10T17:40:06.407Z
content-length
6833
last-modified
Tue, 10 May 2022 17:20:34 GMT
server
Cloudinary
etag
"6246d5a169013220dac17baa00e92dd1"
vary
Save-Data
x-hw
1658332722.cds064.mi1.hn,1658332722.cds055.mi1.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
b520edef26d582c8c83549e34ec56407.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/b520edef26d582c8c83549e34ec56407.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
94e83e818bd1c32ae7d7063c051de117a7ee97eb25a8f43ad65d671e8a8ba333
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=71;cpu=1;start=2022-07-14T15:32:45.730Z;desc=miss,rtt;dur=0,cloudinary;dur=42;start=2022-07-14T15:32:45.745Z
content-length
7845
last-modified
Thu, 14 Jul 2022 14:43:50 GMT
server
Cloudinary
etag
"fec3fe2a3e844199de147f45b1769b33"
vary
Save-Data
x-hw
1658332722.cds064.mi1.hn,1658332722.cds254.mi1.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
382e91fad80952b69157ef6aed11216a.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/382e91fad80952b69157ef6aed11216a.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
73f00c216acf2f2c3f647e708f6dd4bfad91b9d369caf25fd57977174ae92031
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=84;cpu=0;start=2022-07-18T15:53:15.090Z;desc=miss,rtt;dur=0,cloudinary;dur=54;start=2022-07-18T15:53:15.102Z
content-length
5830
last-modified
Mon, 18 Jul 2022 14:06:02 GMT
server
Cloudinary
etag
"5b6aca449bf0e1daf09034b9f0d49db3"
vary
Save-Data
x-hw
1658332722.cds064.mi1.hn,1658332722.cds054.mi1.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
6ecb261b2f4e2a60855751adc385030a.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/6ecb261b2f4e2a60855751adc385030a.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
3784c7669c145028289d04c44326848557478970aa8212e2ca45e642c268335a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=87;cpu=0;start=2022-07-14T15:33:18.669Z;desc=miss,rtt;dur=0,cloudinary;dur=58;start=2022-07-14T15:33:18.683Z
content-length
3825
last-modified
Thu, 14 Jul 2022 15:23:18 GMT
server
Cloudinary
etag
"116b17c106663a97101b8af552cb1fa0"
vary
Save-Data
x-hw
1658332722.cds064.mi1.hn,1658332722.cds059.mi1.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
42712c9d76e1f305ec35d7b9accb889d.jpeg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_auto,h_150,w_225,c_fill,g_face:auto/pg_1/https://media.revcontent.com/content/images/42712c9d76e1f305ec35d7b9accb889d.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
7c90c7f79142cf31d79474ae2688bd42d71d7fb943e26f4185bae538a2292379
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
strict-transport-security
max-age=604800
x-content-type-options
nosniff
server-timing
fastly;dur=109;cpu=1;start=2022-07-14T20:43:38.224Z;desc=miss,rtt;dur=0,cloudinary;dur=80;start=2022-07-14T20:43:38.239Z
content-length
6960
last-modified
Thu, 14 Jul 2022 15:19:00 GMT
server
Cloudinary
etag
"febfd2285f566a23d63a10133ae5e86c"
vary
Save-Data
x-hw
1658332722.cds064.mi1.hn,1658332722.cds048.mi1.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3371 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8687b0fa19468d3afec880e9dfa2176095977cc942d69355bb7fcd5c8698d956
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jul 2022 15:58:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5830
x-xss-protection
0
img.fetch
udmserve.net/udm/ 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=6;cb=150d21024cfc7695;trigger=public_reload;refresh=2;trigger=ref_aft_def_standard;
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
e292c18c4176b103f3b8c37113e4403429094ceed346f4504932eafe09b329c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:42 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Type
application/x-javascript
Expires
0
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dnz2BBF9qdzN3dm9GMlBqalU4bFRtN2VSQnNzNXVOTVpoajBUZEdxRmlLM3RIcTBFJTNE%26u%3d%24%7bUSER_ID%7d&...
  • https://ssp-sync.criteo.com/user-sync/match?p=nz2BBF9qdzN3dm9GMlBqalU4bFRtN2VSQnNzNXVOTVpoajBUZEdxRmlLM3RIcTBFJTNE&u=AABXF07FsEwAABBUGzwKHw&gdpr=false&us_privacy=1---
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=nz2BBF9qdzN3dm9GMlBqalU4bFRtN2VSQnNzNXVOTVpoajBUZEdxRmlLM3RIcTBFJTNE&u=AABXF07FsEwAABBUGzwKHw&gdpr=false&us_privacy=1---
Protocol
H2
Server
74.119.119.73 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
cache-control
no-store,max-age=0
cross-origin-resource-policy
cross-origin
server
Kestrel
strict-transport-security
max-age=31536000; preload;

Redirect headers

location
https://ssp-sync.criteo.com/user-sync/match?p=nz2BBF9qdzN3dm9GMlBqalU4bFRtN2VSQnNzNXVOTVpoajBUZEdxRmlLM3RIcTBFJTNE&u=AABXF07FsEwAABBUGzwKHw&gdpr=false&us_privacy=1---
Date
Wed, 20 Jul 2022 15:58:42 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=V-7tFF9Zd2VjcmVrNEtoRW9VaUxmSnF0YUFIS0xWcmQ0QWlNcXptMGpHYWpVRFpFJTNE&gdpr=false&gdpr_consent=&us_privacy=1---&cr_user_id=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=false&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3D...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=34088094723f4b27b0cd233dccdaed15&ssp=criteo&bsw_param=622885e8-69bc-4dce-b7b7-33df6ad940af&gdpr=false&consent=&gdpr_pd=&expires=7
  • https://ssp-sync.criteo.com/user-sync/match?p=&u=622885e8-69bc-4dce-b7b7-33df6ad940af
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=&u=622885e8-69bc-4dce-b7b7-33df6ad940af
Protocol
H2
Server
74.119.119.73 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
cache-control
no-store,max-age=0
cross-origin-resource-policy
cross-origin
server
Kestrel
strict-transport-security
max-age=31536000; preload;

Redirect headers

Location
//ssp-sync.criteo.com/user-sync/match?p=&u=622885e8-69bc-4dce-b7b7-33df6ad940af
Date
Wed, 20 Jul 2022 15:58:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://sync.taboola.com/sg/criteoscod/1/cm?redirect=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dI_zVs19hSG9yaXloS3Z6ZyUyQm1jcTNxemxzdG9EYktSM3BzJTJGTzlqQnY0S0RCeiUyRklzJTNE%26u%3d%...
  • https://ssp-sync.criteo.com/user-sync/match?p=I_zVs19hSG9yaXloS3Z6ZyUyQm1jcTNxemxzdG9EYktSM3BzJTJGTzlqQnY0S0RCeiUyRklzJTNE&u=d297a475-8211-4841-8bbb-a8ce2d7a76bb-tuct9d1abb2
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=I_zVs19hSG9yaXloS3Z6ZyUyQm1jcTNxemxzdG9EYktSM3BzJTJGTzlqQnY0S0RCeiUyRklzJTNE&u=d297a475-8211-4841-8bbb-a8ce2d7a76bb-tuct9d1abb2
Protocol
H2
Server
74.119.119.73 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
cache-control
no-store,max-age=0
cross-origin-resource-policy
cross-origin
server
Kestrel
strict-transport-security
max-age=31536000; preload;

Redirect headers

location
https://ssp-sync.criteo.com/user-sync/match?p=I_zVs19hSG9yaXloS3Z6ZyUyQm1jcTNxemxzdG9EYktSM3BzJTJGTzlqQnY0S0RCeiUyRklzJTNE&u=d297a475-8211-4841-8bbb-a8ce2d7a76bb-tuct9d1abb2
date
Wed, 20 Jul 2022 15:58:42 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68240
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9250 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZ4L6MSbYYsObNZuboPMPo9i1-AMAAAAAOAHgBAI&bg=!4uGl4aXNAAZlvz3gRb87ACkAdvg8Wpq842ljP7AS22nWupJsb3c5nhMxAR9NABltmoxE6mo-BQUa3wIAAAChUgAAAAJoAQcKAH727X_iybhDcAJ8uFiJbJ53muVG3-77IC-X-os9LUYr-KFHXZny-798Y6ziwIwl8HJf3fRpXYW4h9Cuy7NCOWyYJyxtFqrtbZghapB7cGdMCgUxUyxuZ8gjv-Rq2K8HHj7BJMRLT36TBiaM6kYLTDZ-tbvHwzevy9ikEM2_7g-ZAtCLZ7hyE0pfHsKJt0V4jfpSepcWxzS8f1wKuOwxMcCbuFQK7dPPeAN0RtFdzhQJ22-PDohvHmUjjXCrdOXkLjRf3r7qjktbno8IzcWGWAF4viGqTshzXrLKPf_6x44BYkgMyCTBcrQd5JkqvkyliK_4eKNW0kM6y_HxqeAohs0MqtGzBIrtCEElXA3Ne0BZk6H_BlitdZiwCr_5STIV4Wt0dIf6rGdrDqBDzGIEU7z02wtYWrZq9UlRiGA8FH8U-Yd3W4YYgbml8bv9wvZjboeRBdraD4wQ_w2lQBQYZh09P0mkRxm9ASJ8fsh7JS_y9sKzIh_a8V5lNHlNo_49HQv4_EnT7kGWtul7yPn3Ndo6qkvk76jGFTbb62NQHxBb9LieJt0PbyvqyAUiJgXuHb88-WrXAVwRZ2hivGThv0KbWfl_JjzlCtVr7qF0fNBt3N4kIU1gczFBIV_6sSLIAE8sJo9cFxzGUlkeVVejno0YZEVmxLVjj2l48n_WynDIDNQAHeCHJXiO9A6vlnbIJ9fG2uidXh4YyHc0WtqJP_LV6IU3DyD29bl5PIQ4-98fCw3yLY4FuEOQxWy4lmiiSAtGrz4AquQGFY7rOd68xhQiUjw72qdUq8POWmPhl2XKltQTODiNr9xREwizkr79USpkCHXuQYS2l2m3jWsathKWu_L-GoDTeSJhsQ8kO4s9-SDfyCF1cxRcQbwg026VmK_-sNLvMAocD-R2NZ8Dxi-mVVJ-RxvBKi2j8bsT53GqiaZwX2zvWdKVJGeWhQU9zF-2TUP6Nu2ng1m-NWY9OpObAp43FkmvynYkrXhxXbM1Z_g7hAZ4WiXzGWRSVXS_D8eSnkjq4Pn76yoSsWpCDm_vpxM0oKI-LFRI68tUPA8vSxYe_u3kLWTYxnjH2lDsERBUFz9zYVe153uvr13_ai4zaYDWPVKAdnaj8MLVRLHEp_Q
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
page-view
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.144.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-144-85.compute-1.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Wed, 20 Jul 2022 15:58:43 GMT
Server
openresty
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
widget-loaded
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.144.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-144-85.compute-1.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Wed, 20 Jul 2022 15:58:43 GMT
Server
openresty
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
6
page-view
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.144.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-144-85.compute-1.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
Date
Wed, 20 Jul 2022 15:58:43 GMT
x-envoy-upstream-service-time
8
Server
openresty
Connection
keep-alive
vary
Origin
widget-loaded
yeet.revcontent.com/yeet/events/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.225.144.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-225-144-85.compute-1.amazonaws.com
Software
openresty /
Resource Hash

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
Date
Wed, 20 Jul 2022 15:58:43 GMT
x-envoy-upstream-service-time
2
Server
openresty
Connection
keep-alive
vary
Origin
underdog
underdog.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://underdog.technoratimedia.com/openrtb/bids/underdog?src=prebid_prebid_6.21.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:42 GMT
server
nginx
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:42 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:42 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:42 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:42 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:42 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:42 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:42 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
2
content-length
0
date
Wed, 20 Jul 2022 15:58:42 GMT
server
ATS/9.1.0.46
trinity.json
apex.go.sonobi.com/ 		975 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22152c5f5f27252efd%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-middle-728x90%22%2C%22153aad35483d418d%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-middle-728x90%22%2C%221544e6f924292061%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-middle-728x90%22%2C%22155a4252a81333c1%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-middle-728x90%22%2C%22156dfc2466b11174%22%3A%224d5f61413a994ea882b1%7C160x600%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-160x600%22%2C%22157919b47d4f82df%22%3A%224d5f61413a994ea882b1%7C160x600%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-160x600%22%2C%2215824203ed4f230c%22%3A%224d5f61413a994ea882b1%7C160x600%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-160x600%22%2C%221596c749fb39f78c%22%3A%224d5f61413a994ea882b1%7C160x600%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-160x600%22%7D&ref=https%3A%2F%2Fwww.hawtcelebs.com%2F&s=48fd3df0-3d2d-41f4-ab76-1eca0e645053&pv=7ad008a2-4660-4290-b417-50c718457257&vp=desktop&lib_name=prebid&lib_v=6.21.1&us=5&ius=0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22udmserve.net%22%2C%22sid%22%3A%222993%22%2C%22hp%22%3A1%2C%22rid%22%3A%2256121e08-00c5-4fa9-b2ce-3498d642296d%22%7D%5D%7D&coppa=0
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
142b69bb19548df18316ec18af58106128c555fe390a222a7e915d7944f15699
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:43 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-40
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-type
application/json
content-length
555
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
underdog
underdog.technoratimedia.com/openrtb/bids/ 		0
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://underdog.technoratimedia.com/openrtb/bids/underdog?src=prebid_prebid_6.21.1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
351341895
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		603 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6f25dd079335376ca5de5dacf205ae53d2d6748746a323eb2e890bc378e9afb1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 20 Jul 2022 15:58:43 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b0dc2c00-72dd-4836-a3f1-8fe2d5c62676
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
865 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24042&site_id=403056&zone_id=2257012%3B2257012%3B2257012%3B2257012%3B2257020%3B2257020%3B2257020%3B2257020&size_id=2%3B2%3B2%3B2%3B9%3B9%3B9%3B9&p_pos=atf&rp_schain=1.0,1!udmserve.net,2993,1,56121e08-00c5-4fa9-b2ce-3498d642296d,,&rf=https%3A%2F%2Fwww.hawtcelebs.com%2F&tg_i.pbadslot=slider-middle-728x90%3Bslider-middle-728x90%3Bslider-middle-728x90%3Bslider-middle-728x90%3Bslider-160x600%3Bslider-160x600%3Bslider-160x600%3Bslider-160x600&tk_flint=pbjs_lite_v6.21.1&x_source.tid=77f5d420-8ced-4ef3-9590-66a99a35b3c4%3B77f5d420-8ced-4ef3-9590-66a99a35b3c4%3B77f5d420-8ced-4ef3-9590-66a99a35b3c4%3B77f5d420-8ced-4ef3-9590-66a99a35b3c4%3B018d3204-4c07-48d6-a03d-a95033aee4b6%3B018d3204-4c07-48d6-a03d-a95033aee4b6%3B018d3204-4c07-48d6-a03d-a95033aee4b6%3B018d3204-4c07-48d6-a03d-a95033aee4b6&l_pb_bid_id=176c4060457cad4a%3B177c20e00b383e61%3B17851192aae225af%3B1798b0db83035b76%3B180316d53d6f358c%3B1815babddc396d63%3B182a04b9f951a49e%3B183e38ae030d5bf7&p_screen_res=1600x1200&rp_floor=0.09574468085106383&rp_secure=1&rp_hard_floor=0.09574468085106383&rp_maxbids=1&p_gpid=slider-middle-728x90%3Bslider-middle-728x90%3Bslider-middle-728x90%3Bslider-middle-728x90%3Bslider-160x600%3Bslider-160x600%3Bslider-160x600%3Bslider-160x600&slots=8&rand=0.8820401537637055
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::116 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
af7e9a278a24308599e438f11934d5c578b8415af9a42e15532d2271542bce35

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:43 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
382
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
1663da85d3e5a59ac5561c7eeb0a66a62129c6ed7eddd833d8955019e5940ee5

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
d9bedaea0cec5cb7b3a9410718e476880b99608aa6d60828bda420bc4d700d88

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
732493d486f9c2950f73e84f678f2f4b1d7090682a4771940ff6401c26bb1c41

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
a04751049149485e8ec38ef9465bbb415440feb64b3b4e909674ea91e9aff444

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
17fd61d9ed745e00f7e6054706978137a1e6a772f953f7ef6fc381a7dd5ea443

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
6dd95b334a086b272ea8274b9e65179a9a0363c1874c4769e1258e77acdf8b8b

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
c612403127e1df840a458618f95245fee6e5a5891729132fb1b6f1a51db2c5c0

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
ed1bbc47dcfc7e0d6aca3ae5d3ede6936632d44e5e2e77f559fcf83fa76c1a01

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
c
prebid.a-mo.net/a/ 		361 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
93f15c1e8e89766e1a58ce3a799a32451ddc9a9f0ff57cc09ad60cbf7d4bd426

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
118
content-length
231
/
d.adroll.com/bid/prebid/ 		0
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/bid/prebid/
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.214.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-214-150.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:43 GMT
access-control-allow-credentials
true
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b4373065c&cmd=bid&reserve=0.10465116279069767&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
a03959be309e9866facdcacd5d2b479e23488b125669a938db1fa041668848ab

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b4373065c&cmd=bid&reserve=0.10465116279069767&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
76f6fa2a63e9d6d9a76f94f42bae470fb15e1c81f047153fd97f8dc35dc54eaa

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b4373065c&cmd=bid&reserve=0.10465116279069767&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
da54f4077278dbb27bc7f122beaac199d61116a5e14bf9b2b191185cb132e27c

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
hb
ssc.33across.com/api/v1/ 		139 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dv6qxAKmGr7ikOrkHcnlKl
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
1d421d3d40e562be8925af9f0d462635dcc86617eb2a1f8182f8f13f510ceb6a

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
tagv_50153_13.js
tk.airfrance.fr/50153/ Frame 3371 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tk.airfrance.fr/50153/tagv_50153_13.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4296910/af_init_meta.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.185.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-185-21.compute-1.amazonaws.com
Software
nginx /
Resource Hash
da49a1404ff461f3ef235a31261fe19ed1e9a3155f1650652e96afb90744a8e8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:13:35 GMT
server
nginx
etag
W/"5e44161f-32d9"
p3p
CP="NON DSP COR ADM PSA IVA OUR STP NAV"
cache-control
public, max-age=86400
content-type
application/javascript
Excellence_In_Motion_Regular_V5.woff2
s0.2mdn.net/creatives/assets/4296925/ Frame 3371 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4296925/Excellence_In_Motion_Regular_V5.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80c2d79c60490444a0dd3a4101e3b1fc00053ed804ecf7be2706d0dd5c7f27dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:52:59 GMT
x-content-type-options
nosniff
age
344
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14708
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 12:35:53 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Jul 2022 16:07:59 GMT
background-blue1.jpg
s0.2mdn.net/sadbundle/5561583005601304477/300x250/img/ Frame 3371 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/img/background-blue1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24733b4e73e08f85632ff1319246c94ca2509a750ce1728519e45f93e467b73e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Fri, 15 Jul 2022 14:14:16 GMT
x-content-type-options
nosniff
age
438267
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1425
x-xss-protection
0
last-modified
Fri, 27 May 2022 14:06:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 15 Jul 2023 14:14:16 GMT
shadow.png
s0.2mdn.net/sadbundle/5561583005601304477/300x250/img/ Frame 3371 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/img/shadow.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
014433f27daf645ba87d704156ca178a0728bd09c852a06de7a2328f9c487c0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 14:53:04 GMT
x-content-type-options
nosniff
age
3939
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7713
x-xss-protection
0
last-modified
Fri, 27 May 2022 14:06:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 20 Jul 2023 14:53:04 GMT
background-blue7.jpg
s0.2mdn.net/sadbundle/5561583005601304477/300x250/img/ Frame 3371 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/img/background-blue7.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17cbd3c8cb551886f17b9033fb41a02e350b891c0e408c05e1732aabe3e01166
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 14:45:25 GMT
x-content-type-options
nosniff
age
4398
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4062
x-xss-protection
0
last-modified
Fri, 27 May 2022 14:06:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 20 Jul 2023 14:45:25 GMT
Excellence_In_Motion_Bold_V5.woff2
s0.2mdn.net/creatives/assets/4296925/ Frame 3371 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4296925/Excellence_In_Motion_Bold_V5.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ba58700889d4a90393e2ee9aa0112a663ef60055740ee7fa781af5e69675811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:53:04 GMT
x-content-type-options
nosniff
age
339
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15220
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 12:35:42 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Jul 2022 16:08:04 GMT
Excellence_In_Motion_Medium_V5.woff2
s0.2mdn.net/creatives/assets/4296925/ Frame 3371 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4296925/Excellence_In_Motion_Medium_V5.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7a5f97ae791beef344e61320d5015965207e6c7e3e171d606ddf48e2bdd718f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:53:00 GMT
x-content-type-options
nosniff
age
343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14568
x-xss-protection
0
last-modified
Wed, 15 Sep 2021 12:35:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Jul 2022 16:08:00 GMT
origin1.png
s0.2mdn.net/sadbundle/5561583005601304477/300x250/img/ Frame 3371 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/img/origin1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dc5032196a4f167a485d72c323f33d7ab3cba0a65d924d11e79db4445eb6a02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 14:45:25 GMT
x-content-type-options
nosniff
age
4398
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1739
x-xss-protection
0
last-modified
Fri, 27 May 2022 14:06:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 20 Jul 2023 14:45:25 GMT
madame-valise.png
s0.2mdn.net/sadbundle/5561583005601304477/300x250/img/ Frame 3371 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/img/madame-valise.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04229993c9ded71cd72d1ac688b3e1490bef2a769c20651f6e39cd53fbaa4b32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 14:47:40 GMT
x-content-type-options
nosniff
age
4263
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43905
x-xss-protection
0
last-modified
Fri, 27 May 2022 14:06:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 20 Jul 2023 14:47:40 GMT
PTP-300x250.jpg
s0.2mdn.net/creatives/assets/4122813/ Frame 3371 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4122813/PTP-300x250.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80b8b67459cd3a252a01d4a76dcda19621d68220323a2ace6ed65c82f658a0fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:46:24 GMT
x-content-type-options
nosniff
age
739
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13896
x-xss-protection
0
last-modified
Tue, 22 Feb 2022 15:59:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Jul 2022 16:01:24 GMT
BCN-300x250.jpg
s0.2mdn.net/creatives/assets/4122813/ Frame 3371 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4122813/BCN-300x250.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92ecbee7e51b8b6d262f40438f27ca2d2ae064db7d822cd47836903c290000a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:49:29 GMT
x-content-type-options
nosniff
age
554
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16117
x-xss-protection
0
last-modified
Tue, 22 Feb 2022 14:55:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Jul 2022 16:04:29 GMT
CDG-300x250.jpg
s0.2mdn.net/creatives/assets/4122813/ Frame 3371 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4122813/CDG-300x250.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3ad90dc7a2fc738b508d467f5eebd47bdec340827869ff70b7712e57777c5fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:46:09 GMT
x-content-type-options
nosniff
age
754
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8646
x-xss-protection
0
last-modified
Tue, 22 Feb 2022 15:44:09 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Jul 2022 16:01:09 GMT
background-blue3.jpg
s0.2mdn.net/sadbundle/5561583005601304477/300x250/img/ Frame 3371 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/img/background-blue3.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058264d32b7050f3091158beae452067386520e7381d925cacff7d7c112b7be7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5561583005601304477/300x250/index.html?e=69&leftOffset=0&topOffset=0&c=7LBQGtbvhf&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 19:20:06 GMT
x-content-type-options
nosniff
age
592717
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6740
x-xss-protection
0
last-modified
Fri, 27 May 2022 14:06:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 13 Jul 2023 19:20:06 GMT
vevent
nym1-ib.adnxs.com/ Frame F910 		0
840 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&e=wqT_3QLcFvDtXAsAAAMA1gAFAQiwzOCWBhCck_KgtsC-6UAY7uT1xczg1fESKjYJtPAVuxrI4T8RaTaPw2D-2z8ZAAAAgBSuA0AhNtKWljii4D8pGsVyS6sh5T8xAAAA4HoU3j8wrOnHCzj_T0DRFEgCUPGg0KoBWPbImQFgAGjJ47kBeMW7BYABAYoBA1VTRJIBA1VTRJgBrAKgAfoBqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigKVAXVmKCdhJywgMzQzNDM0LCAxNjU4MzMyNzIwKTt1ZignaScsIDQ1NDkxMTEsIDE2NTgzMzI3MjApOwEdLGcnLCAxMjUyMzYwOEY7ADBzJywgMjY5MjM2MTgwRh8AMHInLCAzNTc4MzA3Njk2HwDwsJICqQ8hZjVRWEhnalFqcWNWRVBHZzBLb0JHQUFnOXNpWkFUQUFPQUJBQUVqUkZGQ3M2Y2NMV0FCZ19nRm9BSEFBZUFDQUFRQ0lBUUNRQVFHWUFRR2dBUUdvQVFHd0FRQzVBWU9PdVhHMHMtUV93UUhjQ3ZjSXJ5SGxQOGtCQUFBQUFBQUE4RF9aQVF6cVctWjBXZThfNEFIMzA1VUM5UUZHOEg0X21BSUFvQUlCdFFJQQEzCHZRSQEH8ItBd0FJQXlBSUEwQUlBMkFJQTRBSUE2QUlBLUFJQWdBTUJtQU1Cb2dNT0NJNzM4UnNRQVJnQ0xRQUFRRUNpQXc0SWp2ZnhHeEFMR0FJdEFBQkFRTG9EQ1U1WlRUSTZORGt5Tk9BRDZ5NkFCTjZubGdTSUJMajQxUWlRQkFHWUJBR3FCTWNIQ1BfX19fXwkFCHdFUQkJCQEIQVJqCQkFAQw4QklQBQkJAQh3RW8JCQkBCEFURAkJBQEIOEJPMiwABEZBBRcNAQRBVTZYAABVNiwAAFkNJwUBBEFXNlgAAGE2LAAAdwUlDQEEQVg2WAAIZ0FIDRoBAQg4Qmk6EAAAazoQAABtOhAAAG86EAAAcToQAABzOhAAAHU6EAAAdzoQAAB5OhAADDBBR3NBkAAyOhgAADQ6EAAANjoQAAA4OhAAAC06EAAIZ0FMAfENAQH4NhAAHGtBTF9UNWdDDSEFAQhBYUE6EAA6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAARZQS4pAgxfQVlnNhAAAFo6IAAAWjogAABhOiAAAGE6IAAAYjogAABiOiAAAGM6IAAAYzogAABkOiAAAGQ6IAAAZTogAABlOiAAAGY6IAAAZjogAAhZQUUlyQ0BCEFZZzYQAABaOiAAAFo6IAAAYTogAABhOiAAAGI6IAAAYjogAABjOiAAAGM6IAAAZDogAABkOiAAAGU6IAAAZTogAABmOiAAAGY6IAAIWUFGDfsFAQhBWWc2EAAAWjogAABaOiAAaGJJRUNnanlnLUlNRU43NGxnMjZCQm9JN1FnUqWtGEFBQTBEOFoBCA0BIGd6UC1hRHNFRQ0QFEEwRF9KQhENJEFBQTJBUUE4UVEBCwkB8D5JSUZId2p2cENVUUJSZ0JJZ05GVlZJcERPcGI1blJaN3o4eE9iVElkcjZmdWotSUJid21tQVhVNzdDQUFha0YJRRhBQThELXhCHVcId1FVERsISVFNCSgcd0VnOHp6X1IuKAAAMhUoaER3UC1BRjlJTUU4QVhZc1B3Ri1BV0steFNDQgWUPEtJQmdTUUJnR1lCZ0NoQmcRXyhBQXFBWUVzZ1lrQx2AAEUdDABHHQwASR0MOHVBWUuaAsUBIVJTS3VxdzqtByxQYkltUUVnQUNnQU0dNUxPZ2xPV1UweU9qUTVNalJBNnk1SjktADk1mQhBQUI9mQRCaBGvDDBEOXARDAxBQUJ4HQwQNEFJSUKqjQEESkERmPQ0AVBBX9gCxckC4AK6303qAhtodHRwczovL3d3dy5oYXd0Y2VsZWJzLmNvbS-AAwCIAwGQAwCYAxSgAwGqAwDAA6wCyAMA2AOp9C7gAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBA0zOC4xMzIuMTE4LjY4qAQAsgQMCAAQABgAIAAwADgCuAQAwAQAyAQA0gQOMjY0MSNOWU0yOjQ5MjTaBAIIAeAEAPAE8aDQqgGIBQGYBQCgBf___________wGqBSRiYWRhMzkzZS0wZjViLTI3MWMtY2Y5OS01OGZhYjdlODczNGPABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AX3EPoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_0AbKCdoGFgoQAAAAAAAAAAVHAQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPHdww7h5AAMgHxbsF0gcNCQE0AQEBOAjaBwYJJ2zgBwDqBwIIAPAHrIGHA4oIAhAAlQgAAIA_mAgB&s=9f49d9425741dd7430e18d280a8e078810b29836&type=pv&jm=1003|1030&px=651&py=371&bw=300&bh=250&sf=1&sid=8885501071603797365&vd=ct~0|rr~5&sv=224&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=24245420&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.186 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:43 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
13cbf959-8d3c-4753-986b-0ae5fd902bf0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.hawtcelebs.com%2F&domain=www.hawtcelebs.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 20 Jul 2022 15:58:43 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1053
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.hawtcelebs.com%2F&domain=www.hawtcelebs.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=QpXGd3x0OWZ2OFBmZmo0SGNpR0lTZytIblRuYnBjdGxXeC90SEwwZW5HY1VyYThOYjRjS3pOY0lnQndQTkR4eklqMFFJWHNBZnpWQUJGdmFYYndpYSsxY3ovbzcraFF4T3M1ZENLd09QQ3ZqYnBLRzhGWDloTTM3ZFZDRm...
443 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=QpXGd3x0OWZ2OFBmZmo0SGNpR0lTZytIblRuYnBjdGxXeC90SEwwZW5HY1VyYThOYjRjS3pOY0lnQndQTkR4eklqMFFJWHNBZnpWQUJGdmFYYndpYSsxY3ovbzcraFF4T3M1ZENLd09QQ3ZqYnBLRzhGWDloTTM3ZFZDRmlhS2sxRHc5UUpVQ3Yzall0SG1OOXpGQlJlL0tHa1dIN1Z5VXdJc3NkaXd3bTY2RmhIWEo0TXhKYTVUVFMzWEM5ait0QUFVejVMaW9zN0dEVCtsYm10N0c1aC9JeVhzYUZHbnhpaElkZ1FzekJxOEhOZCs1a2xRV2RjVmVETE5sMnBZM0hUUSs3NDNJSTlocHEzSmpxUXkyYVlXdEkyZz09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
c46a4548b4a6e07f9e61074b08b305cbfa6194f703c741c36b7369527e0e7ac7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:43 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4334
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:43 GMT
location
https://mug.criteo.com/sid?cpp=QpXGd3x0OWZ2OFBmZmo0SGNpR0lTZytIblRuYnBjdGxXeC90SEwwZW5HY1VyYThOYjRjS3pOY0lnQndQTkR4eklqMFFJWHNBZnpWQUJGdmFYYndpYSsxY3ovbzcraFF4T3M1ZENLd09QQ3ZqYnBLRzhGWDloTTM3ZFZDRmlhS2sxRHc5UUpVQ3Yzall0SG1OOXpGQlJlL0tHa1dIN1Z5VXdJc3NkaXd3bTY2RmhIWEo0TXhKYTVUVFMzWEM5ait0QUFVejVMaW9zN0dEVCtsYm10N0c1aC9JeVhzYUZHbnhpaElkZ1FzekJxOEhOZCs1a2xRV2RjVmVETE5sMnBZM0hUUSs3NDNJSTlocHEzSmpxUXkyYVlXdEkyZz09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1397
content-length
541
expires
0
envelope
api.rlcdn.com/api/identity/ 		0
0
id
id.crwdcntrl.net/ 		77 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.225.53.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-53-134.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
80c1767d22d1add6529edf53c75b5d373e748f41f04c3a67357ffaa927da9916

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:43 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache
x-server
10.40.11.77
access-control-allow-credentials
true
content-type
application/json;charset=utf-8
content-length
77
expires
0
rid
match.adsrvr.org/track/ 		108 B
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
d2d8d76e1ee4540345921cd40d453b6f3eab04a552670034b8b49d3eed2952a1

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Fri, 19 Aug 2022 15:58:43 GMT
view.js
tk.airfrance.fr/v/ Frame 3371 		55 B
342 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tk.airfrance.fr/v/view.js?esvid=A50153&esvcb=etvcb&wiz_medium=DSP&wiz_source=APP&wiz_campaign=357830769&wiz_content=US_US_BAN_CNV_Structural2021_%2F%2FPROSPECTING&wiz_term=269236180&esvvid=6e6b3b6c62d82633&esvc=0&esvisc=1&esvf=1&esvsf=0&esvrsl=1600x1200&esvwinrsl=1800x1100&esvaddim=300x250&esvadlt=0x0&esvadrb=0x0&esvadz=10000&esvview=0&esvfocus=1&esvviewts=0&esvpub=https%3A%2F%2Fwww.hawtcelebs.com%2F&esvads=https%3A%2F%2Fs0.2mdn.net%2Fsadbundle%2F5561583005601304477%2F300x250%2Findex.html%3Fe%3D69%26leftOffset%3D0%26topOffset%3D0%26c%3D7LBQGtbvhf%26t%3D1%26renderingType%3D2%26ev%3D01_247&esvr=0.38934303051052255&esvlv=1&esvtv=1&esvts=1658332723533&esvtid=13
Requested by
Host: tk.airfrance.fr
URL: https://tk.airfrance.fr/50153/tagv_50153_13.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.185.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-185-21.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f8711e5f1f556c0dca8f2242a720b78f6d8a5e725d6beafd45fa51438e0d312d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
content-encoding
gzip
server
nginx
cache-control
no-cache, no-store, must-revalidate
content-type
application/javascript
p3p
CP="NON DSP COR ADM PSA IVA OUR STP NAV"
activeview
pagead2.googlesyndication.com/pcs/ Frame F910 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuS-ynGRYlk3UtfbwrP0hbRlLEjMHWOAbgITpQGNDg6AmHeky0mnrXNrJCNh5GUGuNwxk_rRZaO5u-OQEpG1zcF6hDN2g57fUY&sig=Cg0ArKJSzHm2GbTaLy8dEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220718&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=34&adk=732509352&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1658332721168&rpt=1351&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3371 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2001 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 20 Jul 2022 15:58:43 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F910 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstwdQV3AH1l2vc-IkWYze2kbgYbqhdsgZN_o80RdCeuky-AMvGHwGXdNkK9vtsqeEzXOjBwO_z3BjS31WrAaO-RnNJ8ThpO0FpdMW8tQAc-fK1Ve6Z2Vi1uNcXQw-rDgEoqX0sLjHXYnJOhYPK__5c-VvKbixxwOmgWf6M&sig=Cg0ArKJSzG-umCXA4GwnEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1515&vt=11&dtpt=1385&dett=3&cstd=123&cisv=r20220719.20444&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jul 2022 15:58:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rid
match.adsrvr.org/track/ 		108 B
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=1324mj4&fmt=json
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
d2d8d76e1ee4540345921cd40d453b6f3eab04a552670034b8b49d3eed2952a1

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Fri, 19 Aug 2022 15:58:43 GMT
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=beec9f7c-bab7-46d9-b2e1-a84b64afadeb
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-ffRBczJE2uEah..hEnD9CRy3CWvFLkgRUdQh7mg-~A&gdpr=0&gdpr_consent=
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-ffRBczJE2uEah..hEnD9CRy3CWvFLkgRUdQh7mg-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-ffRBczJE2uEah..hEnD9CRy3CWvFLkgRUdQh7mg-~A&gdpr=0&gdpr_consent=
date
Wed, 20 Jul 2022 15:58:43 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=5fa6044d8d&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&pubid=5fa6044d8d
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=3afbcbaa-855f-4f46-97fd-4e30594221a5
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3D72b09538-e154-472b-9fb0-46549e06af35%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8343254669216575683&pt=72b09538-e154-472b-9fb0-46549e06af35%2C
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8343254669216575683&pt=72b09538-e154-472b-9fb0-46549e06af35%2C
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:44 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
e939857c-a4f1-4dfd-bb38-cb8f19de20e2
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=8343254669216575683&pt=72b09538-e154-472b-9fb0-46549e06af35%2C
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=622885e8-69bc-4dce-b7b7-33df6ad940af&google_hm=NjIyODg1ZTgtNjliYy00ZGNlLWI3YjctMzNkZjZhZDk0MGFm
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEH9QYZhL_CE93TpI3ILydhs&google_cver=1&ssp=sonobi&bsw_param=622885e8-69bc-4dce-b7b7-33df6ad940af
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=622885e8-69bc-4dce-b7b7-33df6ad940af
49 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=622885e8-69bc-4dce-b7b7-33df6ad940af
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:44 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-11
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=622885e8-69bc-4dce-b7b7-33df6ad940af
Date
Wed, 20 Jul 2022 15:58:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
magnite
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=L5TSHGLI-U-ECYW&gdpr=0&us_privacy=1---
0
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L5TSHGLI-U-ECYW&gdpr=0&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://prebid.a-mo.net/setuid/magnite?uid=L5TSHGLI-U-ECYW&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
Expires
0
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=3afbcbaa-855f-4f46-97fd-4e30594221a5&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=MHhPc2thLTByZUI3cVB4OWRKVDZqQQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEOXNcBxXp9rbKJpUeyw0N_E&google_cver=1
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=R1Ioz9Sk500U
49 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=R1Ioz9Sk500U
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:44 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-92
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=R1Ioz9Sk500U
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6886c85865-qrklk
expires
-1
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=970033156717698583
49 B
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=970033156717698583
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:44 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-147
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=970033156717698583
Date
Wed, 20 Jul 2022 15:58:43 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://sync.mathtag.com/sync/img?cs_wd_sy=1&dp=43&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmediamath%26nuid%3D[MM_UUID]
  • https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=0be862d8-2632-4700-b4a9-ffbbf32e26e2
49 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=0be862d8-2632-4700-b4a9-ffbbf32e26e2
Protocol
HTTP/1.1
Server
69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:44 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-92
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
image/gif
Content-Length
49
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 20 Jul 2022 15:58:43 GMT
Server
MT3 4475 c1dc35a master ord-pixel-x5 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.go.sonobi.com/us.gif?nw=mediamath&nuid=0be862d8-2632-4700-b4a9-ffbbf32e26e2
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 20 Jul 2022 15:58:42 GMT
cookie
cm.adform.net/
Redirect Chain
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3Dbeec9f7c-bab7-46d9-b2e1-a84b64afadeb&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F623%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dbeec9f7c-bab7-46d9-b2e1-a84b64...
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F623%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dbeec9f7c-bab7-46d9-b2e1-a84b64afadeb%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1iZWVjOWY3Yy1iYWI3LTQ2ZDktYjJlMS1hODRiNjRhZmFkZWI%253D%26uid%3D%24UID
Protocol
H2
Server
37.157.6.245 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
server
nginx
content-length
43
content-type
image/gif

Redirect headers

location
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F623%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3Dbeec9f7c-bab7-46d9-b2e1-a84b64afadeb%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD1iZWVjOWY3Yy1iYWI3LTQ2ZDktYjJlMS1hODRiNjRhZmFkZWI%253D%26uid%3D%24UID
date
Wed, 20 Jul 2022 15:58:43 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
pagead2.googlesyndication.com/bg/ Frame 4E12 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
840710d4724f89679dd314bedaba5e0dca874a89e35983f04f6b02fca5f43be4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 16:47:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
83482
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13821
x-xss-protection
0
last-modified
Thu, 07 Jul 2022 14:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Jul 2023 16:47:21 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		130 B
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.hawtcelebs.com%2F&pid=g95TCzhgOhGcR&cb=3&ws=1600x1200&v=8.1.0&t=1000&slots=%5B%7B%22sd%22%3A%22vi_7872651_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_7872651_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C63%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.109.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-109-24.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
e4c2c952996c9079d1674ed28854a064013e6725f57242d53398e8edfa525836
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
via
1.1 749177a97cae42477f22c33c927ca0ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
x-amz-rid
8CPTTHN9SE0866ZF4TYV
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
130
x-amz-cf-id
ypXlW0eAXTtRO2HD9T-CVbnDmBYGOkXz6K9ms9CCkeqZzc294R0P3A==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzdNUPwPeZUB-ArBe-PKtw-wAtr-tAwtBarYPPwyRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNKYUZTRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWMJ0VfE%2FqI3RJ1DsixZQta9k89Me3EdKvJL9ANNCgY7PHidoHRFE3JiiqNjr6UY35DBHRy2lpgUZF%2FYOvNedtNohFUEceZM%2FEDD0Lgcidz77j3TI1lJQyFcnZavOmFhi4iV2JdVp07ob3crWFG2hw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce663aef99acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzdNAAaaPBYw-YtrP-PKPA-qwPM-KYqZMeBytrKTRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNKYUZTRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yB5ymlpYi00kKJZ5sBR5xcM75YO1MuLVZjjLCKe%2F5AX%2B%2B8RK1tm0%2FbKC303tkDemrg%2B3FFA%2FS8lG0qqd0ySNH74fcfGHLQz2qUSuROCCNdE0sjY8BTe8%2Bs9NY%2ByShc0sQ18SzonE8x24FhthKlDGAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce663aefb9acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:43 GMT
server
ATS/9.1.0.46
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 20 Jul 2022 15:58:43 GMT
cdb
bidder.criteo.com/ 		188 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=123&profileId=185&av=34&wv=7.2.0&cb=75228927450
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
eb5fc745ec35dab17fc36f7db86124acd20c266c3b2135fe51d4bd5e20120592
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
172
prebid
ib.adnxs.com/ut/v3/ 		250 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6b4f8b6e3f6c6662d82caf8a9a08e87e5cf0b8fce8dcd998c258ba47c4633b0f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:43 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
3e233827-24ad-4b21-bd15-8414d5122459
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
250
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.2.0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&tmax=1000&us_privacy=1---
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.229.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-229-211.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:43 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
efa56debf07f9a07ec806f671b8cb77d7166fac12db64d5fb9ac49dc5902e9f4

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
pbjs
useast.quantumdex.io/auction/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
72dce663b9a46dc7-MIA
unruly_prebid
targeting.unrulymedia.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:43 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		474 B
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.193.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-193-118.compute-1.amazonaws.com
Software
/
Resource Hash
524a9715a52a1a1ff8bc3fab2d8aeb1e398dd6dadf94e2b5bb2f9d891e1eab83

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 20 Jul 2022 15:58:43 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
333
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:43 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
ROS
pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ 		432 B
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ROS?rnd=0.39745589516073365&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=7.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&ccpa=1---&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522hawtcelebs.com%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522gwqtxekeva_xon21058336769654%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=3e454c00-a647-473c-8fb6-cfd95d428962
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.125 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
2992739582d1128d83dbc9e7e5bb31db0cde5ddcc0d74b23b2fc8a2b86d0bc35

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.hawtcelebs.com
expires
Wed, 20 Jul 2022 15:58:43 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
432
x-sid
IAD-1216
c
prebid.a-mo.net/a/ 		459 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
15874dbfec320c1219481122375b9fa26e41e5a647a18362c3e568eefc182e84

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
99
content-length
274
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRmNKYUZTRzdNZUTMwUMM-KetA-Ptyt-aAAU-qPwyUKTAqyaARlmNKYMbaARdzNwqfftkRqxeNco_KMKYUZT_MRwkjNTRkjmNKYMbaARwlNekoztg,qhhftbxl,zkohstsoyz,nqiggllh,jxqfzxdrtb,xfkxsn,liqktzikgxui,kzwigxlt,thsqffofu,qdbRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i8ybl95CMh2SxEN2drS09Xi55gfJ23iD2vxzr4aAKcz7k8lXBd0rTcyYfq55u9Tz24812lvmmUb2NzQY%2BHi4ocdqrwA8o95uDCcFjHvz3QaBlpUxOe9HywOa4vSEuJ%2Fm5otxkVar60xD9TIzWox1gA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce663bf289acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRmNKYUZTRzdNYrtrByUt-aaUA-PqAK-MKYq-ePAtMteqrYZYRlmNaKAbaARdzNwqfftkRqxeNco_KMKYUZT_KRwkjNTRkjmNaKAbaARwlNqhhftbxl,zkohstsoyz,jxqfzxdrtb,kzwigxlt,thsqffofu,qdbRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hr3WUNT0SFvRgMwJKBkYnLr7kWY21GQo0CPzZKKTv6KegGznkIDl%2FifaVk1swwFht9av0voXmtQR13xVXURWPH%2FrgQZQxb7H6VQMhP6D8moinDW%2BjA1xja7IYZmSSmRoRgJ%2BGi0m4IiYiIomWeCdOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce663bf2b9acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
radApi
edge.udmserve.net/ 		20 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.udmserve.net/radApi
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.120 Toronto, Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
underdogmedia.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 20 Jul 2022 15:58:43 GMT
Content-Length
20
Content-Type
application/json
events
bidder.criteo.com/csm/ 		0
219 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Jul 2022 15:58:43 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixels
ssp-sync.criteo.com/user-sync/ 		13 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?ccpa=1---&countrycode=US
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.73 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:42 GMT
content-encoding
br
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=QpXGd3x0OWZ2OFBmZmo0SGNpR0lTZytIblRuYnBjdGxXeC90SEwwZW5HY1VyYThOYjRjS3pOY0lnQndQTkR4eklqMFFJWHNBZnpWQUJGdmFYYndpYSsxY3ovbzcraFF4T3M1ZENLd09QQ3ZqYnBLRzhGWDloTTM3ZFZDRmlhS2sxRHc5UUpVQ3Yzall0SG1OOXpGQlJlL0tHa1dIN1Z5VXdJc3NkaXd3bTY2RmhIWEo0TXhKYTVUVFMzWEM5ait0QUFVejVMaW9zN0dEVCtsYm10N0c1aC9JeVhzYUZHbnhpaElkZ1FzekJxOEhOZCs1a2xRV2RjVmVETE5sMnBZM0hUUSs3NDNJSTlocHEzSmpxUXkyYVlXdEkyZz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 20 Jul 2022 15:58:43 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1392
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
a.gif
t.sharethis.com/d/ Frame 6517 		0
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.sharethis.com/d/a.gif?cid=c010&cls=C&stid=ZHoABWLYJjAAAAAIUHkGAw%253D%253D&tt=t.dhj&dhjLcy=1658332720974&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1004.23341&ell=d&cck=__stid&dmn=www.hawtcelebs.com&pn=%2F&qs=na&rdn=www.hawtcelebs.com&rpn=%2F&rqs=na&cc=US&cont=NA&evid=tCTVcIYADwbt2vPjpJK3&urls=!1!408!b-13j,!1!960!b-13l,!1!1124!b-14s,!1!776!b-17u,!1!0!b-14t,!1!474!b-150,!1!462!b-16f&rnd=1658332724340&cid=c010&version=1.1004.23341&cc=US&cont=NA&cls=C&repeat=0&htmLcy=253&bcnLcy=70
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.219.17.240 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-219-17-240.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2628000 ; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://t.sharethis.com/a/t_.htm?ver=1.1004.23341&cid=c010&cls=C
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:44 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Strict-Transport-Security
max-age=2628000 ; includeSubDomains
Expires
Wed, 20 Jul 2022 15:58:44 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.hawtcelebs.com%2F&domain=www.hawtcelebs.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 20 Jul 2022 15:58:44 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1140
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
id.a-mx.com/sync/ 		102 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync/?tagId=&ref=null&u=https://www.hawtcelebs.com/&v=7.2.0&vg=vlipb&us_privacy=null&gdpr=0&gdpr_consent=
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::ac43:9a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
128532491682e0da9c06b7a10d2ff9ebc76afdef40d5bdc82671d0686a61063b

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/json
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLFHiEQwclr2wwBRncj9%2F9OO3cVJlKLCcdEFXYjwJ%2BfEsSoINvNXOMz3gxtlGIVIMeh2mWctMdcg2yl8uKJve714rdFnz5gUDpNL%2BQQo9ti8eby0e5BcWkzX8gmq3dO0aN1AE3zmQLirPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private,max-age=3600
access-control-allow-credentials
true
cf-ray
72dce667cf802227-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.hawtcelebs.com%2F&domain=www.hawtcelebs.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=gwea5nxGVmtwak9nZ204SXVMK1JUQ1l4cGFWM0FZU3JXR0pVcFpsYzFXUSt2Nm12MU5URUlxMnZwODhnWC9qM1htamhHY3lNcEVpdVRpYko4aWhzNi96UkxhT2E3TmJvNHdQYjhNUmNBckdBNTZKL3NYcm5aWE04VWovdW...
446 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=gwea5nxGVmtwak9nZ204SXVMK1JUQ1l4cGFWM0FZU3JXR0pVcFpsYzFXUSt2Nm12MU5URUlxMnZwODhnWC9qM1htamhHY3lNcEVpdVRpYko4aWhzNi96UkxhT2E3TmJvNHdQYjhNUmNBckdBNTZKL3NYcm5aWE04VWovdWhvUDlOallWSDJtakxzQVhUSmZOUWl1VnRXS0NMYlk2MjU4NHFzdjlDK0VMVkFDUkdSanJLdE01NTNXZTRhN3B5TEFlbXpJeURHamhLY0gvTy9lU05aVjhBa2p0Mi81dDY0am1yZ3NKL3d0SEp5OHViQlhLV1R6NUMyME1VUDFBME9adXdqNUU1VG8rYU45UEpGT21HYUd3Tk8vSFIzc0Jqd2M3YkwrYkRUNW5aLzhyRnhhdz18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
f7250e7293dcef84a3167a1074ad35e2ab598ffdb8ee0b49ef7fdc6cf848a169
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4719
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:43 GMT
location
https://mug.criteo.com/sid?cpp=gwea5nxGVmtwak9nZ204SXVMK1JUQ1l4cGFWM0FZU3JXR0pVcFpsYzFXUSt2Nm12MU5URUlxMnZwODhnWC9qM1htamhHY3lNcEVpdVRpYko4aWhzNi96UkxhT2E3TmJvNHdQYjhNUmNBckdBNTZKL3NYcm5aWE04VWovdWhvUDlOallWSDJtakxzQVhUSmZOUWl1VnRXS0NMYlk2MjU4NHFzdjlDK0VMVkFDUkdSanJLdE01NTNXZTRhN3B5TEFlbXpJeURHamhLY0gvTy9lU05aVjhBa2p0Mi81dDY0am1yZ3NKL3d0SEp5OHViQlhLV1R6NUMyME1VUDFBME9adXdqNUU1VG8rYU45UEpGT21HYUd3Tk8vSFIzc0Jqd2M3YkwrYkRUNW5aLzhyRnhhdz18&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1527
content-length
567
expires
0
696.json
id5-sync.com/g/v2/ 		454 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/696.json
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
a86cb3b76f227652a3a693076161bf7a8b493ea6f37bddb12e18edcbd2be3205
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
transfer-encoding
chunked
pbjs
sync.quantumdex.io/usersync/ Frame 5A0F 		4 KB
956 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7455d144e490666c4ea40495e9e5b7bf0d5b761f083117bea243fba7bf55617

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
72dce6677e2f6dc7-MIA
content-encoding
gzip
content-type
text/html
date
Wed, 20 Jul 2022 15:58:44 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
isyn
prebid.a-mo.net/ Frame 88D3 		1 KB
581 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
52c96e65b6b61e9ad70c74bf8154b878fab217633098900141e9472f28bbe0d3

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
518
content-type
text/html; charset=utf-8
date
Wed, 20 Jul 2022 15:58:43 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
sync
eb2.3lift.com/ Frame D5DB 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
e19e820f4c4a540343d9ccaaccb7ded1f7b102a235f414ad5f87777b6e045f34

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
456
content-type
text/html; charset=utf-8
date
Wed, 20 Jul 2022 15:58:44 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync.html
cdn.aralego.net/ucfad/cookie/ Frame 4628 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html?usprivacy=1---
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
age
5791
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
72dce667dca58dd2-MIA
content-encoding
br
content-type
text/html
date
Wed, 20 Jul 2022 15:58:44 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7SJmwrO0YOUUMV5MzCyC3%2Bx1Fiw8r2dmtrvqZoOpoqDY6dirtNPpEPtx7m5ih0y7iryMNmTQhH66WoOKNjnPAWobDdfBaXdu6fozOf4pOpA0EPesh35TepkVfT%2BsQkT3mri2VqJhsk1nHnC6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2A55 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
38978
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 20 Jul 2022 15:58:44 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 11 Jul 2022 04:38:47 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 133214
X-Served-By
cache-lga21941-LGA, cache-mia11369-MIA
X-Timer
S1658332724.373294,VS0,VE0
sync
eb2.3lift.com/ Frame 8392 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
e19e820f4c4a540343d9ccaaccb7ded1f7b102a235f414ad5f87777b6e045f34

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
456
content-type
text/html; charset=utf-8
date
Wed, 20 Jul 2022 15:58:44 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pbjs
sync.quantumdex.io/usersync/ Frame 2834 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b07f38b554c503600efcdbfd30d4f5ee3555c7bf9bbfeda35ba0d187d368d6a7

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
72dce6677e2b6dc7-MIA
content-encoding
gzip
content-type
text/html
date
Wed, 20 Jul 2022 15:58:44 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
pbjs
sync.quantumdex.io/usersync/ Frame 8D1D 		4 KB
964 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe221ff04e857119d31bf32e58b6933983f00c2746e7ef06621e749b68f8d5c8

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
72dce6677e2d6dc7-MIA
content-encoding
gzip
content-type
text/html
date
Wed, 20 Jul 2022 15:58:44 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
async_usersync.html
acdn.adnxs.com/dmp/ Frame C85B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
38978
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 20 Jul 2022 15:58:44 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 11 Jul 2022 04:38:47 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 133215
X-Served-By
cache-lga21941-LGA, cache-mia11369-MIA
X-Timer
S1658332724.413170,VS0,VE0
async_usersync.html
acdn.adnxs.com/dmp/ Frame EE6C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
38977
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 20 Jul 2022 15:58:44 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 11 Jul 2022 04:38:47 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 134536
X-Served-By
cache-lga21941-LGA, cache-mia11320-MIA
X-Timer
S1658332724.445524,VS0,VE0
sync
eb2.3lift.com/ Frame E017 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
e19e820f4c4a540343d9ccaaccb7ded1f7b102a235f414ad5f87777b6e045f34

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
456
content-type
text/html; charset=utf-8
date
Wed, 20 Jul 2022 15:58:44 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
eb2.3lift.com/ Frame BFAD 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
e19e820f4c4a540343d9ccaaccb7ded1f7b102a235f414ad5f87777b6e045f34

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
456
content-type
text/html; charset=utf-8
date
Wed, 20 Jul 2022 15:58:44 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame AD9C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
38978
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 20 Jul 2022 15:58:44 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 11 Jul 2022 04:38:47 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 133882
X-Served-By
cache-lga21941-LGA, cache-mia11326-MIA
X-Timer
S1658332724.445832,VS0,VE0
/
csync.smilewanted.com/ Frame DF04 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/?us_privacy=1---
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
662817e21330cbf78ce4c0f606a0989b107d3dc4cf55849b6065ad9ee5096d66

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72dce66789df9aba-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 15:58:44 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8831 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
38978
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Wed, 20 Jul 2022 15:58:44 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 11 Jul 2022 04:38:47 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
2, 133470
X-Served-By
cache-lga21941-LGA, cache-mia11373-MIA
X-Timer
S1658332724.448992,VS0,VE0
pbjs
sync.quantumdex.io/usersync/ Frame 4242 		4 KB
962 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df6052a1c5ee56a008da2ebac08c26c972495b5594c4c74d24383173a2106e4b

Request headers

Referer
https://www.hawtcelebs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
72dce6677e316dc7-MIA
content-encoding
gzip
content-type
text/html
date
Wed, 20 Jul 2022 15:58:44 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
pixel
cm.g.doubleclick.net/ 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_dbm&gdpr=0&gdpr_consent=&google_hm=ZTgyZjFmZjYtNWI3ZS00ZTkwLWExODEtNGMyYTUyOGQ5ZTk0&us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&gdpr=0&gdpr_consent=&google_hm=NGQ5YzE2ZWMtODBkZS00NGFmLTk2MDEtOTI3ZDkyNjA1Njcw&us_privacy=1---
  • https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
Protocol
H2
Server
52.70.74.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-74-97.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.sharethrough.com/sync/v1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://stx-match.dotomi.com/match/bounce/current?networkId=44410&version=1&nuid=4d9c16ec-80de-44af-9601-927d92605670&us_privacy=1---
  • https://stx-match.dotomi.com/match/bounce/current?DotomiTest=586652457b81204&is_secure=true&networkId=44410&version=1&nuid=4d9c16ec-80de-44af-9601-927d92605670&us_privacy=1---
  • https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAAGZoj4_ebmrwMenRpUAAAAAAA&expiration=1658419124&nuid=4d9c16ec-80de-44af-9601-927d92605670&is_secure=true&u...
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAAGZoj4_ebmrwMenRpUAAAAAAA&expiration=1658419124&nuid=4d9c16ec-80de-44af-9601-927d92605670&is_secure=true&us_privacy=1---
Protocol
H2
Server
52.70.74.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-74-97.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAAGZoj4_ebmrwMenRpUAAAAAAA&expiration=1658419124&nuid=4d9c16ec-80de-44af-9601-927d92605670&is_secure=true&us_privacy=1---
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=83&mt_exuid=e82f1ff6-5b7e-4e90-a181-4c2a528d9e94&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DsxJxpx7oBnWwaatGE8NyMg2D%26source_us...
  • https://match.sharethrough.com/sync/v1?source_id=sxJxpx7oBnWwaatGE8NyMg2D&source_user_id=0be862d8-2632-4700-b4a9-ffbbf32e26e2
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=sxJxpx7oBnWwaatGE8NyMg2D&source_user_id=0be862d8-2632-4700-b4a9-ffbbf32e26e2
Protocol
H2
Server
52.70.74.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-74-97.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Date
Wed, 20 Jul 2022 15:58:44 GMT
Server
MT3 4447 e18e916 master iad-pixel-x1 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://match.sharethrough.com/sync/v1?source_id=sxJxpx7oBnWwaatGE8NyMg2D&source_user_id=0be862d8-2632-4700-b4a9-ffbbf32e26e2
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Wed, 20 Jul 2022 15:58:43 GMT
ecm3
s.amazon-adsystem.com/ 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=e82f1ff6-5b7e-4e90-a181-4c2a528d9e94&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:44 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
DAB37MVFG1BQ55Y9VV3Q
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0013300001kQj2HAAS&ru=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DkzFyzzqXEqukMDumpVLB6Eq3%26source_user_id%3D33XUSERID33X&us_privacy=1---
  • https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=78147065046372
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=78147065046372
Protocol
H2
Server
52.70.74.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-74-97.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:43 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://match.sharethrough.com/sync/v1?source_id=kzFyzzqXEqukMDumpVLB6Eq3&source_user_id=78147065046372
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558357&ev=1&rurl=https%3a%2f%2fmatch.sharethrough.com/sync/v1?source_id=790d3e0174b12a86f1cbebf4&source_user_id=%%VGUID%%&us_privacy=1---
  • https://match.sharethrough.com/sync/v1?source_id=790d3e0174b12a86f1cbebf4&ev=1&source_user_id=R1Ioz9Sk500U&us_privacy=1---&pid=558357
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=790d3e0174b12a86f1cbebf4&ev=1&source_user_id=R1Ioz9Sk500U&us_privacy=1---&pid=558357
Protocol
H2
Server
52.70.74.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-74-97.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://match.sharethrough.com/sync/v1?source_id=790d3e0174b12a86f1cbebf4&ev=1&source_user_id=R1Ioz9Sk500U&us_privacy=1---&pid=558357
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6886c85865-qrklk
expires
-1
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=s&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DxTFJbLbs37tyhbKsPP9VC2cm%26source_user_id%3D%24UID&us_privacy=1---
  • https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=252eabd
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=252eabd
Protocol
H2
Server
52.70.74.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-74-97.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Wed, 20 Jul 2022 15:58:44 GMT
via
1.1 ffa37482155641d3f809e2a4a5572070.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR52-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://match.sharethrough.com/sync/v1?source_id=xTFJbLbs37tyhbKsPP9VC2cm&source_user_id=252eabd
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
qLR1MOGiMbDnc31rJ_NpiNCKcJUVRafLyIZ2tVLUKiZN-h6sd4vCZQ==
&us_privacy=1---
b1sync.zemanta.com/usersync/sharethrough/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/sharethrough/&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.31.142.95 Lincolnwood, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://stx-match.dotomi.com/match/bounce/current?networkId=44410&version=1&nuid=e82f1ff6-5b7e-4e90-a181-4c2a528d9e94&us_privacy=1---
  • https://stx-match.dotomi.com/match/bounce/current?DotomiTest=1de791bef6771201&is_secure=true&networkId=44410&version=1&nuid=e82f1ff6-5b7e-4e90-a181-4c2a528d9e94&us_privacy=1---
  • https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAAGZdMS3IfxhANiBYTNAAAAAAA&expiration=1658419124&nuid=e82f1ff6-5b7e-4e90-a181-4c2a528d9e94&is_secure=true&u...
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAAGZdMS3IfxhANiBYTNAAAAAAA&expiration=1658419124&nuid=e82f1ff6-5b7e-4e90-a181-4c2a528d9e94&is_secure=true&us_privacy=1---
Protocol
H2
Server
52.70.74.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-74-97.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://match.sharethrough.com/sync/v1?source_id=XXFNqX2gk1rVb6Jw3xJ26afL&source_user_id=AAAGZdMS3IfxhANiBYTNAAAAAAA&expiration=1658419124&nuid=e82f1ff6-5b7e-4e90-a181-4c2a528d9e94&is_secure=true&us_privacy=1---
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_dbm&gdpr=0&gdpr_consent=&google_hm=NGQ5YzE2ZWMtODBkZS00NGFmLTk2MDEtOTI3ZDkyNjA1Njcw&us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
p-jq037psmtjhn.gif
pixel.quantserve.com/pixel/ 		0
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-jq037psmtjhn.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent=&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCWEYwN0ZzRXdBQUJCVUd6d0tIdw&gdpr=0&gdpr_consent=&us_privacy=1---&bee_sync_partners=pm%2Csas%2Cpp%2Csyn%2Cshr&bee_sync...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Csas%2Cpp%2Csyn%2Cshr&bee_sync_current_partner=adx&bee_sync_initiator=shr&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABXF07FsEwAABBUGzwKHw&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpp%2Csyn%2Cshr&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABXF07FsEwAABBUGzwKHw&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csyn%252Cshr%26bee_s...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csyn%2Cshr&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=1278341628099599906&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABXF07FsEwAABBUGzwKHw&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1278341628099599906%26gdpr%3D0%26gdpr_consent%3D%26bee_...
  • https://match.prod.bidr.io/cookie-sync?userid=1278341628099599906&gdpr=0&gdpr_consent=&bee_sync_partners=syn%2Cshr&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AABXF07...
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABXF07FsEwAABBUGzwKHw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D1278341628099599906%26gdpr%3D0%26gdpr%3D0%26bee_sync_...
  • https://match.prod.bidr.io/cookie-sync?userid=1278341628099599906&gdpr=0&gdpr=0&bee_sync_partners=shr&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=5
  • https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AABXF07FsEwAABBUGzwKHw&gdpr=0
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AABXF07FsEwAABBUGzwKHw&gdpr=0
Protocol
H2
Server
52.70.74.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-74-97.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AABXF07FsEwAABBUGzwKHw&gdpr=0
Date
Wed, 20 Jul 2022 15:58:45 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
396846.gif
idsync.rlcdn.com/
Redirect Chain
  • https://idsync.rlcdn.com/712068.gif?partner_uid=4d9c16ec-80de-44af-9601-927d92605670&us_privacy=1---
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=ed875b58-97a8-4f6a-b7c0-2c8635ffbad7
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=ed875b58-97a8-4f6a-b7c0-2c8635ffbad7
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jul 2022 15:58:44 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Wed, 20 Jul 2022 15:58:44 GMT
content-encoding
gzip
server
OXGW/485d39a
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=ed875b58-97a8-4f6a-b7c0-2c8635ffbad7
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58593/occ?gdpr=0&gdpr_consent=&us_privacy=1---
  • https://match.sharethrough.com/sync/v1?source_id=naoMZbMYsdSVbJhyQ36iXzT1&source_user_id=y-ffRBczJE2uEah..hEnD9CRy3CWvFLkgRUdQh7mg-~A&gdpr=0&gdpr_consent=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=naoMZbMYsdSVbJhyQ36iXzT1&source_user_id=y-ffRBczJE2uEah..hEnD9CRy3CWvFLkgRUdQh7mg-~A&gdpr=0&gdpr_consent=
Protocol
H2
Server
52.70.74.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-74-97.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

location
https://match.sharethrough.com/sync/v1?source_id=naoMZbMYsdSVbJhyQ36iXzT1&source_user_id=y-ffRBczJE2uEah..hEnD9CRy3CWvFLkgRUdQh7mg-~A&gdpr=0&gdpr_consent=
date
Wed, 20 Jul 2022 15:58:44 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=18694&us_privacy=1---
  • https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=L5TSHGLI-U-ECYW&us_privacy=1---
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=L5TSHGLI-U-ECYW&us_privacy=1---
Protocol
H2
Server
52.70.74.97 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-74-97.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=L5TSHGLI-U-ECYW&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
bd0f62a3fbacfef6a33ae6abaf6daf37
Expires
0
async_usersync
ib.adnxs.com/ Frame 2A55 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:44 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
9218d1f3-253b-4f4a-abe8-41c73f7ec564
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame D5DB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame D5DB
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2MjIzNzg3Mjc4MzkyNjc4OTA2MQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame D5DB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKP46BpypnR-RwVb3uPGTPo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKP46BpypnR-RwVb3uPGTPo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKP46BpypnR-RwVb3uPGTPo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D5DB
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2MjIzNzg3Mjc4MzkyNjc4OTA2MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2MjIzNzg3Mjc4MzkyNjc4OTA2MQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2MjIzNzg3Mjc4MzkyNjc4OTA2MQ%3D%3D
date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame D5DB
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1862237872783926789061&dbredirect=true&gdpr=0&consent=
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5b9634fc-fb2f-46c9-a2ce-c5657bab8f46&_noobservation=1
43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5b9634fc-fb2f-46c9-a2ce-c5657bab8f46&_noobservation=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
104.18.100.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
72dce6691ad69ac0-MIA
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

date
Wed, 20 Jul 2022 15:58:43 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 7C126C7222AD403D86C21CC303B4AA76 Ref B: MIAEDGE2811 Ref C: 2022-07-20T15:58:44Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5b9634fc-fb2f-46c9-a2ce-c5657bab8f46&_noobservation=1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXkPqz2i1S6HOVAbS6WAg==
c.gif
c.bing.com/ Frame D5DB 		42 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1862237872783926789061&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
etag
"44e7313dc9ad81:0"
last-modified
Mon, 18 Jul 2022 19:25:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: EED5C3D3B58249C9B7436B35D17DAC44 Ref B: MIA301000102017 Ref C: 2022-07-20T15:58:44Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame D5DB
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1862237872783926789061?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-bJ2GtwdE2oQ8aDQwXA6CmhDm67vUZKl2I92nNAioAw--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-bJ2GtwdE2oQ8aDQwXA6CmhDm67vUZKl2I92nNAioAw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 20 Jul 2022 15:58:44 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-bJ2GtwdE2oQ8aDQwXA6CmhDm67vUZKl2I92nNAioAw--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
xuid
eb2.3lift.com/ Frame D5DB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1862237872783926789061&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=622885e8-69bc-4dce-b7b7-33df6ad940af&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10593873702528322555&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=72b09538-e154-472b-9fb0-46549e06af35&ssp=triplelift&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10593873702528322555&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=212530604218008341753&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10593873702528322555&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2409&xuid=622885e8-69bc-4dce-b7b7-33df6ad940af&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=622885e8-69bc-4dce-b7b7-33df6ad940af&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=622885e8-69bc-4dce-b7b7-33df6ad940af&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Wed, 20 Jul 2022 15:58:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame D5DB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1862237872783926789061
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame D5DB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=7EcbTJ0xr6mloBuw1D0R&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5G5CWGYSUJIYHQ...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=7EcbTJ0xr6mloBuw1D0R
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=7EcbTJ0xr6mloBuw1D0R
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:44 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=7EcbTJ0xr6mloBuw1D0R
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame 8392
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame 8392
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2MjIzNzg3Mjc4MzkyNjc4OTA2MQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 8392
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKP46BpypnR-RwVb3uPGTPo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKP46BpypnR-RwVb3uPGTPo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKP46BpypnR-RwVb3uPGTPo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8392
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2MjIzNzg3Mjc4MzkyNjc4OTA2MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2MjIzNzg3Mjc4MzkyNjc4OTA2MQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2MjIzNzg3Mjc4MzkyNjc4OTA2MQ%3D%3D
date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 8392
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1862237872783926789061&dbredirect=true&gdpr=0&consent=
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5b9634fc-fb2f-46c9-a2ce-c5657bab8f46&_noobservation=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5b9634fc-fb2f-46c9-a2ce-c5657bab8f46&_noobservation=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
104.18.100.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
72dce6692b029ac0-MIA
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

date
Wed, 20 Jul 2022 15:58:43 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 3CDF625A43DE4855A2E4B29E0BEE80D8 Ref B: MIAEDGE2811 Ref C: 2022-07-20T15:58:44Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5b9634fc-fb2f-46c9-a2ce-c5657bab8f46&_noobservation=1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXkPqz2xhw6lUJBoKw9Ew==
c.gif
c.bing.com/ Frame 8392 		42 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1862237872783926789061&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
etag
"44e7313dc9ad81:0"
last-modified
Mon, 18 Jul 2022 19:25:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4231F40873C84BF3A398BD7357D1DCA1 Ref B: MIA301000102017 Ref C: 2022-07-20T15:58:44Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 8392
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1862237872783926789061?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-bJ2GtwdE2oQ8aDQwXA6CmhDm67vUZKl2I92nNAioAw--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-bJ2GtwdE2oQ8aDQwXA6CmhDm67vUZKl2I92nNAioAw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 20 Jul 2022 15:58:44 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-bJ2GtwdE2oQ8aDQwXA6CmhDm67vUZKl2I92nNAioAw--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
xuid
eb2.3lift.com/ Frame 8392
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1862237872783926789061&gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtriplelift%26expires%3D30%...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dtriplelift%26expires%3D30%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=bb9c4bf7-bb16-53c9-8d20-a972eff88f46&ssp=triplelift&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2409&xuid=622885e8-69bc-4dce-b7b7-33df6ad940af&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=622885e8-69bc-4dce-b7b7-33df6ad940af&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=622885e8-69bc-4dce-b7b7-33df6ad940af&dongle=d3d3&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Wed, 20 Jul 2022 15:58:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame 8392 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1862237872783926789061
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 8392
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=7EcbTJ0xr6mloBuw1D0R&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5G5CWGYSUJIYHQ...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=7EcbTJ0xr6mloBuw1D0R
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=7EcbTJ0xr6mloBuw1D0R
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:45 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=7EcbTJ0xr6mloBuw1D0R
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cframe.js
assets.a-mo.net/js/ Frame 88D3 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1eee34931cf505455f8eec63ed94483b298da6e0c3f636afe43a837662996b4d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
via
1.1 130ce7c752c5865952ded89032560b32.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
215
x-cache
Hit from cloudfront
content-encoding
br
last-modified
Tue, 19 Jul 2022 22:02:30 GMT
server
cloudflare
etag
W/"5d4d1f5c97de125cd81d5ab18e85de45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
MIA3-C3
cf-ray
72dce668aab867d4-MIA
x-amz-cf-id
_7yHSyeRkOXmsgaLwZaBFmRqpIiqWL7Q4FG31Hf39nNLLPRtFgaK7A==
expires
Wed, 20 Jul 2022 16:58:44 GMT
xuid
eb2.3lift.com/ Frame E017
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame E017
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2MjIzNzg3Mjc4MzkyNjc4OTA2MQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame E017
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKP46BpypnR-RwVb3uPGTPo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKP46BpypnR-RwVb3uPGTPo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKP46BpypnR-RwVb3uPGTPo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E017
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2MjIzNzg3Mjc4MzkyNjc4OTA2MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2MjIzNzg3Mjc4MzkyNjc4OTA2MQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2MjIzNzg3Mjc4MzkyNjc4OTA2MQ%3D%3D
date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame E017
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1862237872783926789061&dbredirect=true&gdpr=0&consent=
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5b9634fc-fb2f-46c9-a2ce-c5657bab8f46&_noobservation=1
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5b9634fc-fb2f-46c9-a2ce-c5657bab8f46&_noobservation=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
104.18.100.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
72dce6691adf9ac0-MIA
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

date
Wed, 20 Jul 2022 15:58:43 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 4393DDCE7DA8446C99E55A4BE39F35C0 Ref B: MIAEDGE2811 Ref C: 2022-07-20T15:58:44Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5b9634fc-fb2f-46c9-a2ce-c5657bab8f46&_noobservation=1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXkPqz2+/6PsAjnqH/dTg==
c.gif
c.bing.com/ Frame E017 		42 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1862237872783926789061&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
etag
"44e7313dc9ad81:0"
last-modified
Mon, 18 Jul 2022 19:25:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0A914506C6A64F03AA2A21D2340D39A1 Ref B: MIA301000102017 Ref C: 2022-07-20T15:58:44Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame E017
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1862237872783926789061?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-bJ2GtwdE2oQ8aDQwXA6CmhDm67vUZKl2I92nNAioAw--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-bJ2GtwdE2oQ8aDQwXA6CmhDm67vUZKl2I92nNAioAw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 20 Jul 2022 15:58:44 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-bJ2GtwdE2oQ8aDQwXA6CmhDm67vUZKl2I92nNAioAw--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
xuid
eb2.3lift.com/ Frame E017
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1862237872783926789061&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=8013262513350572065&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=622885e8-69bc-4dce-b7b7-33df6ad940af&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=622885e8-69bc-4dce-b7b7-33df6ad940af&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=622885e8-69bc-4dce-b7b7-33df6ad940af&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 20 Jul 2022 15:58:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame E017 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1862237872783926789061
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame E017
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=7EcbTJ0xr6mloBuw1D0R&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5G5CWGYSUJIYHQ...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=7EcbTJ0xr6mloBuw1D0R
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=7EcbTJ0xr6mloBuw1D0R
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:45 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=7EcbTJ0xr6mloBuw1D0R
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame BFAD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame BFAD
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2MjIzNzg3Mjc4MzkyNjc4OTA2MQ%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame BFAD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKP46BpypnR-RwVb3uPGTPo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKP46BpypnR-RwVb3uPGTPo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKP46BpypnR-RwVb3uPGTPo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BFAD
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2MjIzNzg3Mjc4MzkyNjc4OTA2MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2MjIzNzg3Mjc4MzkyNjc4OTA2MQ%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTg2MjIzNzg3Mjc4MzkyNjc4OTA2MQ%3D%3D
date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame BFAD
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1862237872783926789061&dbredirect=true&gdpr=0&consent=
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5b9634fc-fb2f-46c9-a2ce-c5657bab8f46&_noobservation=1
43 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5b9634fc-fb2f-46c9-a2ce-c5657bab8f46&_noobservation=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
104.18.100.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
72dce6691ae19ac0-MIA
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

date
Wed, 20 Jul 2022 15:58:43 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 081221DC796648FA9147CA26133087B9 Ref B: MIAEDGE2811 Ref C: 2022-07-20T15:58:44Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=5b9634fc-fb2f-46c9-a2ce-c5657bab8f46&_noobservation=1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXkPqz3ELCuZBDD5a+QnA==
c.gif
c.bing.com/ Frame BFAD 		42 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1862237872783926789061&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
etag
"44e7313dc9ad81:0"
last-modified
Mon, 18 Jul 2022 19:25:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 6ECA8F5335AB4E288A72C3E156E7D02B Ref B: MIA301000102017 Ref C: 2022-07-20T15:58:44Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame BFAD
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1862237872783926789061?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-bJ2GtwdE2oQ8aDQwXA6CmhDm67vUZKl2I92nNAioAw--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-bJ2GtwdE2oQ8aDQwXA6CmhDm67vUZKl2I92nNAioAw--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Wed, 20 Jul 2022 15:58:44 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-bJ2GtwdE2oQ8aDQwXA6CmhDm67vUZKl2I92nNAioAw--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
xuid
eb2.3lift.com/ Frame BFAD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=1862237872783926789061&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=7258d0e8-a959-4131-8406-155c6b6e063e&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=622885e8-69bc-4dce-b7b7-33df6ad940af&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=622885e8-69bc-4dce-b7b7-33df6ad940af&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=622885e8-69bc-4dce-b7b7-33df6ad940af&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 20 Jul 2022 15:58:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame BFAD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1862237872783926789061
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame BFAD
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=7EcbTJ0xr6mloBuw1D0R&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5G5CWGYSUJIYHQ...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=7EcbTJ0xr6mloBuw1D0R
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=7EcbTJ0xr6mloBuw1D0R
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:45 GMT
P3p
CP="We do not support P3P header."
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=7EcbTJ0xr6mloBuw1D0R
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 2834
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8343254669216575683
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8343254669216575683
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66918186dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:44 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
cf458643-8062-4d05-a044-07f33a5e743d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8343254669216575683
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 2834
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=bb9c4bf7-bb16-53c9-8d20-a972eff88f46
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=bb9c4bf7-bb16-53c9-8d20-a972eff88f46
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66a9ac76dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=bb9c4bf7-bb16-53c9-8d20-a972eff88f46
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 2834
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=b2dce1dc-0567-29dc-166d-556fa1e77b0b
43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=b2dce1dc-0567-29dc-166d-556fa1e77b0b
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66b6bec6dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=b2dce1dc-0567-29dc-166d-556fa1e77b0b
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame 2834
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=4d9c16ec-80de-44af-9601-927d92605670
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=4d9c16ec-80de-44af-9601-927d92605670
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce669284a6dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=4d9c16ec-80de-44af-9601-927d92605670
date
Wed, 20 Jul 2022 15:58:44 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 2834
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FAgeSLZHVaUhrBmTQRerlfSa
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FAgeSLZHVaUhrBmTQRerlfSa
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66c0c806dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Wed, 20 Jul 2022 15:58:45 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FAgeSLZHVaUhrBmTQRerlfSa
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ord1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame 2834
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO8j2WVa__i3ZusQVUoY4D0v0KC2OEBf05wQPN6w
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO8j2WVa__i3ZusQVUoY4D0v0KC2OEBf05wQPN6w
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66c0c956dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO8j2WVa__i3ZusQVUoY4D0v0KC2OEBf05wQPN6w
date
Wed, 20 Jul 2022 15:58:44 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 2834
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=3013343241523636000V10
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=3013343241523636000V10
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66adb336dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 20 Jul 2022 15:58:44 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=3013343241523636000V10
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Wed, 20 Jul 2022 15:58:44 GMT
setuid
sync.quantumdex.io/ Frame 2834
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ffRBczJE2uEah..hEnD9CRy3CWvFLkgRUdQh7mg-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ffRBczJE2uEah..hEnD9CRy3CWvFLkgRUdQh7mg-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66938506dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ffRBczJE2uEah..hEnD9CRy3CWvFLkgRUdQh7mg-~A
date
Wed, 20 Jul 2022 15:58:44 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 2834
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=252eabd
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=smaato&uid=252eabd
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66938616dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

date
Wed, 20 Jul 2022 15:58:44 GMT
via
1.1 ffa37482155641d3f809e2a4a5572070.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR52-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.quantumdex.io/setuid?bidder=smaato&uid=252eabd
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
c_AjYpeAvcOkrI22cSo-Mgan6trbpq7F1sssT_g8n9Yxft06BpFylg==
setuid
sync.quantumdex.io/ Frame 4242
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=252eabd
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=smaato&uid=252eabd
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce669283d6dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

date
Wed, 20 Jul 2022 15:58:44 GMT
via
1.1 ffa37482155641d3f809e2a4a5572070.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR52-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.quantumdex.io/setuid?bidder=smaato&uid=252eabd
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
bh6V94Gm6ooAoH2Bx5qgdMX9P8Rjp88afj_ptlw4_jj6LXY8E5Vvxg==
setuid
sync.quantumdex.io/ Frame 4242
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8343254669216575683
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8343254669216575683
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce669283f6dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:44 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
7c3df1cc-0013-4689-bc8c-4b96a24f458f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8343254669216575683
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 4242
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=bb9c4bf7-bb16-53c9-8d20-a972eff88f46
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=bb9c4bf7-bb16-53c9-8d20-a972eff88f46
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66a9acb6dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=bb9c4bf7-bb16-53c9-8d20-a972eff88f46
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 4242
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=54d22a5c-f5e4-ff4a-7b3d-4730cd6c799b
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=54d22a5c-f5e4-ff4a-7b3d-4730cd6c799b
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66b8bfd6dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=54d22a5c-f5e4-ff4a-7b3d-4730cd6c799b
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame 4242
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=4d9c16ec-80de-44af-9601-927d92605670
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=4d9c16ec-80de-44af-9601-927d92605670
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66978e06dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=4d9c16ec-80de-44af-9601-927d92605670
date
Wed, 20 Jul 2022 15:58:44 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 4242
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FAgeSLZHZeU6xJxiTgiq5LTc
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FAgeSLZHZeU6xJxiTgiq5LTc
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66bfc746dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Wed, 20 Jul 2022 15:58:45 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FAgeSLZHZeU6xJxiTgiq5LTc
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ord1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame 4242
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOgvrWuaXmh4hfx6tpF55k0DoppuL0ONP5vwPLHg
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOgvrWuaXmh4hfx6tpF55k0DoppuL0ONP5vwPLHg
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66c7d136dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMOgvrWuaXmh4hfx6tpF55k0DoppuL0ONP5vwPLHg
date
Wed, 20 Jul 2022 15:58:44 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 4242
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=3013343241523617000V10
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=3013343241523617000V10
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66adb356dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 20 Jul 2022 15:58:44 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=3013343241523617000V10
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Wed, 20 Jul 2022 15:58:44 GMT
setuid
sync.quantumdex.io/ Frame 4242
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ffRBczJE2uEah..hEnD9CRy3CWvFLkgRUdQh7mg-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ffRBczJE2uEah..hEnD9CRy3CWvFLkgRUdQh7mg-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66978e16dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ffRBczJE2uEah..hEnD9CRy3CWvFLkgRUdQh7mg-~A
date
Wed, 20 Jul 2022 15:58:44 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 8D1D
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=252eabd
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=smaato&uid=252eabd
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66928426dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

date
Wed, 20 Jul 2022 15:58:44 GMT
via
1.1 ffa37482155641d3f809e2a4a5572070.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR52-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.quantumdex.io/setuid?bidder=smaato&uid=252eabd
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
mo6yiTMFAZAFAZ1wIoDoHh2-TsKHdRcConUDY8T49I16moZeecNAlA==
setuid
sync.quantumdex.io/ Frame 8D1D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8343254669216575683
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8343254669216575683
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66928456dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:44 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
06f9034e-1bde-47fd-be72-bda45c988cef
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8343254669216575683
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 8D1D
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=bb9c4bf7-bb16-53c9-8d20-a972eff88f46
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=bb9c4bf7-bb16-53c9-8d20-a972eff88f46
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66a9aca6dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=bb9c4bf7-bb16-53c9-8d20-a972eff88f46
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 8D1D
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FAgeSLZHZeU6xJxiTgiq5LTc
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FAgeSLZHZeU6xJxiTgiq5LTc
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66c0c866dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Wed, 20 Jul 2022 15:58:45 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FAgeSLZHZeU6xJxiTgiq5LTc
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ord1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame 8D1D
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO5tUZ1Dtvhd1jBvXJZnYfFtNWdFB_XIef59g9fA
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO5tUZ1Dtvhd1jBvXJZnYfFtNWdFB_XIef59g9fA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66d0e356dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO5tUZ1Dtvhd1jBvXJZnYfFtNWdFB_XIef59g9fA
date
Wed, 20 Jul 2022 15:58:45 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 8D1D
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=4d9c16ec-80de-44af-9601-927d92605670
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=4d9c16ec-80de-44af-9601-927d92605670
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce669b94d6dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=4d9c16ec-80de-44af-9601-927d92605670
date
Wed, 20 Jul 2022 15:58:44 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 8D1D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ffRBczJE2uEah..hEnD9CRy3CWvFLkgRUdQh7mg-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ffRBczJE2uEah..hEnD9CRy3CWvFLkgRUdQh7mg-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce669b94f6dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ffRBczJE2uEah..hEnD9CRy3CWvFLkgRUdQh7mg-~A
date
Wed, 20 Jul 2022 15:58:44 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 8D1D
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=3013343241523602000V10
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=3013343241523602000V10
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66aaadf6dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 20 Jul 2022 15:58:44 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=3013343241523602000V10
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Wed, 20 Jul 2022 15:58:44 GMT
setuid
sync.quantumdex.io/ Frame 8D1D
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=f5b2c0b7-70c3-2596-0249-77e3bc0b9e19
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=f5b2c0b7-70c3-2596-0249-77e3bc0b9e19
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66b7bf26dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=f5b2c0b7-70c3-2596-0249-77e3bc0b9e19
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
usermatch
ssum-sec.casalemedia.com/ Frame 5C4E 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
203326883415ab3e0d2ac6e650ee911b2f609e3935de3e4292a19380c95fc1b5

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
72dce668bb9c0992-MIA
content-encoding
br
content-type
text/html
date
Wed, 20 Jul 2022 15:58:44 GMT
dropped-udsids
39|230|241|46|191|26|64|195
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QyhQsCtw9UbRn4hfBqKQqeGRcKyYiYx1UkZtZH7HkYXee%2Fzvtviq8NpJkngrWtOnUNaFRU9MD7FQNeEAT5rNxAZqti%2FJuqq2mVc%2F9HbBmxw2rk8I6SSBqHn5L32h%2BfvI6t8WRWvom2jZng%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
/
onetag-sys.com/usync/ Frame 7802 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
pbsync
usermatch.targeting.unrulymedia.com/ Frame 5988 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 20 Jul 2022 15:58:44 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5CF1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.60.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=142000
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 15:58:44 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 22 Jul 2022 07:25:24 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 16ED
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 20 Jul 2022 15:58:44 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 20 Jul 2022 15:58:44 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server
AkamaiGHost
setuid
sync.quantumdex.io/ Frame 5A0F
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3...
  • https://sync.quantumdex.io/setuid?bidder=medianet&uid=3013343241523619000V10
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=medianet&uid=3013343241523619000V10
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66adb326dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Wed, 20 Jul 2022 15:58:44 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.quantumdex.io/setuid?bidder=medianet&uid=3013343241523619000V10
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Wed, 20 Jul 2022 15:58:44 GMT
setuid
sync.quantumdex.io/ Frame 5A0F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8343254669216575683
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8343254669216575683
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66968cb6dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:44 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a6c73a11-6517-42d9-9c89-bd0855803ddb
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8343254669216575683
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 5A0F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ffRBczJE2uEah..hEnD9CRy3CWvFLkgRUdQh7mg-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ffRBczJE2uEah..hEnD9CRy3CWvFLkgRUdQh7mg-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce669b9556dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ffRBczJE2uEah..hEnD9CRy3CWvFLkgRUdQh7mg-~A
date
Wed, 20 Jul 2022 15:58:44 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 5A0F
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=252eabd
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=smaato&uid=252eabd
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce669b9586dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

date
Wed, 20 Jul 2022 15:58:44 GMT
via
1.1 ffa37482155641d3f809e2a4a5572070.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR52-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.quantumdex.io/setuid?bidder=smaato&uid=252eabd
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
5smCwuafybK4pw6HO0DVjlId2x7vIhy_aw02JQAOKl_wodcOqu84GQ==
setuid
sync.quantumdex.io/ Frame 5A0F
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
  • https://sync.quantumdex.io/setuid?bidder=between&uid=bb9c4bf7-bb16-53c9-8d20-a972eff88f46
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=bb9c4bf7-bb16-53c9-8d20-a972eff88f46
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66a9ac86dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=bb9c4bf7-bb16-53c9-8d20-a972eff88f46
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 5A0F
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=4d9c16ec-80de-44af-9601-927d92605670
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=4d9c16ec-80de-44af-9601-927d92605670
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce669b9506dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=4d9c16ec-80de-44af-9601-927d92605670
date
Wed, 20 Jul 2022 15:58:44 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 5A0F
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=78a97def-8c61-9e76-102a-d77ac9e01b13
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=78a97def-8c61-9e76-102a-d77ac9e01b13
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66b7bf46dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=78a97def-8c61-9e76-102a-d77ac9e01b13
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
sync.quantumdex.io/ Frame 5A0F
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FAgeSLZHZeU6xJxiTgiq5LTc
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FAgeSLZHZeU6xJxiTgiq5LTc
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66c0c896dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Wed, 20 Jul 2022 15:58:45 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=FAgeSLZHZeU6xJxiTgiq5LTc
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ord1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
sync.quantumdex.io/ Frame 5A0F
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO5tUZ1Dtvhd1jBvXJZnYfFtNWdFB_XIef59g9fA
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO5tUZ1Dtvhd1jBvXJZnYfFtNWdFB_XIef59g9fA
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66d0e2c6dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-ZHMO5tUZ1Dtvhd1jBvXJZnYfFtNWdFB_XIef59g9fA
date
Wed, 20 Jul 2022 15:58:45 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
usermatch
ssum-sec.casalemedia.com/ Frame FC5F 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db3e8693a105306852148f0d3793d98cfaa4c7e7d59e835285a3f873d805b467

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
72dce668fc090992-MIA
content-encoding
br
content-type
text/html
date
Wed, 20 Jul 2022 15:58:44 GMT
dropped-udsids
73|4|130|3|31|131|26|152
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6x3xvC7bPZkUjaF6pR4ZYsVaH75%2ByF7QjkIEfS7A4G3183CuLFB7HRc%2FLGWnI2Qjxy8uulwIlNiVY41%2FyB6TnQE6m1M7fMZLOo3jHQln7l7mJZ2VSam3z5LHmo5%2BwwM%2B54lAbwNBgtKAg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 6CBA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 20 Jul 2022 15:58:44 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 20 Jul 2022 15:58:44 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 737D 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
pbsync
usermatch.targeting.unrulymedia.com/ Frame 9827 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 20 Jul 2022 15:58:44 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8F03 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.60.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=142000
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 15:58:44 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 22 Jul 2022 07:25:24 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame C85B 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:44 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a835d9a8-3005-4666-9fdd-4ee048fcf820
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame CB10 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7044572316ca53f4fb2a256e069be6d328863fe6174d90e2b653734401b82693

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
72dce6690c200992-MIA
content-encoding
br
content-type
text/html
date
Wed, 20 Jul 2022 15:58:44 GMT
dropped-udsids
206|88|65|81|47|176|40|190
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MngAkfJOPVMsf%2BfNWYGVcjwQ7zcsiuZ4f%2BK3QgOtdJZd7CM886iBal12tIdbPYVxc6c8Hz0dXDe1brqMIPgNnghW%2Bu51kSrl4A%2FRkE%2FtMyklaeaqvPRacs%2FnNGpCvR51i0W57vzYB8Yf7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E758 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.60.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=142000
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 15:58:44 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 22 Jul 2022 07:25:24 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 31D8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 20 Jul 2022 15:58:44 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 20 Jul 2022 15:58:44 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 554C 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
pbsync
usermatch.targeting.unrulymedia.com/ Frame D7BA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 20 Jul 2022 15:58:44 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 23C3 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c0cd2a173126884b05c06a5d218265405a98ab9519ea5640fccf715907bf54b

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
72dce6691c380992-MIA
content-encoding
br
content-type
text/html
date
Wed, 20 Jul 2022 15:58:44 GMT
dropped-udsids
206|88|65|111|90|64|152|51
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NyAHaBL4Wt22SyLzx1l22mg8O7TWwLhYaRvi4Uz88uOl70htB0Y%2FzkAOy56notIqa5GJPxtGEHFVwamQbgrg%2BseGUrm6hRTCSTNlt4jk%2FTwAZB9z1K%2B4wXHQnHd1a8s2gFjroz3le%2F3gAA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
pbsync
usermatch.targeting.unrulymedia.com/ Frame C9DC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Wed, 20 Jul 2022 15:58:44 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4EE8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.60.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=142000
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 15:58:44 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 22 Jul 2022 07:25:24 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 6F2B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 20 Jul 2022 15:58:44 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Wed, 20 Jul 2022 15:58:44 GMT
location
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 578D 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
1x1.png
cdn.aralego.net/img/ Frame 4628
Redirect Chain
  • https://sync.aralego.com/idsync?usprivacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/03e23cc9-0920-31e8-b998-bf8bbf043466?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-YX6oBeBE2oUGjuizZpx9szfj7JlPzPWlnZXWoJ8-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2
  • https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=03e23cc9-0920-31e8-b998-bf8bbf043466&gdpr=0&gdpr_consent=
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=ucfunnel&bsw_custom_parameter=622885e8-69bc-4dce-b7b7-33df6ad940af
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=622885e8-69bc-4dce-b7b7-33df6ad940af&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=72b09538-e154-472b-9fb0-46549e06af35&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=75380306836493605940184551906796271848&pt=72b09538-e154-472b-9fb0-46549e06af35%2Chttps%3A%2F%2Fx.bidswitch.net%2Fsync%3Fds...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=ucfunnel&bsw_param=622885e8-69bc-4dce-b7b7-33df6ad940af
  • https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=622885e8-69bc-4dce-b7b7-33df6ad940af
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=MDNlMjNjYzktMDkyMC0zMWU4LWI5OTgtYmY4YmJmMDQzNDY2&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png
  • https://cdn.aralego.net/img/1x1.png
68 B
700 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.aralego.net/img/1x1.png
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html?usprivacy=1---
Protocol
H3
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2399
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68
last-modified
Wed, 12 Jun 2019 06:09:43 GMT
server
cloudflare
etag
"5d009727-44"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uelIdt9LfLAjMT33eiSqB%2Fbw16566IMaqgK4mdePpyaWgcnx8hXvjOzvsfLrSdhy8tjGlZ3quM4gsXN5xVPKo0n3huYV4OIHNdt3%2BriETl3dLsD%2BJiFBIPzBmwAhXAdQIfCVSo%2F9k7QPYVbypA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
72dce6741adc6dcb-MIA
cf-bgj
imgq:85,h2pri

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cdn.aralego.net/img/1x1.png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
232
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame EE6C 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:44 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
d9230483-e4d1-4907-9f71-975161570870
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame AD9C 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:44 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
2d3144c7-c92a-4488-ae44-2c10e845aa8c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8831 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:44 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f749a8f0-b459-4bcf-a1e1-a162e9d28ab5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=gwea5nxGVmtwak9nZ204SXVMK1JUQ1l4cGFWM0FZU3JXR0pVcFpsYzFXUSt2Nm12MU5URUlxMnZwODhnWC9qM1htamhHY3lNcEVpdVRpYko4aWhzNi96UkxhT2E3TmJvNHdQYjhNUmNBckdBNTZKL3NYcm5aWE04VWovdWhvUDlOallWSDJtakxzQVhUSmZOUWl1VnRXS0NMYlk2MjU4NHFzdjlDK0VMVkFDUkdSanJLdE01NTNXZTRhN3B5TEFlbXpJeURHamhLY0gvTy9lU05aVjhBa2p0Mi81dDY0am1yZ3NKL3d0SEp5OHViQlhLV1R6NUMyME1VUDFBME9adXdqNUU1VG8rYU45UEpGT21HYUd3Tk8vSFIzc0Jqd2M3YkwrYkRUNW5aLzhyRnhhdz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Wed, 20 Jul 2022 15:58:44 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1871
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync
id.a-mx.com/ Frame 88D3 		0
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.a-mx.com/usync?uid=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&gdpr_consent=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9a47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-l1
US
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZS8MOa8qtlipwYw8yMpAeGZJVRiDaz4w%2FtOpDJqmE4lp6kUOC4BaLLdrrZhOtPEtUxY5di9NCLv90t4BjoPbjYLKknEFPM8H6Mrf%2FmaQThGkeAnOqoazMqlp8CDNUFhaVE%2F6quGV%2BoBnpw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private,max-age=0
cf-ray
72dce669bebe9ab4-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
setuid
prebid.a-mo.net/ Frame 88D3
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dbeec9f7c-bab7-46d9-b2e1-a84b64afadeb%26bidder%...
  • https://prebid.a-mo.net/setuid?A=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&bidder=smartadserver&uid=1278341628099599906
0
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&bidder=smartadserver&uid=1278341628099599906
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&bidder=smartadserver&uid=1278341628099599906
date
Wed, 20 Jul 2022 15:58:44 GMT
content-length
0
setuid
prebid.a-mo.net/ Frame 88D3
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEELjQeFb8DKxb4mvpUSQ3dM&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8343254669216575683&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dbeec9f7c-bab7-46d9-b2e1-a84b64afadeb%26bidder%3Dpubmatic%26uid%3DCAC5EC0D-09F2-4CA3-8675-3FE...
  • https://prebid.a-mo.net/setuid?A=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&bidder=pubmatic&uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&bidder=pubmatic&uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&bidder=pubmatic&uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
date
Wed, 20 Jul 2022 09:27:55 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
prebid.a-mo.net/ Frame 88D3
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dbeec9f7c-bab7-46d9-b2e1-a84b64afadeb%26bidder%3Dindex_rtb%26uid%3D
  • https://prebid.a-mo.net/setuid?A=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&bidder=index_rtb&uid=YtgmLaNUKrapf3hd7CxpWwAA%26362
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&bidder=index_rtb&uid=YtgmLaNUKrapf3hd7CxpWwAA%26362
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3It1U8Drf9WoBJaLBv8d3wAs0QsCCCGS86muBC7AdjYEcNzHDOrhD6MGTMGH7jiDU61D8LqTpNmIIbKdonKK4gRCQg8otwxYSLFXkXUUHLQWzS9%2Bok04RQ428KrXHBm4sQJSJ5n5"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://prebid.a-mo.net/setuid?A=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&bidder=index_rtb&uid=YtgmLaNUKrapf3hd7CxpWwAA%26362
cache-control
no-cache
cf-ray
72dce66a7e6067e1-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
setuid
prebid.a-mo.net/ Frame 88D3
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dbeec9f7c-bab7-46d9-b2e1-a84b64afadeb%26bidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dbeec9f7c-bab7-46d9-b2e1-a84b64afadeb%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://prebid.a-mo.net/setuid?A=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&bidder=sovrn&uid=FAgeSLZHo8TuhUBRRuqMzo78
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&bidder=sovrn&uid=FAgeSLZHo8TuhUBRRuqMzo78
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Wed, 20 Jul 2022 15:58:45 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://prebid.a-mo.net/setuid?A=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&bidder=sovrn&uid=FAgeSLZHo8TuhUBRRuqMzo78
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ord1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
prebid.a-mo.net/ Frame 88D3
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dbeec9f7c-bab7-46d9-b2e1-a84b64afadeb%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&bidder=appnexus&uid=8343254669216575683
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&bidder=appnexus&uid=8343254669216575683
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:44 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
16ff0ed6-0525-4c03-8de0-c34b3f3b486d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid.a-mo.net/setuid?A=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&bidder=appnexus&uid=8343254669216575683
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 88D3 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=beec9f7c-bab7-46d9-b2e1-a84b64afadeb
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:44 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
cc4b1bc4-103d-43ba-a2be-27edbb3bf47b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ow.pubmatic.com/ Frame 88D3 		86 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=beec9f7c-bab7-46d9-b2e1-a84b64afadeb
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.123 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
content-length
86
content-type
image/png
setuid
pb-server.ezoic.com/ Frame 88D3 		86 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pb-server.ezoic.com/setuid?bidder=amx&uid=beec9f7c-bab7-46d9-b2e1-a84b64afadeb
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.161.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-161-46.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-length
86
vary
Origin
expires
0
setuid
prebid-server.rubiconproject.com/ Frame 88D3 		86 B
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=amx&uid=beec9f7c-bab7-46d9-b2e1-a84b64afadeb
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.73.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-73-141.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-encoding
gzip
expires
0
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame DF04 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1741865
vary
Accept-Encoding
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"607873db-c1ce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
72dce6697daa9aba-MIA
expires
Thu, 31 Dec 2037 23:55:55 GMT
rum
dsum-sec.casalemedia.com/ Frame 5C4E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&expiration=1660924724&gdpr=0&gdpr_consent=
43 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&expiration=1660924724&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce66a5b35b3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n853zIddEDMHab%2FAv50OoI9rt76p3n8d2P1NFXodRZTHqDmk122dJ%2FofrBXOF75E96Wa1anKZJFjbyM54nVtVpf2a4g%2FCynyxEggMndO%2F5jai6HCnjAg0hsrdm8heay9RuWNoxwlD53t6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&expiration=1660924724&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
usermatchredir
ssum-sec.casalemedia.com/ Frame 5C4E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEZ07hTTbsP-9lOcw0iabnw&google_cver=1
43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEZ07hTTbsP-9lOcw0iabnw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce66a6e140992-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EuGAwFL9nPF%2BqpVNI5rM6dyqFWF0olsVqnsAhM2o9YRL%2FN33MqwwpUGSP1rUo5IAQzZTl85YmeuigLgATpd6oaaJWOw1qQw2T6IOMtEMG8aU5qJgHlB%2BWzTViqnjFZecFZ%2BcAIqtyaOmKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEEZ07hTTbsP-9lOcw0iabnw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 5C4E 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:44 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
0KXNMYF24MB47FX9MW5G
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5C4E
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8343254669216575683
43 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8343254669216575683
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce66a7b85b3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0po98RDyzkV%2BPPpXlr0qbWHRD%2Bjn15IGT812BOCNiKndmBMEumjC6O9FjRnQTpnCsV2T1yJufJfBbMUKePuF55HoQobWsVmEHUrIWmSvvMpG4YXwsoJ45THontWVV77wgmcYaU5VF1MEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:44 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
2a73451a-3e4d-4838-91ff-4aa023f71670
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8343254669216575683
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum.casalemedia.com/ Frame 5C4E
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=17705b2f-6973-175a-722a3f64
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=17705b2f-6973-175a-722a3f64
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce66b7d790a1a-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9w3ZZM3Miq1LlhRw7RhVqgPDfpZqMsIzObIEw6dQ93zA1N%2BQD%2BmS4ArY413lmWVeOcfPG4pR1bkV6gfkLlmUu9q17GKwxXb6ToaATquKMd8WVkv14AeSBPgz4pAhqjE3ew4HZ6LM"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 20 Jul 2022 15:58:44 GMT
via
1.1 google
server
nginx/1.22.0
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=17705b2f-6973-175a-722a3f64
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
rum
dsum-sec.casalemedia.com/ Frame 5C4E
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YtgmLaNUKrapf3hd7CxpWwAA%26362
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=d297a475-8211-4841-8bbb-a8ce2d7a76bb-tuct9d1abb2
43 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=d297a475-8211-4841-8bbb-a8ce2d7a76bb-tuct9d1abb2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce66a7b79b3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAL10ltIVCocJtKkmrAzh94adbQrAyOmIFtJfe2MiwTS%2BvyaLTaGLJ8VooWnGMFgXdIxxIPTkskxCDQNHD4uhhfMG9aNyEuKRfkDExGS4wxEvVx1Aje6N6gp38e9INX3d7CZmyI2oztGoA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=d297a475-8211-4841-8bbb-a8ce2d7a76bb-tuct9d1abb2
date
Wed, 20 Jul 2022 15:58:44 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68227
rum
r.casalemedia.com/ Frame 5C4E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D24...
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&gdpr=0&gdpr_consent=&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D24...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&gdpr=0&gdpr_consent=
43 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce66c39086db6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=teHmpB9LvAbOsciYrU7mGGxmO81%2BiTeBkT3RymGjzeFgdDKayLyTo3PDp6e8O8XDX9wIKkSOmogT%2F%2FjVyHTexZi%2BDZeBbuaR9AzQ04a%2B3hz1oPvyhq%2B4jvnaUHMfQYTuUGXP"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&gdpr=0&gdpr_consent=
date
Wed, 20 Jul 2022 15:58:45 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
crum
dsum-sec.casalemedia.com/ Frame 5C4E
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-a8519086-127d-4882-b755-945c81c159db
43 B
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-a8519086-127d-4882-b755-945c81c159db
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce66afc84b3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYJDAywJ750C0TnBWv5Kv%2BmK5ZbEpc%2Fv2HOoXetgBIcAISNVbX%2F5eCiXpKO0ZO9qxAV7TMGfAnTGcqgrQ1R0NNmqLedU3a5tbwOxkx70XI5CppS8mvDSTZuWPtD2NRXQFX3O%2FO%2FROCfMCw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-a8519086-127d-4882-b755-945c81c159db
date
Wed, 20 Jul 2022 15:58:44 GMT
server
Apache-Coyote/1.1
content-length
0
setuid
sync.quantumdex.io/ Frame 5C4E 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce669c97f6dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame 5CF1 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=72321122&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
1a47d2692213d973fb09aceb9122bf77a2bfd3c2cb5f78fc27455937bd5bb323

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
74e9428b96a1e5e0156f1d5959b8fe8b.svg
s0.2mdn.net/sadbundle/12012745418877302203/media/ Frame 395B 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12012745418877302203/media/74e9428b96a1e5e0156f1d5959b8fe8b.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12012745418877302203/ae008513ce41bae6ed8eb085c3a71631.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e681d6365415cf8330fea21c1ed612e92fc63d64aeaa0277100dae9f0bb37ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12012745418877302203/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 22:03:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64544
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4009
x-xss-protection
0
last-modified
Tue, 24 May 2022 07:43:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 19 Jul 2023 22:03:00 GMT
css
fonts.googleapis.com/ Frame 395B 		4 KB
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700|Roboto:NaN
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12012745418877302203/ae008513ce41bae6ed8eb085c3a71631.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 14:11:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 20 Jul 2022 15:58:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Jul 2022 15:58:44 GMT
74e9428b96a1e5e0156f1d5959b8fe8b.svg
s0.2mdn.net/sadbundle/4174954331676773194/media/ Frame 2B78 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4174954331676773194/media/74e9428b96a1e5e0156f1d5959b8fe8b.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4174954331676773194/ae008513ce41bae6ed8eb085c3a71631.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2006 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e681d6365415cf8330fea21c1ed612e92fc63d64aeaa0277100dae9f0bb37ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4174954331676773194/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 18 Jul 2022 22:08:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150588
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4009
x-xss-protection
0
last-modified
Tue, 24 May 2022 07:44:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 18 Jul 2023 22:08:56 GMT
css
fonts.googleapis.com/ Frame 2B78 		4 KB
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700|Roboto:NaN
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4174954331676773194/ae008513ce41bae6ed8eb085c3a71631.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 20 Jul 2022 14:19:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 20 Jul 2022 15:58:44 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 20 Jul 2022 15:58:44 GMT
YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FC5F 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:357b:502f:f800:1eb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
rum
dsum-sec.casalemedia.com/ Frame FC5F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2394348841350322825
43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2394348841350322825
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce66b4d1db3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0URiPKTLoHbR8k%2FKuwx%2F%2B7McXQyLBPCrOqPRn3okEopWPs1J4gTLD0dqClJ3QctKR0eFlmrQXyiJhd1i5%2BMmvwlB1VtlkkRMLfPgZrYwy6afcIJOHnAvjJ3mgwVsMFoRqCaIueRblYkjSA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2394348841350322825
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame FC5F
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABXF07FsEwAABBUGzwKHw&expiration=1659542324
43 B
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABXF07FsEwAABBUGzwKHw&expiration=1659542324
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce66afc82b3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRvJFvbVAAz5Y3r0wwshj9WTD8WqO6nZUey%2BQ5S966fwDBt3Hqobso7NDZgLUGjSK7iuQ%2FEXPtwp8JKFVnNy%2FGhO1uhSzKLAq60fO5x1BtOj4OtW4%2FXxEGSUVs7gr2kMIMaqyzD9ceV1ig%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABXF07FsEwAABBUGzwKHw&expiration=1659542324
Date
Wed, 20 Jul 2022 15:58:44 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
crum
dsum-sec.casalemedia.com/ Frame FC5F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=0be862d8-2632-4700-b4a9-ffbbf32e26e2
43 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=0be862d8-2632-4700-b4a9-ffbbf32e26e2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce66b0c91b3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlmiWSdVN04Bl4yrtOvICrngFJspyjmFiQ75bPKsqm2qETKIhL8kPJg6fgMv9MO5wVCVQ5k%2FyzIHqochDgJ4vNkTyM6I4YBLozGXqEvn47DdXbg1o5EaE0BnSWk7GyuafBbtluactFuMJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Wed, 20 Jul 2022 15:58:44 GMT
Server
MT3 4475 c1dc35a master ord-pixel-x48 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=0be862d8-2632-4700-b4a9-ffbbf32e26e2
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 20 Jul 2022 15:58:43 GMT
crum
dsum-sec.casalemedia.com/ Frame FC5F
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7116191251797004622&uid=Q7116191251797004622&ref=%2Feucm%2Fp%2Fcc
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7116191251797004622
43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7116191251797004622
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce66d59bdb3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JJ7m29JR315QhjsdHqz3NT7YHzeLH0CP4A6ZO0z6I8xB6jKPOE0tmZFx%2Fc%2F%2BVlfsMpLnbjoiB7McnGMsP4KVv9vTmeNK399BqtjFpSh2qQSxaktaNTqAEgO7YrW21KUYEeY%2FfX43Ytc8Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Wed, 20 Jul 2022 15:58:45 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7116191251797004622
Cache-Control
max-age=82457
Connection
keep-alive
Content-Type
text/html
Content-Length
154
crum
dsum-sec.casalemedia.com/ Frame FC5F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662294236259296
43 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662294236259296
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce66cafdcb3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11E7y6HX%2F0qbgZw%2BNqBSw1vht3j6t7sO6YHPCwsZmW57ZI4dat7ib4b8ivcTrHQB3dRDoMcgU1xda6a4s1Snt2423Un159%2Bq1VWFTghXldhDXWDx1ttXqjApAXu848Sp5EO3y5Kalk4uNg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
278
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
72dce66bff256dd1-MIA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662294236259296
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FC5F
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YtgmLaNUKrapf3hd7CxpWwAA%26362
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=d297a475-8211-4841-8bbb-a8ce2d7a76bb-tuct9d1abb2
43 B
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=d297a475-8211-4841-8bbb-a8ce2d7a76bb-tuct9d1abb2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce66b0c94b3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pD8zEaNXJEXlK2Ljmwo1%2FsoFG3oN21to%2BdRjYQNHlksiJzwCyMrMzR02JVUDVuz3pQUbbd1Tim%2F5fJS%2F59hrTf%2FQIwySEbgwfSuKVYiDeGkaK8HhfLVpvrG9Al0jf3Yd2UChzflzFpRDiA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=d297a475-8211-4841-8bbb-a8ce2d7a76bb-tuct9d1abb2
date
Wed, 20 Jul 2022 15:58:44 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
68214
crum
dsum-sec.casalemedia.com/ Frame FC5F
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=9bb5ef69-c55a-43cd-a3cc-6cb8786e57a8
43 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=9bb5ef69-c55a-43cd-a3cc-6cb8786e57a8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce66c1e91b3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dDiDyMBHWp3bFY8js7jppfVR6UmCODAgtfeVHvaDX8hilv6yZv3p5gUkTdwodS6EcXu97TGra78TXUa%2B9fj8Q4LuEBBb6XTsTIXmZIpumTye0fkjUWjaVBh8LrZ%2FegeP%2FhxTTrUQ68gwtw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:45 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=9bb5ef69-c55a-43cd-a3cc-6cb8786e57a8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
setuid
sync.quantumdex.io/ Frame FC5F 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66a9ac66dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame CB10
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB
43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
2600:1f18:4e9:5a02:357b:502f:f800:1eb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB
date
Wed, 20 Jul 2022 15:58:44 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame CB10
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YtgmOQAAU7NeMQAK
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YtgmOQAAU7NeMQAK&_test=YtgmOQAAU7NeMQAK
43 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YtgmOQAAU7NeMQAK&_test=YtgmOQAAU7NeMQAK
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce6882f16b3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c7jpdSyfDfpnCjQzKS%2BgJ75S7e2AoPwLPQmP8tivKHlu9VDd4P2BurpsDSAF2jBZf5nW1a5Znn6oWaJU76hztTAy%2BFDlSrErNfsQwD2hBsH79tKyTOUV5c5tdVMrplX9KWtnAXiLgiieaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:49 GMT
via
1.1 varnish
server
Varnish
x-timer
S1658332730.585062,VS0,VE0
x-served-by
cache-mia11381-MIA
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YtgmOQAAU7NeMQAK&_test=YtgmOQAAU7NeMQAK
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum.casalemedia.com/ Frame CB10
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=1138f0428a541202&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGZoj4_ebmwgNtU14aAAAAAAA&expiration=1658419125&is_secure=true
43 B
937 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGZoj4_ebmwgNtU14aAAAAAAA&expiration=1658419125&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce66cc85f21f4-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ELy87zozgtobhofyesZCK23RF6FEx4fLa%2FinK%2BPCbeWmtMSo08Sr3xJna4viwr40d%2FSXPSfxcfOnmw5Cz%2Bm1Gw%2FQ0l1WH0vvAupfGOIj4yL0g81K%2F2fQuOi9MPKwgZivnpR8XEym"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGZoj4_ebmwgNtU14aAAAAAAA&expiration=1658419125&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame CB10
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=uv15_L75L6ChqiXw6qkwoen5fPyh9n716KlbO8My
43 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=uv15_L75L6ChqiXw6qkwoen5fPyh9n716KlbO8My
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce66b0c8bb3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uo4sRLcCC%2FM5j49eIZhTtLFNxO6NuH4UMq8ZCtqBtroZrFuR2ynBT3KlEqSdJlXK5PP2gAGwy2f4tiTDVOEt4YItn30K7fIxksltdxW8t4%2BjtbhpTnuxTcs%2FZ33i1qmVBJ7T9ZMepuSFjA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=uv15_L75L6ChqiXw6qkwoen5fPyh9n716KlbO8My
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame CB10
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=jafXLkYk1Oec615
43 B
907 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=jafXLkYk1Oec615
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce66c9f95b3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POz2hENs4zjvvUyAWCpC5W299Go6thh2xT6xkzBBL65bs0kk7gR9HN1hr5u3a74HKay8n6Uc9vEIxUtdpbHgEFOmATIByYDUfzkM9hOInChj3NoPuZi%2BfGv4ULkpCG7nLXdSxh6Z4Z%2BM6w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:44 GMT
Server
PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0f6ea45f77a7a1bdb@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=jafXLkYk1Oec615
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
113
match.deepintent.com/usersync/ Frame CB10 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
server
a
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
crum
dsum.casalemedia.com/ Frame CB10
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8343254669216575683
43 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8343254669216575683
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce66b7d7c0a1a-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTTDYi1OC5MByU1uOvXymBfnvDTvi38JIJBDJRbro1njYAo0Um56Eg1OY5YpgjLt45j0TxFgJ0AaTDtBgdxeW0lI5G%2FB6kNw15R9%2BIqPTVJAb8vOoufWBzrMGvmYMOtTK3XXRgea"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:44 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
8e5c2102-aece-4970-8a05-866b36630fd2
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8343254669216575683
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame CB10 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66a9acc6dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 23C3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB
43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
2600:1f18:4e9:5a02:357b:502f:f800:1eb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB
date
Wed, 20 Jul 2022 15:58:44 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 23C3
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=YtgmOgAAVEhvqAAK
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YtgmOgAAVEhvqAAK&_test=YtgmOgAAVEhvqAAK
43 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YtgmOgAAVEhvqAAK&_test=YtgmOgAAVEhvqAAK
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce68f1b94b3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwx0C49Qn8jIrXhByBauDyDEvem8vZVgASfrbHC6zTIiKzzo10P%2BmucZRpISQBinTT1Y47ouGQdVW3%2BMCy2StSj4vY25uARC76VIS91ov9CAA5DDytCwpr%2BjKulWlgp1lHOqiSKvir%2BQuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:50 GMT
via
1.1 varnish
server
Varnish
x-timer
S1658332731.698777,VS0,VE0
x-served-by
cache-mia11381-MIA
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YtgmOgAAVEhvqAAK&_test=YtgmOgAAVEhvqAAK
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum.casalemedia.com/ Frame 23C3
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=38cbc1792c991201&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGZoj4_ebmxQNB-cuWAAAAAAA&expiration=1658419125&is_secure=true
43 B
900 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGZoj4_ebmxQNB-cuWAAAAAAA&expiration=1658419125&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce66ce89a21f4-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FxQtvk%2B4TX07fkDCsAUiKhpGthXukf8EzP7eHCqBPr2ywph%2F88Fm4FY6JKcLxfRmM74PSaFrAI4VFEjCklAqq4u2zVpLS8BJhXpB2LucLRTgAFuf61EF98TBA7fSAw9%2F3S9NKVi"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGZoj4_ebmxQNB-cuWAAAAAAA&expiration=1658419125&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame 23C3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8424493705991858542&expiration=1659542324
43 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8424493705991858542&expiration=1659542324
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce66b7d5bb3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z1VW%2BgBAH7yGofMJAt9pg7PDySTGUdQxm%2BZS0yjEHiowCUUYFo%2BxUOWQfKFhDYTVAWseyHmkxmBlo0pZmBzIwaaW11r%2FguuqOqNWGhIbQcYTdTVTD2%2BTeRpBnSIm0fUrmHZudQA15ZeucQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8424493705991858542&expiration=1659542324
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 23C3
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0424DC42359B4A23A341971B284D6076
43 B
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0424DC42359B4A23A341971B284D6076
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce66afc80b3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=osrF5BiwLsq3Kt6va0rNul%2BABVGgBLFCCQnUX4%2F2mlr7UmwiDKdZPCOB4xqiwEEL2lqFS1dwevhG%2BSQfSlXEM3GXebAPCrAMzZwFS5%2BFQTzyGVkdiIeDT1SHprtg%2FAJZsKa1sWp2s%2Bjkmg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 20 Jul 2022 15:58:44 GMT
x-content-type-options
nosniff
server
openresty
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=0424DC42359B4A23A341971B284D6076
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 19 Jul 2022 15:58:44 GMT
rum
r.casalemedia.com/ Frame 23C3
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://tags.bluekai.com/site/17724?id=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&redir=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3Deaafd2ac-3bea-4dab-a914-3...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&gdpr=0&gdpr_consent=
43 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce66c39096db6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D76tr8eidP01%2BV20PZVJcClXiwNuhJ7x%2FnU8lp5dwWUoAdVlB2Gn%2BMFYFKj0hz%2Bxl%2BcEFDYNFzGCMvYY5wKPCCp%2F48C%2FVfoknm3zEZ9%2FAfQlC80jCQCU9tczB73G4YboX%2FXz"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&gdpr=0&gdpr_consent=
date
Wed, 20 Jul 2022 15:58:45 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
crum
dsum-sec.casalemedia.com/ Frame 23C3
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=a7e1e7d8-2c6b-41cb-9097-33166d94dd4f
43 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=a7e1e7d8-2c6b-41cb-9097-33166d94dd4f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce66c2ebdb3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0a6JMC10Qp5psgZc7bowdej7qHNTJa2hPn06zOqsQTPsuusgYgRSQgCgOnQOJlxssm6KDSGvIXYJW4eY0sy2YPP887%2FMEOurQ11ciz%2FIJmY5%2FJX3o0GoX6iGHyLy5EhPT1bgNE98Bigzvg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:45 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=a7e1e7d8-2c6b-41cb-9097-33166d94dd4f
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
rum
dsum.casalemedia.com/ Frame 23C3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=622885e8-69bc-4dce-b7b7-33df6ad940af&ssp=index&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10593873702528322555&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=72b09538-e154-472b-9fb0-46549e06af35&ssp=index&gdpr_consent=&gdpr=
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10593873702528322555&ssp=index&gdpr=&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=212530604218008341753&ssp=index&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10593873702528322555&ssp=index&gdpr=&gdpr_consent=
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=622885e8-69bc-4dce-b7b7-33df6ad940af
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=622885e8-69bc-4dce-b7b7-33df6ad940af
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce66d799a21f4-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X2PJB09w0yMTPk0gu5zWczN0PeCCmzTTIyD5mkVdzm2snAVQwtMTNnGSxGm6LyApy6Kxl3vOCXMd12Bh6Hu5jwJlnGbiihHIkbFKN0cX5P0M6GKuvELCm7jdsJXgA8EOBTabHmLo"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=622885e8-69bc-4dce-b7b7-33df6ad940af
Date
Wed, 20 Jul 2022 15:58:45 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 23C3 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
72dce66a9ace6dc7-MIA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
view.gif
tk.airfrance.fr/v/ Frame 3371 		43 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tk.airfrance.fr/v/view.gif?esvid=A50153&wiz_medium=DSP&wiz_source=APP&wiz_campaign=357830769&wiz_content=US_US_BAN_CNV_Structural2021_%2F%2FPROSPECTING&wiz_term=269236180&esvvid=6e6b3b6c62d82633&esvc=1&esvisc=1&esvf=1&esvsf=0&esvrsl=1600x1200&esvwinrsl=1800x1100&esvaddim=300x250&esvadlt=0x0&esvadrb=0x0&esvadz=10000&esvview=100&esvfocus=1&esvviewts=1051&esvpub=https%3A%2F%2Fwww.hawtcelebs.com%2F&esvads=https%3A%2F%2Fs0.2mdn.net%2Fsadbundle%2F5561583005601304477%2F300x250%2Findex.html%3Fe%3D69%26leftOffset%3D0%26topOffset%3D0%26c%3D7LBQGtbvhf%26t%3D1%26renderingType%3D2%26ev%3D01_247&esvsts=2022-07-20T15%3A58%3A43%2B00%3A00&esvr=0.30270754623699214&esvlv=1&esvtv=1&esvts=1658332724849&esvtid=13
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.185.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-185-21.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
cache-control
no-cache, no-store, must-revalidate
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
content-length
43
p3p
CP="NON DSP COR ADM PSA IVA OUR STP NAV"
cs&eq_cc=1
um2.eqads.com/um/ Frame 8E32
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.92.187 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-92-187.compute-1.amazonaws.com
Software
/
Resource Hash
93e6bf14a3094ee4490d6db6a5da15abf597d9cd3766de773cff9967edcf250d

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, must-revalidate
content-length
186
content-type
text/html; charset=utf-8
date
Wed, 20 Jul 2022 15:58:45 GMT
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Wed, 20 Jul 2022 15:58:45 GMT
pragma
no-cache

Redirect headers

content-length
41
content-type
text/html; charset=utf-8
date
Wed, 20 Jul 2022 15:58:45 GMT
location
/um/cs&eq_cc=1
drop_cookie_sw.php
csync.smilewanted.com/ Frame 8E24 		0
353 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/?us_privacy=1---
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72dce66aafd49aba-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 15:58:45 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
c7821dd282fafbbf98d2ebe5f9b7ebf
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame EA2A
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/c7821dd282fafbbf98d2ebe5f9b7ebf
0
565 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/c7821dd282fafbbf98d2ebe5f9b7ebf
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72dce66d0c219aba-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 15:58:45 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Jul 2022 15:58:45 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/c7821dd282fafbbf98d2ebe5f9b7ebf
Pragma
no-cache
Server
nginx
x-sticky-vk
1658332725233091-306
match
c1.adform.net/serving/cookie/ Frame 273A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.49 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Wed, 20 Jul 2022 15:58:45 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Wed, 20 Jul 2022 15:58:44 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 500C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YtgmOgAAU8BlUwAK&gdpr=0&gdpr_consent=&_test=YtgmOgAAU8BlUwAK
1 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YtgmOgAAU8BlUwAK&gdpr=0&gdpr_consent=&_test=YtgmOgAAU8BlUwAK
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 20 Jul 2022 15:58:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Wed, 20 Jul 2022 15:58:50 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YtgmOgAAU8BlUwAK&gdpr=0&gdpr_consent=&_test=YtgmOgAAU8BlUwAK
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-mia11381-MIA
x-timer
S1658332731.585347,VS0,VE0
setuid
prebid.a-mo.net/ Frame F0FD
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AABXF07FsEwAABBUGzwKHw&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsyn...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp,pm&bee_sync_current_partner=syn&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABXF07FsEwAABBUGzwKHw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dbeec9f7c-bab7-46d9-b2e1-a84b64afadeb%26bidder%3Dpubmatic%26uid%3DCAC5EC0D-09F2-4CA3-8675-3FE...
  • https://prebid.a-mo.net/setuid?A=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&bidder=pubmatic&uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/setuid?A=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&bidder=pubmatic&uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Wed, 20 Jul 2022 15:58:45 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1

Redirect headers

cache-control
no-store, no-cache, private
date
Wed, 20 Jul 2022 15:58:43 GMT
location
https://prebid.a-mo.net/setuid?A=beec9f7c-bab7-46d9-b2e1-a84b64afadeb&bidder=pubmatic&uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
sync
x.bidswitch.net/ Frame DE4B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0be862d8-2632-4700-b4a9-ffbbf32e26e2&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8343254669216575683&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=703585345dd11202&is_secure=true&networkId=17100&version=1&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGZoj4_ebm5AMa96cdAAAAAAA&expiration=1658419125&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=622885e8-69bc-4dce-b7b7-33df6ad940af&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10593873702528322555&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=72b09538-e154-472b-9fb0-46549e06af35&ssp=pubmatic&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10593873702528322555&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=212530604218008341753&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10593873702528322555&ssp=pubmatic&gdpr=0&gdpr_consent=
0
0
setuid
sync.quantumdex.io/ Frame B6CF 		43 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
72dce66adb2c6dc7-MIA
content-length
43
content-type
image/gif
date
Wed, 20 Jul 2022 15:58:44 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5CF1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ysXsDQnyTKOGdT_qzu-nBw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
23.64.60.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=141999
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Fri, 22 Jul 2022 07:25:24 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
pippio.com/api/ Frame 5CF1
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
  • https://pippio.com/api/sync?pid=5324&it=1&iv=a68443732b33ad89de2329782d42a8c2973545e0221cfa8f0c829fc0103c6b59791426b5417dce21&_=2
  • https://p.adsymptotic.com/d/px/?_pid=16257&_psign=5a9f251662be469b9732c38b03f11952&_redirect=https%3A%2F%2Fpippio.com%2Fapi%2Fsync%3Fpid%3D710202%26it%3D1%26iv%3D%24%7BUUID%7D&_rand=09185060
  • https://pippio.com/api/sync?pid=710202&it=1&iv=d375acd134b0e7d4bd75d240d92f5c58
42 B
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?pid=710202&it=1&iv=d375acd134b0e7d4bd75d240d92f5c58
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H3
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 20 Jul 2022 15:58:45 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP='NON DSP COR CONi OUR BUS CNT'
location
https://pippio.com/api/sync?pid=710202&it=1&iv=d375acd134b0e7d4bd75d240d92f5c58
cf-ray
72dce66bf81f9ac0-MIA
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame 5CF1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=0be862d8-2632-4700-b4a9-ffbbf32e26e2
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=0be862d8-2632-4700-b4a9-ffbbf32e26e2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
104.36.113.24 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 20 Jul 2022 15:58:45 GMT
Server
MT3 4475 c1dc35a master ord-pixel-x52 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=0be862d8-2632-4700-b4a9-ffbbf32e26e2
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 20 Jul 2022 15:58:44 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 5CF1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEELjQeFb8DKxb4mvpUSQ3dM&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8343254669216575683&gdpr=0&gdpr_consent=
42 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8343254669216575683&gdpr=0&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 04:29:16 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:45 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
c6adf3f2-4121-4ebe-a8c9-2c4fa1e4c5fc
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8343254669216575683&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 5CF1
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:0424DC42359B4A23A341971B284D6076
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8343254669216575683&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=4fdcaaeb87851201&is_secure=true&networkId=17100&version=1&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGZXgfzA2oFwMGXSdEAAAAAAA&expiration=1658419125&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
104.36.113.35 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Wed, 20 Jul 2022 15:58:45 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 5CF1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2394348841350322825&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8343254669216575683&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=39941439f3791204&is_secure=true&networkId=17100&version=1&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGZdMS3IfxtANNwJuaAAAAAAA&expiration=1658419125&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&gdpr=0&gdpr_consent=
42 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&gdpr=0&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 5CF1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8343254669216575683&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=67dd02cfc8c1201&is_secure=true&networkId=17100&version=1&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGZdMS3IfxswMCDfVuAAAAAAA&expiration=1658419125&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=622885e8-69bc-4dce-b7b7-33df6ad940af&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ss...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=pubmatic&user_id=_JBcesLY840jSodcXU_f0
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=622885e8-69bc-4dce-b7b7-33df6ad940af&gdpr=&gdpr_consent=&gdpr_pd=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eXXbsn1xje5iIoe-KSGS7ypx3rJifty7KyH8VjXf
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
104.36.113.35 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Wed, 20 Jul 2022 15:58:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 5CF1 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707?gdpr=0&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:357b:502f:f800:1eb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 5CF1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-id9NoZ1E2uUltVsLuSRMjZt41hupBks-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-id9NoZ1E2uUltVsLuSRMjZt41hupBks-~A&gdpr=0&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
104.36.113.24 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 09:37:32 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-id9NoZ1E2uUltVsLuSRMjZt41hupBks-~A&gdpr=0&gdpr_consent=
date
Wed, 20 Jul 2022 15:58:44 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 5CF1
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=d3832960-0844-11ed-8d4b-7527f8cc64c7&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8343254669216575683&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=17624f3458301204&is_secure=true&networkId=17100&version=1&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGZi4F71Of9gMRKE-1AAAAAAA&expiration=1658419125&nuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://t.pswec.com/bsw_sync?ssp=pubmatic&bsw_user_id=622885e8-69bc-4dce-b7b7-33df6ad940af
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=pubmatic&bsw_user_id=622885e8-69bc-4dce-b7b7-33df6ad940af
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=35120cf5-4a57-4f6a-9b56-b02358b19330&expires=3&user_group=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=622885e8-69bc-4dce-b7b7-33df6ad940af&gdpr=&gdpr_consent=&gdpr_pd=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eXXbsn1xje5iIoe-KSGS7ypx3rJifty7KyH8VjXf
0
0
usync.js
eus.rubiconproject.com/ Frame 16ED 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
917989d44c7b47139b83cb4be3f5a786c1635d8fb70f58c60cf356eadd60f584

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:44 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74165
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9451
Expires
Thu, 21 Jul 2022 12:34:49 GMT
l5vyLtLLbMx5GDYxrFdU
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 5947
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://creativecdn.com/cm-notify?pi=smilewanted&tc=1
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/l5vyLtLLbMx5GDYxrFdU?pi=smilewanted&tc=1
0
457 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/l5vyLtLLbMx5GDYxrFdU?pi=smilewanted&tc=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72dce66e8eec9aba-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 15:58:45 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 20 Jul 2022 15:58:45 GMT Wed, 20 Jul 2022 15:58:45 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/l5vyLtLLbMx5GDYxrFdU?pi=smilewanted&tc=1
pragma
no-cache
setuid
ib.adnxs.com/prebid/ Frame 5CF9
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D0%26gdpr_consent%3D%...
  • https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=e3a1798ec708f153e293dd67c43f5aac
43 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=e3a1798ec708f153e293dd67c43f5aac
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

AN-X-Request-Uuid
e4e68015-0529-4671-b7c0-9b34ef54b3ed
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Wed, 20 Jul 2022 15:58:45 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72dce66b59159aba-MIA
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 15:58:45 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://ib.adnxs.com/prebid/setuid?bidder=smilewanted&gdpr=0&gdpr_consent=&f=i&uid=e3a1798ec708f153e293dd67c43f5aac
server
cloudflare
usync.js
eus.rubiconproject.com/ Frame 6CBA 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
917989d44c7b47139b83cb4be3f5a786c1635d8fb70f58c60cf356eadd60f584

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74164
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9451
Expires
Thu, 21 Jul 2022 12:34:49 GMT
usync.js
eus.rubiconproject.com/ Frame 6F2B 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
917989d44c7b47139b83cb4be3f5a786c1635d8fb70f58c60cf356eadd60f584

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74164
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9451
Expires
Thu, 21 Jul 2022 12:34:49 GMT
connectmyusers.php
cdn.connectad.io/ Frame 61CA 		1 KB
910 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72dce66c394e09c2-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 15:58:45 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 31D8 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.4.226.82 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-226-82.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
917989d44c7b47139b83cb4be3f5a786c1635d8fb70f58c60cf356eadd60f584

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:45 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Jul 2022 20:44:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74164
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9451
Expires
Thu, 21 Jul 2022 12:34:49 GMT
setuid
ss-pbs.quantumdex.io/ Frame 16ED
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=pbs-valueimpression&gdpr_consent=undefined&gdpr=0&khaos=L5TSHGLI-U-ECYW
  • https://sync.quantumdex.io/setuid?bidder=rubicon&uid=L5TSHGLI-U-ECYW&gdpr=0&gdpr_consent=undefined
  • https://ss-pbs.quantumdex.io/setuid?bidder=rubicon&gdpr=0&gdpr_consent=undefined&us_privacy=&f=&uid=L5TSHGLI-U-ECYW
86 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ss-pbs.quantumdex.io/setuid?bidder=rubicon&gdpr=0&gdpr_consent=undefined&us_privacy=&f=&uid=L5TSHGLI-U-ECYW
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
H2
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
cf-ray
72dce66cedea6dc7-MIA
expires
0

Redirect headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
location
https://ss-pbs.quantumdex.io/setuid?bidder=rubicon&gdpr=0&gdpr_consent=undefined&us_privacy=&f=&uid=L5TSHGLI-U-ECYW
cf-ray
72dce66c5cf76dc7-MIA
content-length
43
1278341628099599906
csync.smilewanted.com/set_partner_userid_get/smart/ Frame 0F43
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
  • https://csync.smilewanted.com/set_partner_userid_get/smart/1278341628099599906
0
381 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smart/1278341628099599906
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72dce66cebbf9aba-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 15:58:45 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Wed, 20 Jul 2022 15:58:45 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/smart/1278341628099599906
crum
dsum-sec.casalemedia.com/ Frame 8E32 		43 B
914 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=3a47d2e6-bada-4d03-8fba-97521d60631d&expiration=1666281525
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce66c2ec1b3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OS0iKSm7eqOLxuf7duccOGTntV8M%2FLbFVfTkXQplrf%2BL%2F6ry0HNgWPmfd4F6BArnQe%2B5%2FyHFwX%2FLQtHcfE1%2F%2BwvRnnArTuZ0cIK6OzwZzG7gnsqFAvb3uog5MmSuaEgSQ0NYmu1iq2RjJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0
dd6578ab-4ece-4f4b-acad-7973cbec3b22&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 2C70
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://ice.360yield.com/ul_cb/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/%7BPUB_USER_ID%7D&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/dd6578ab-4ece-4f4b-acad-7973cbec3b22&partner_id=1010
0
409 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/dd6578ab-4ece-4f4b-acad-7973cbec3b22&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72dce66ddd929aba-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 15:58:45 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Wed, 20 Jul 2022 15:58:45 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/dd6578ab-4ece-4f4b-acad-7973cbec3b22&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
L5TSHGLI-U-ECYW
csync.smilewanted.com/set_partner_userid_get/rubicon/ Frame 38FE
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/L5TSHGLI-U-ECYW?gdpr=0
0
382 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rubicon/L5TSHGLI-U-ECYW?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72dce66cfbdb9aba-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 15:58:45 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/rubicon/L5TSHGLI-U-ECYW?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 16ED
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=DQhm-5QlRbOF-6BdYK3oJA&rk=usync-na&gdpr=0
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DQhm-5QlRbOF-6BdYK3oJA&gdpr=0
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DQhm-5QlRbOF-6BdYK3oJA&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:45 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Q1Q9F270GGRZYCCX9WDV
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=DQhm-5QlRbOF-6BdYK3oJA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f72efbd84733ea5ba734e4e8fe0395a3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 16ED 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:45 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
E7TN78W5E14YVS797XWA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 16ED
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/Q1_0uBfSD3MUrSqFA4nAQA?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7960772438800116324
42 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7960772438800116324
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
9e7742894a018a40b59a2ed2117c85b5
Content-Type
image/gif

Redirect headers

date
Wed, 20 Jul 2022 15:58:45 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7960772438800116324
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame 16ED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBnD93vFxncoKI2N3-bYSo8&google_cver=1
42 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBnD93vFxncoKI2N3-bYSo8&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
78008fe701b681dce86a72fc23cacc40
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEBnD93vFxncoKI2N3-bYSo8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 16ED
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVUU0hHTEktVS1FQ1lX&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVUU0hHTEktVS1FQ1lX&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVUU0hHTEktVS1FQ1lX&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8eb2d9eeed9b9c468975d0ba24565e5b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 16ED
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&gdpr=0&gdpr_consent=&expires=30
42 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
9a0c641c0479142b55591fdf2031b15f
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
esync
token.rubiconproject.com/ Frame 16ED
Redirect Chain
  • https://id.rlcdn.com/709414.gif?gdpr=0
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Wed, 20 Jul 2022 15:58:45 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 16ED
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzIxNDllN2EzOTE3YTJhOWIxMGZhNTBlYTAyMDFiNzdmZTg3MGU3Yg&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzIxNDllN2EzOTE3YTJhOWIxMGZhNTBlYTAyMDFiNzdmZTg3MGU3Yg&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol
H3
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzIxNDllN2EzOTE3YTJhOWIxMGZhNTBlYTAyMDFiNzdmZTg3MGU3Yg&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78008fe701b681dce86a72fc23cacc40
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7853 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.60.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=141999
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 15:58:45 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 22 Jul 2022 07:25:24 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
YtgmLaNUKrapf3hd7CxpWwAA%26362
csync.smilewanted.com/set_partner_userid_get/indexexchange/ Frame B86D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193216&cb=https://csync.smilewanted.com/set_partner_userid_get/indexexchange/
  • https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YtgmLaNUKrapf3hd7CxpWwAA%26362
0
520 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YtgmLaNUKrapf3hd7CxpWwAA%26362
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72dce66dbd479aba-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 15:58:45 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
72dce66d2a2a0992-MIA
content-length
0
date
Wed, 20 Jul 2022 15:58:45 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
location
https://csync.smilewanted.com/set_partner_userid_get/indexexchange/YtgmLaNUKrapf3hd7CxpWwAA%26362
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yTyvu2%2Bnruyq3NY5Fw0ABH5or%2BtEMD%2Fz3zqUasW3BOrTfzEok2mgqPWZvdhuTGAhFL%2BQMS8jm07zENSCxrwcWjLENUySdt1b%2F%2FgTVwcy%2FSse32mYqR%2FYA4Lfj6Nttwn8qkzFl%2F%2FYPOlGiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
img.fetch
udmserve.net/udm/ 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=6;cb=211df84c4e5909c2;trigger=public_reload;refresh=2;trigger=ref_aft_def_standard;
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b76cd40f0063087fdb3a1431f3aef8475b1ab1dbf2df538e344924ac18e0e8b8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:45 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Type
application/x-javascript
Expires
0
1
sync-eu.connectad.io/syncer/ Frame 3B7D 		5 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07baef112fe117c0bb81aaba1ec7aa2245c19625ba7b9d51f30fa75ae50bddf8

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status
DYNAMIC
cf-ray
72dce66d8ba809c2-MIA
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 20 Jul 2022 15:58:45 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
server
cloudflare
vary
Accept-Encoding
via
1.1 google
d5baf2a2-0844-11ed-8cf7-1f45e0b00203
csync.smilewanted.com/set_partner_userid_get/spotx/ Frame 9867
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=178357&redir=https://csync.smilewanted.com/set_partner_userid_get/spotx/$SPOTX_USER_ID&__user_check__=1&sync_id=d5baf2fb-0844-11ed-8cf7-1f45e0b00203
  • https://csync.smilewanted.com/set_partner_userid_get/spotx/d5baf2a2-0844-11ed-8cf7-1f45e0b00203
0
431 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/spotx/d5baf2a2-0844-11ed-8cf7-1f45e0b00203
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/?us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72dce66f1fe29aba-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 15:58:45 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
false
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/plain
date
Wed, 20 Jul 2022 15:58:45 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/spotx/d5baf2a2-0844-11ed-8cf7-1f45e0b00203
x-fe
357
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:45 GMT
server
ATS/9.1.0.46
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 20 Jul 2022 15:58:45 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		130 B
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.hawtcelebs.com%2F&pid=g95TCzhgOhGcR&cb=4&ws=1600x1200&v=8.1.0&t=1000&slots=%5B%7B%22sd%22%3A%22vi_7872651_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_7872651_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C63%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.109.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-109-24.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
a87131327ab11d202042ed3da6a4474dab3c4fc7557a9b31e874da3060f4fd6f
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
via
1.1 749177a97cae42477f22c33c927ca0ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
x-amz-rid
A9YD4HC74VZY40WQKN3V
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
130
x-amz-cf-id
01gSd6RfxJIPnigipQplI9u2EjPaBoezZuZKdLrizgci-cNqgYQmTw==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzdNYTKwTKea-wyYw-PTaM-qUTU-ratyYrBrrtweRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNKYUZTRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1baXh2X%2Bmp%2BAP23jzun3P%2F6D4vMStN6qpVg6fEfdSEjMyXXmsQlP9ZmfG69cbhwv%2B%2B0LRmRcPXJGf5FdzlLlZLbPV0yDnQg%2B%2Fp8zkSd1TSqtaD6evOWNl2G505XMkR%2BDdasOIb3LR0KHnrI%2Ba1Zvvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce66dba349acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzdNaAaMeqyr-PZZM-PKAT-aUMU-BBteMqKMqTKPRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNKYUZTRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXg9nQjrfIIxo0w%2FV1vGwTGamP8U8mz9Uz4CbwodQiic%2FmspGWg5Zl8AOlxWYU0o1FbjR%2BliQvhfaNJKX6UgALqw43KuTsMjpOtvFixDoHedj%2B55QWvZV2hB%2F478Zx2Vuh1pclSvFaed8AFqYWaryg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce66dba369acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
2fd74f08fb05185674d57aef1f15f1e9a8aad401a65a55c87e27378605acc49a

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
cdb
bidder.criteo.com/ 		188 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=123&profileId=185&av=34&wv=7.2.0&cb=87738186523
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e7e665e11676888ee5a3479c00fecf5f064bb5ec0654532bd6ae85b236be58d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
172
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:45 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
ROS
pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ 		432 B
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ROS?rnd=0.39745589516073365&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=7.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&ccpa=1---&e_amxId=Ok9KQkRT-W1hNQk5T-BV1NSEVYW1xKUFhA-ND5aXkZXT1pORkVOTFVIXEZVUV9UUE1SUVRaXlYVFhpWUCk&e_criteoId=MLUNIV9ET0pGb3ZWYTZ3WlZ2cVR3NjElMkZ4YiUyQnN3QlN1VTZ3a3V6dW1yNEdiN1Nzd3ptVEthbVBWRWUydFBKJTJCc3Z1OWl3eXI5OERCSWNka0Z0Z2swTDFRand3RmtYcnZMN1VKSU1MaU5jTmllVVlSdVd1MUVqVUR1SSUyQmZCZ04wYSUyRjclMkI1Uw&e_id5id=%257B%2522uid%2522%253A%2522ID5*jnNwuKeYZcsOVbSto75pu65a8BHAhjh3PxQeBIeAuYQbKIGKSWOvkACkC2PDLtsN%2522%252C%2522ext%2522%253A%257B%2522linkType%2522%253A0%257D%257D&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522hawtcelebs.com%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522gwqtxekeva_xon21058336769654%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=3e454c00-a647-473c-8fb6-cfd95d428962
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.125 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
2992739582d1128d83dbc9e7e5bb31db0cde5ddcc0d74b23b2fc8a2b86d0bc35

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.hawtcelebs.com
expires
Wed, 20 Jul 2022 15:58:45 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
432
x-sid
IAD-1216
auction
tlx.3lift.com/header/ 		19 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.2.0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&tmax=1000&us_privacy=1---
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.229.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-229-211.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
accept-ch
sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
v1
btlr.sharethrough.com/universal/ 		912 B
964 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.193.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-193-118.compute-1.amazonaws.com
Software
/
Resource Hash
ae664e4f8f09a1cb8d4c1dc35d1f8b7766f9bab8f4ca7b48018982d583b099d1

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 20 Jul 2022 15:58:45 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
482
prebid
ib.adnxs.com/ut/v3/ 		252 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
894d05bddae496aaa8f08f5f97d6694ad268675e4e262f43ba3343ac907a4069
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:45 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a6c2b260-9caa-4517-aac6-f26bd4238b4d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
252
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
unruly_prebid
targeting.unrulymedia.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		245 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
c0f40267a0f670e15259a0c0e51bef54bfbb36267dac8186a4591c7c670a8a32

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
content-encoding
gzip
server
envoy
vary
origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
102
pbjs
useast.quantumdex.io/auction/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
72dce66dd8036dc7-MIA
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRmNKYUZTRzdNBMZYBTaK-PUty-Pqqe-arBM-BeywPeTYABwaRlmNKYMbaARdzNwqfftkRqxeNco_KMKYUZT_MRwkjNTRkjmNKYMbaARwlNnqiggllh,ekoztg,kzwigxlt,thsqffofu,zkohstsoyz,liqktzikgxui,qhhftbxl,xfkxsn,qdb,jxqfzxdrtbRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s807lMzyGzvlEnshY9NfHub8amts1mf4qQQPLmeSuPaTR59yI0aqJib9AjFmc%2B%2BVNOA4XQM9iuNduVvSmR8oHBcVevkDahXeBUcWw2xFHOVBVxM8NY3bIuq4kLYvBP8db0zWu7hQCKJPry5qb1S%2BNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce66dca559acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRmNKYUZTRzdNaeATAAKY-aeqU-PKaZ-wZUY-YAYPUtKqUwTPRlmNaKAbaARdzNwqfftkRqxeNco_KMKYUZT_KRwkjNTRkjmNaKAbaARwlNkzwigxlt,thsqffofu,zkohstsoyz,qhhftbxl,qdb,jxqfzxdrtbRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:45 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XFwSbCmQJPy%2BdWGhSImXuGfAcYDiGiY53XemZnQQUMhAcnzgE5gcxWp1h4gRRlkKbrPfa447kLDZrT2%2BMXo%2FElYqJ%2BWk5wH51EYF68RFSEPZg5wee2s6h83uDFf%2FJEc00bNzjhmhZH4WHYbYjOwOcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce66dca569acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
events
bidder.criteo.com/csm/ 		0
219 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixels
ssp-sync.criteo.com/user-sync/ 		13 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?ccpa=1---&countrycode=US
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.73 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:44 GMT
content-encoding
br
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
underdog
underdog.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://underdog.technoratimedia.com/openrtb/bids/underdog?src=prebid_prebid_6.21.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:45 GMT
server
nginx
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:45 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:45 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:45 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:45 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:45 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:45 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:45 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:45 GMT
server
ATS/9.1.0.46
trinity.json
apex.go.sonobi.com/ 		946 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2221352832c12ea6c2%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-middle-728x90%22%2C%222147cc3e92a553e3%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-middle-728x90%22%2C%22215c4a5c7d5ca2ba%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-middle-728x90%22%2C%222166f897fafde1aa%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-middle-728x90%22%2C%222171a3d276223952%22%3A%224d5f61413a994ea882b1%7C160x600%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-160x600%22%2C%22218c0b7456a064ef%22%3A%224d5f61413a994ea882b1%7C160x600%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-160x600%22%2C%222196428557d44b4%22%3A%224d5f61413a994ea882b1%7C160x600%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-160x600%22%2C%22220530165ef3c4f5%22%3A%224d5f61413a994ea882b1%7C160x600%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-160x600%22%7D&ref=https%3A%2F%2Fwww.hawtcelebs.com%2F&s=1dbd2159-c2c3-4ea9-8f1f-a68a5aff28d5&pv=7ad008a2-4660-4290-b417-50c718457257&vp=desktop&lib_name=prebid&lib_v=6.21.1&us=5&ius=0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22udmserve.net%22%2C%22sid%22%3A%222993%22%2C%22hp%22%3A1%2C%22rid%22%3A%2253ce2e0a-352f-4422-953b-9a432a15b771%22%7D%5D%7D&userid=%7B%22tdid%22%3A%22d6c6a7da-85eb-47bb-8b66-b02f00a05cb2%22%7D&eids=%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d6c6a7da-85eb-47bb-8b66-b02f00a05cb2%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D&coppa=0
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
3fc7776fd6d027a64535c65f4fce3978c74754d3c3d84777d78788353b01133e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-40
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-type
application/json
content-length
489
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
underdog
underdog.technoratimedia.com/openrtb/bids/ 		0
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://underdog.technoratimedia.com/openrtb/bids/underdog?src=prebid_prebid_6.21.1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
308550047
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		602 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7c489ad6affc4142f178da612cdccef73efd81fedb388b130bc736f9840f7377
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 20 Jul 2022 15:58:45 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a81d1d51-f952-4a10-b654-2d89e29546ed
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
867 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24042&site_id=403056&zone_id=2257012%3B2257012%3B2257012%3B2257012%3B2257020%3B2257020%3B2257020%3B2257020&size_id=2%3B2%3B2%3B2%3B9%3B9%3B9%3B9&p_pos=atf&rp_schain=1.0,1!udmserve.net,2993,1,53ce2e0a-352f-4422-953b-9a432a15b771,,&tpid_tdid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&eid_adserver.org=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&rf=https%3A%2F%2Fwww.hawtcelebs.com%2F&tg_i.pbadslot=slider-middle-728x90%3Bslider-middle-728x90%3Bslider-middle-728x90%3Bslider-middle-728x90%3Bslider-160x600%3Bslider-160x600%3Bslider-160x600%3Bslider-160x600&tk_flint=pbjs_lite_v6.21.1&x_source.tid=173d4484-ef6b-4e63-843e-e42141564e15%3B173d4484-ef6b-4e63-843e-e42141564e15%3B173d4484-ef6b-4e63-843e-e42141564e15%3B173d4484-ef6b-4e63-843e-e42141564e15%3Bb9b78a70-684f-4f75-8387-c90202ef0023%3Bb9b78a70-684f-4f75-8387-c90202ef0023%3Bb9b78a70-684f-4f75-8387-c90202ef0023%3Bb9b78a70-684f-4f75-8387-c90202ef0023&l_pb_bid_id=2374faf82b79c689%3B2381ed93f617d26c%3B239c4cd8f2b76348%3B240295f79e697492%3B241c10112592724a%3B2426244a31435796%3B243765367aa2d0eb%3B244c335f3ae447a&p_screen_res=1600x1200&rp_floor=0.09574468085106383&rp_secure=1&rp_hard_floor=0.09574468085106383&rp_maxbids=1&p_gpid=slider-middle-728x90%3Bslider-middle-728x90%3Bslider-middle-728x90%3Bslider-middle-728x90%3Bslider-160x600%3Bslider-160x600%3Bslider-160x600%3Bslider-160x600&slots=8&rand=0.24228004144113324
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::116 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a26ac9884afb1b9b6f446b68489f1cb48dbc8fa5c02cd25fd3dffab8dcbb0660

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:45 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
384
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
94e2ae958f8cff8c2d70003475f782eea051289cf9e084bc9f23c5202cacc1f9

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
2966b362d79e9851df4470bae332f5ec214c0278536a5581d94ed905e2bc454f

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
20051e7d7eea46376585914cc6254771881c9e916b37c4ebdfdf34504ebea46a

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
3ff9d4dc5f1b6c2da938bd8cdab04fbede698e8111f71b777566bed57f5aeda6

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
ef07cced5d667f893aae903a9dd20019ece46817597ec28448bb5ea6e665340b

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
f2746b3f6a40896f5297f519a84027a2c76a0c494f61877bd2a7db5aa7d0d78b

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
b88be4c8b6d3d902fb0b4743a31ed50249d7e615c3d8c7e56e9b714008860bc6

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
214aa83d8e538640dcfeabf6a5a88e8a9645b217e4195ba07e17402aa523c786

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
c
prebid.a-mo.net/a/ 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:45 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
112
vary
origin, Accept-Encoding
/
d.adroll.com/bid/prebid/ 		0
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/bid/prebid/
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.214.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-214-150.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:45 GMT
access-control-allow-credentials
true
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b4373065c&cmd=bid&reserve=0.10465116279069767&eidadserver.org=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
351551941a48271cd0e2206269d674646474893c4d0b193c2ea73f7fe041c3b5

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b4373065c&cmd=bid&reserve=0.10465116279069767&eidadserver.org=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
204270ebb96e316a0c5584ea915dd40fd77982f40abc982a3ff5447d677400f0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b4373065c&cmd=bid&reserve=0.10465116279069767&eidadserver.org=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
92761d43628e530a5d1311ba858969cfc3f4f6c6502cf25a2ecc1fc8b8ab01c8

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
hb
ssc.33across.com/api/v1/ 		139 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dv6qxAKmGr7ikOrkHcnlKl
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
75fe20c3d4f679ff79015af0423b3293cde85cc34aed5e2d4e337ef9b60e8c38

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7CD4 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.60.212 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-60-212.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=141999
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 15:58:45 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 22 Jul 2022 07:25:24 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
1
sync-eu.connectad.io/pixel/ Frame 9823
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=rtaplus&user_id=LQ1c1jeXDvqXCvD0pQRdcmiK5hnzgR9RYUHuBaf8&gdpr=0
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Drtaplus%26bsw_param%3D622885e8-69bc-4dce-b7b7-33df6ad940a...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=0be862d8-2632-4700-b4a9-ffbbf32e26e2&expires=30&ssp=rtaplus&bsw_param=622885e8-69bc-4dce-b7b7-33df6ad940af&gdpr=0&gdpr_consent=
  • https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=622885e8-69bc-4dce-b7b7-33df6ad940af
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/pixel/1?dataid=data3&uuid=622885e8-69bc-4dce-b7b7-33df6ad940af
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status
DYNAMIC
cf-ray
72dce6709decb3d9-MIA
date
Wed, 20 Jul 2022 15:58:45 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Jul 2022 15:58:45 GMT
Location
//sync-eu.connectad.io/pixel/1?dataid=data3&uuid=622885e8-69bc-4dce-b7b7-33df6ad940af
Server
nginx
1
sync.connectad.io/umatch/ Frame 9370
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dadform%26dataid%3Ddata4%26uuid%3D%24UID
  • https://sync.connectad.io/umatch/1?bidder=adform&dataid=data4&uuid=7650510858995602230
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.connectad.io/umatch/1?bidder=adform&dataid=data4&uuid=7650510858995602230
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status
DYNAMIC
cf-ray
72dce66fef0a09c2-MIA
date
Wed, 20 Jul 2022 15:58:45 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google

Redirect headers

content-length
0
content-type
text/plain
date
Wed, 20 Jul 2022 15:58:45 GMT
location
https://sync.connectad.io/umatch/1?bidder=adform&dataid=data4&uuid=7650510858995602230
server
nginx
cm
u.openx.net/w/1.0/ Frame 07EB 		773 B
815 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/485d39a /
Resource Hash
3b9e4c686af372db67792b219e341972078835c7b8a544ce4e9d18ded1d2a7b7

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
478
content-type
text/html
date
Wed, 20 Jul 2022 15:58:45 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/485d39a
vary
Accept, Accept-Encoding
via
1.1 google
1
sync.connectad.io/umatch/ Frame D78B
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=connectad
  • https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=l5vyLtLLbMx5GDYxrFdU&pi=connectad
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=l5vyLtLLbMx5GDYxrFdU&pi=connectad
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status
DYNAMIC
cf-ray
72dce66fdefc09c2-MIA
date
Wed, 20 Jul 2022 15:58:45 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Wed, 20 Jul 2022 15:58:45 GMT Wed, 20 Jul 2022 15:58:45 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://sync.connectad.io/umatch/1?bidder=rtbhouse&dataid=data6&uuid=l5vyLtLLbMx5GDYxrFdU&pi=connectad
pragma
no-cache
1
sync.connectad.io/umatch/ Frame 83CA
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Dsovrn%26dataid%3Ddata12%26uuid%3D%24UID
  • https://sync.connectad.io/umatch/1?bidder=sovrn&dataid=data12&uuid=FAgeSLZHo8TuhUBRRuqMzo78
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.connectad.io/umatch/1?bidder=sovrn&dataid=data12&uuid=FAgeSLZHo8TuhUBRRuqMzo78
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status
DYNAMIC
cf-ray
72dce6706fe109c2-MIA
date
Wed, 20 Jul 2022 15:58:45 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Connection
close
Date
Wed, 20 Jul 2022 15:58:45 GMT
Location
https://sync.connectad.io/umatch/1?bidder=sovrn&dataid=data12&uuid=FAgeSLZHo8TuhUBRRuqMzo78
X-Sovrn-Pod
ad_ap2ord1
usermatch
ssum.casalemedia.com/ Frame 38E3 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
357cdb070366911d9d0126f2894ad3d365fc1855c69771e857eb20832ed11912

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
72dce66f4a0d2293-MIA
content-encoding
br
content-type
text/html
date
Wed, 20 Jul 2022 15:58:45 GMT
dropped-udsids
41|105|123|57|196|13|73|8
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UVtrei4FWZGPe8T3naKJDjxBrW1fvjc5hLQdmKY%2FM04zw8kzLA1G1oomSnngZG4dfeWVN6EtJtcMqHIwuIaNxGJHP%2BZOGFsANxj1%2FJ0KDhEm8CzBmeffX4w5FfoC2ww%2FzQMVlPDj"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
/
onetag-sys.com/usync/ Frame 44FB 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d4e109247a89f6
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
LQ1c1jeXDvqXCvD0pQRdcmiK5hnzgR9RYUHuBaf8
csync.smilewanted.com/set_partner_userid_get/connectad/ Frame 98CB 		0
472 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/connectad/LQ1c1jeXDvqXCvD0pQRdcmiK5hnzgR9RYUHuBaf8
Requested by
Host: sync-eu.connectad.io
URL: https://sync-eu.connectad.io/syncer/1?gdpr_consent=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fconnectad%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync-eu.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72dce66f0fc09aba-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 15:58:45 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
1
sync.connectad.io/umatch/ Frame 07EB 		0
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.connectad.io/umatch/1?dataid=data5&uuid=819fabf1-e370-4ae3-8335-6c608d3f1982
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-ray
72dce66fbed009c2-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sd
us-u.openx.net/w/1.0/ Frame 07EB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2394348841350322825&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2394348841350322825&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/485d39a /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
via
1.1 google
server
OXGW/485d39a
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2394348841350322825&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 07EB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YtgmNQAAUgzJvgA0
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YtgmNQAAUgzJvgA0&_test=YtgmNQAAUgzJvgA0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YtgmNQAAUgzJvgA0&_test=YtgmNQAAUgzJvgA0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/485d39a /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
via
1.1 google
server
OXGW/485d39a
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
via
1.1 varnish
server
Varnish
x-timer
S1658332726.801240,VS0,VE0
x-served-by
cache-mia11381-MIA
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YtgmNQAAUgzJvgA0&_test=YtgmNQAAUgzJvgA0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
2c86427a-ca43-eb43-d96e-ba80f3331646
pr-bh.ybp.yahoo.com/sync/openx/ Frame 07EB 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/2c86427a-ca43-eb43-d96e-ba80f3331646?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:357b:502f:f800:1eb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame 07EB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=b841243e-5aef-790a-e8b9-ac750c64db0f&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&ttd_puid=b841243e-5aef-790a-e8b9-ac750c64db0f&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&ttd_puid=b841243e-5aef-790a-e8b9-ac750c64db0f&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/485d39a /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
via
1.1 google
server
OXGW/485d39a
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&ttd_puid=b841243e-5aef-790a-e8b9-ac750c64db0f&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
pixel
cm.g.doubleclick.net/ Frame 07EB 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTQyZWY3ZjQtOTM5OC0yN2FlLWZkNTktZjZjY2M2ODYxNTZm
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.41.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 07EB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEERuctoDcnHpmRVBibKe6rs&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEERuctoDcnHpmRVBibKe6rs&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=0&r=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata5%26uuid%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/485d39a /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
via
1.1 google
server
OXGW/485d39a
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEERuctoDcnHpmRVBibKe6rs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 38E3
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=d5fbdb76-0844-11ed-b6d2-1ec24d012f91
43 B
913 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=d5fbdb76-0844-11ed-b6d2-1ec24d012f91
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce671bb14b3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=haS%2FVA7F%2B%2BvWw2e6Y80T7Otl3d1E7GncGi7oGmFbg12uIpqQYAvl%2Fkn2ix6eTOU0nwdpqfjWrk6JnLPalAlVF%2F8KNzjxM%2F2z9SDj5IgNZHO9V1DIuYrYLJ2zWxnP%2BlsODD2LZNUr0tIv1A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:45 GMT
server
Cowboy
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=d5fbdb76-0844-11ed-b6d2-1ec24d012f91
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
lga-delivery-7
Content-Length
0
Expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame 38E3
Redirect Chain
  • https://d.adroll.com/cm/index/ssp
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce6706833b3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7AIZZ12AMGF6qVWbgG3KsubOrcwaHsWwSAgPEmeeJHXjsm36Wio7D6zGlCMvkdUpvA2UlPPN1BHVl1EHjhhTYuf%2Fhc%2BJdMZFluiCP8fow61pPcuXDFoqL9Esv9CMV4MmiIxi0Imm6ivtA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Wed, 20 Jul 2022 15:58:45 GMT
server
nginx/1.20.0
content-length
76
rum
dsum-sec.casalemedia.com/ Frame 38E3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=Kcg54J60SfRs33ChgCt-6SaEdkQ
43 B
909 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=Kcg54J60SfRs33ChgCt-6SaEdkQ
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce6707841b3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FVS3UTvqEUkBkSfNGg3P7ZoyiL22EA0pn%2Fka%2BzyQTX9LtnK6OYT0Nwz3bZPRfKReJxdHitsXnwMHtifClL3lRzw5keX5wHi4bMQyKEiIhms%2FeT239re4EWrTHAqicRNEq5iarjzMSNMag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=Kcg54J60SfRs33ChgCt-6SaEdkQ
Date
Wed, 20 Jul 2022 15:58:45 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame 38E3
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=970033156717698583
43 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=970033156717698583
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce6707861b3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tzLQA2AlAEghb69bH8tRx%2BgiEcsejZ4OPG9Lm4n3ZLZYHXg%2F6NTrS04D3p7vXaAiv4IfotCnRkS2pXHkEsvsrFcqqpb6HLGevRIJlAdN5HIwMWopGVP%2BRZcSBnlZrZURM9lGHAFzKgqlNA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=970033156717698583
Date
Wed, 20 Jul 2022 15:58:45 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame 38E3
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=06030001_62d82635ea076&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=06030001_62d82635ea076
43 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=06030001_62d82635ea076
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce671fb98b3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o0n5gboiQppwMeN3yspSxmc5rPTciRBGniH64xyVSzOEFjqPvKfxn9DQIw6gz5DobTItJKHhAr3b6C5JYmBSXh8N7NdAifHpgWcp8GfrH5viLvZbfKJ8M%2Ff76leXKqXzspVyiZor5DFZ8A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Wed, 20 Jul 2022 15:58:46 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=06030001_62d82635ea076
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
crum
dsum-sec.casalemedia.com/ Frame 38E3
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=07ea220407cdc1f0af4c98c4&expiration=[EXPIRATION]
43 B
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=07ea220407cdc1f0af4c98c4&expiration=[EXPIRATION]
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce67a1b1db3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xlmc5Ug5RC6l%2BHWtXcL6O914wXuJMefOJyLSeJ26%2BF5u9mFEbCLzQzd7UZHPaJvCbCaDTyBA3oLA%2FE%2F1no8cMGPAaXCdi6W46POj0Ji0em7jPzlQxNxpertP%2BPNMxK6ulehaYGEQYTqa2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=07ea220407cdc1f0af4c98c4&expiration=[EXPIRATION]
Date
Wed, 20 Jul 2022 15:58:32 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Powered-By
Express
Content-Length
0
Vary
Origin
YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 38E3 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:357b:502f:f800:1eb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 38E3
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=c8716e60-872d-4a68-ad1b-74d47f4a7d71&expiration=1689868725
43 B
908 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=c8716e60-872d-4a68-ad1b-74d47f4a7d71&expiration=1689868725
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

cf-ray
72dce67149fcb3b6-MIA
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7BWMlENdHk0nzjQVpCUq5zCHOiChxiCY%2B5ajfiP0iKM3BmwmBoJ238GukrucYSubJdDo1mXBktK5yLP8yix8eWEdl33kWf1ZMz5Pc0kbrHua%2B2tbuz7NSxRDN7W%2B1s2hO%2Fg7YqhSUXrPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=c8716e60-872d-4a68-ad1b-74d47f4a7d71&expiration=1689868725
date
Wed, 20 Jul 2022 15:58:45 GMT
server
Kestrel
content-length
0
1
sync.connectad.io/umatch/ Frame 38E3 		0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.connectad.io/umatch/1?bidder=idx&dataid=data13&uuid=YtgmLaNUKrapf3hd7CxpWwAA%26362
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190906&cb=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fbidder%3Didx%26dataid%3Ddata13%26uuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-ray
72dce6700f4709c2-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
edge-logo-white.png
bid.underdog.media/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bid.underdog.media/edge-logo-white.png
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2162:8e00:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d443235c5040b9e5a2461f69bcef0930f5820c356830bb0c59a4953d16f8a59e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 29 Jun 2022 07:01:34 GMT
via
1.1 4a7ef8cbf68469938b3b0dd42dbc4de8.cloudfront.net (CloudFront)
last-modified
Tue, 17 Nov 2020 21:08:31 GMT
server
AmazonS3
age
1846632
etag
"876f68d4ff152e17573c3a8f3cc1a580"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
x-amz-cf-pop
EWR52-C3
accept-ranges
bytes
content-length
15804
x-amz-cf-id
yt-up6xPK1k5SEVkFzAuj1S6Naz3JFgjxMDFbCjEB9MGqtq0eQFEmg==
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_native_multi_home5&e=ufp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id
01G3H3TVM5VP9D98ZA3HVY52JK
date
Wed, 20 Jul 2022 15:58:46 GMT
cf-cache-status
HIT
age
247363
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
72dce671fdd39aec-MIA
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_fluid_sky_home7&e=ufp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id
01G3H3TVM5VP9D98ZA3HVY52JK
date
Wed, 20 Jul 2022 15:58:46 GMT
cf-cache-status
HIT
age
247363
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
72dce671fdd79aec-MIA
e.js
live.demand.supply/e/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.demand.supply/e/e.js?r=hawtcelebs.com_native_multi_native_under_related&e=ufp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by
Host: live.demand.supply
URL: https://live.demand.supply/impl.v15.0.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-nf-request-id
01G3H3TVM5VP9D98ZA3HVY52JK
date
Wed, 20 Jul 2022 15:58:46 GMT
cf-cache-status
HIT
age
247363
cf-polished
origSize=2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1
cf-bgj
minify
server
cloudflare
etag
"ec09d72975fe89142c7d2feb1371ff57-ssl"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
s-maxage=2592000,stale-if-error=604800
accept-ranges
bytes
cf-ray
72dce671fddc9aec-MIA
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 20 Jul 2022 15:58:46 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:46 GMT
server
ATS/9.1.0.46
bid
c.amazon-adsystem.com/e/dtb/ 		130 B
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.hawtcelebs.com%2F&pid=g95TCzhgOhGcR&cb=5&ws=1600x1200&v=8.1.0&t=1000&slots=%5B%7B%22sd%22%3A%22vi_7872651_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_7872651_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C63%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.109.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-109-24.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
ff356f603e54a4309675ba3b0bb3cd441ba609eb2e92b611b9276704bba4302b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:47 GMT
via
1.1 749177a97cae42477f22c33c927ca0ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
x-amz-rid
EC8F9Z34D62KVETH93YH
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
130
x-amz-cf-id
7oC2VyYGC4zw4OJmBi_jEZHD3zfOM_1onZfV2cdIDDwni2rtLE9xtw==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzdNeMyrPZaa-MPwA-Pyey-wABa-AZUyeaaBeTUeRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNKYUZTRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:46 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kS%2B%2B9rIUfENxFgfSk1w%2FC%2B%2BQJwM5Z3SxW%2BpKNMhJtDT%2BNE3V20S3IbMRwyRWwNjgoN9%2BK0a1Wb2zzfqpw6BP9DPXnjeA1BYo5eTw5gtZsXf0dw88SuM%2BYNHAKH%2FWg%2FocJfgHyPr0McJra0NS7BC81Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce6766a4d9acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzdNTYTBaAaZ-Bqtr-PZUw-awrP-TrTKwPaTYAaBRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNKYUZTRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:46 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViuirTeT7npwTrlYA55jf%2BJgVQMeSF9We3FBGfb%2BA8bKyWsOcqFEBZYiW%2FdDZaYZBx6ZezFVy7Zbn5neoTqD%2B9X72%2BlXa32jT%2BkB4WPDbyfVRY8216fyqSw763gF%2FuIhxUFOgycjclEI8l%2BE7VYIJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce6766a519acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
v1
btlr.sharethrough.com/universal/ 		593 B
890 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.193.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-193-118.compute-1.amazonaws.com
Software
/
Resource Hash
c69f607556ae0debd4424e6173291dc3aa996ef3f32d0b8e0a90dd8c4c075ed6

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 20 Jul 2022 15:58:46 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
408
c
prebid.a-mo.net/a/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:46 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
181
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		258 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
88b8078cd7d0654e8a552d6972e3a18fd344d5ee5c93e29bd40beacd8759d1f3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:46 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
636ae221-0068-45bf-b362-14e8a579cfa6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
258
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		188 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=123&profileId=185&av=34&wv=7.2.0&cb=94391510294
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
3c9525bd904b3f4ceed1e47ce94830a7973eb7e51a7ab0a5709a0b21523a7b8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:45 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
172
auction
tlx.3lift.com/header/ 		19 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.2.0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&tmax=1000&us_privacy=1---
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.229.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-229-211.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:46 GMT
accept-ch
sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
unruly_prebid
targeting.unrulymedia.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:46 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
020f6bd3287f84ee8c131af228596cb1a43839b4c32fcfac8d259fa9f5895544

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:46 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:46 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
ROS
pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ 		432 B
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ROS?rnd=0.39745589516073365&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=7.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&ccpa=1---&e_amxId=Ok9KQkRT-W1hNQk5T-BV1NSEVYW1xKUFhA-ND5aXkZXT1pORkVOTFVIXEZVUV9UUE1SUVRaXlYVFhpWUCk&e_criteoId=MLUNIV9ET0pGb3ZWYTZ3WlZ2cVR3NjElMkZ4YiUyQnN3QlN1VTZ3a3V6dW1yNEdiN1Nzd3ptVEthbVBWRWUydFBKJTJCc3Z1OWl3eXI5OERCSWNka0Z0Z2swTDFRand3RmtYcnZMN1VKSU1MaU5jTmllVVlSdVd1MUVqVUR1SSUyQmZCZ04wYSUyRjclMkI1Uw&e_id5id=%257B%2522uid%2522%253A%2522ID5*jnNwuKeYZcsOVbSto75pu65a8BHAhjh3PxQeBIeAuYQbKIGKSWOvkACkC2PDLtsN%2522%252C%2522ext%2522%253A%257B%2522linkType%2522%253A0%257D%257D&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522hawtcelebs.com%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522gwqtxekeva_xon21058336769654%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=3e454c00-a647-473c-8fb6-cfd95d428962
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.125 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
2992739582d1128d83dbc9e7e5bb31db0cde5ddcc0d74b23b2fc8a2b86d0bc35

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:46 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.hawtcelebs.com
expires
Wed, 20 Jul 2022 15:58:46 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
432
x-sid
IAD-1216
pbjs
useast.quantumdex.io/auction/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
72dce67689f26dc7-MIA
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
588 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRmNKYUZTRzdNrMeerZqU-yaBZ-PTeK-aTUa-UtrraTeZAUrKRlmNKYMbaARdzNwqfftkRqxeNco_KMKYUZT_MRwkjNTRkjmNKYMbaARwlNliqktzikgxui,qdb,qhhftbxl,ekoztg,zkohstsoyz,xfkxsn,nqiggllh,kzwigxlt,thsqffofu,jxqfzxdrtbRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:46 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TcLtuadQ%2F2a%2BFSxHEVhqxcFtMAbhvmiHSAhN%2FZKZnSAkYQUhG9lDm%2B9pchcxmb4NMO1IEfnIf%2BpHXyCcgWbkWsPP6TUx19O0rdE19yE88geAWKJmY1BLJ2MUq%2F8XHanUQ%2B7WvbaEeQeUKqNYgk1VZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce6768a729acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRmNKYUZTRzdNZaByKeaM-ewtY-PAqU-qewK-TBrtqYZBZyAqRlmNaKAbaARdzNwqfftkRqxeNco_KMKYUZT_KRwkjNTRkjmNaKAbaARwlNqdb,qhhftbxl,zkohstsoyz,kzwigxlt,thsqffofu,jxqfzxdrtbRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:46 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:46 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDnHnXfCef%2FsBq70UflmAIpGnrf%2BPH8GpgNW6wQ2I3O6rAK%2FjigN%2FrXaqt8Uys4Du2Legcp2MmqSHCYYD%2BhL%2FVCwU%2FOGAo%2Bq%2B9vvRYsBHosM3n2aN8ucGLYgNf8f7SB%2FgpHD2sbcHEjv2zdmmeMo1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce6768a759acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
events
bidder.criteo.com/csm/ 		0
219 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Jul 2022 15:58:46 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixels
ssp-sync.criteo.com/user-sync/ 		13 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?ccpa=1---&countrycode=US
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.73 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:46 GMT
content-encoding
br
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
SPug
simage4.pubmatic.com/AdServer/ Frame 5CF1 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.24 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:46 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 8F03 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=94662114&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
022191965c00624ce850d60723b9311c2d95f06c419176501bf532df68e23792

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:47 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame E758 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=43207414&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
022191965c00624ce850d60723b9311c2d95f06c419176501bf532df68e23792

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:47 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 4EE8 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=94835386&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
022191965c00624ce850d60723b9311c2d95f06c419176501bf532df68e23792

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:47 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
img.fetch
udmserve.net/udm/ 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=6;cb=2729b16ffd2918be;trigger=public_reload;refresh=2;trigger=ref_aft_def_standard;
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b6c63b35fabf1c366517d1298b3ef268e153b2192db73c8d8951edb6b135fea3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:48 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Type
application/x-javascript
Expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 095A
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d5fbdb76-0844-11ed-b6d2-1ec24d012f91
42 B
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d5fbdb76-0844-11ed-b6d2-1ec24d012f91
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Jul 2022 15:58:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 20 Jul 2022 15:58:48 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d5fbdb76-0844-11ed-b6d2-1ec24d012f91
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
lga-delivery-7
server
Cowboy
Pug
simage2.pubmatic.com/AdServer/ Frame 802E
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Jul 2022 15:58:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 15:58:48 GMT
expires
Wed, 20 Jul 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1194803
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame D125
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_dfbf1dd067b6470997f89
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_dfbf1dd067b6470997f89
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Jul 2022 04:28:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
image/gif
date
Wed, 20 Jul 2022 15:58:47 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_dfbf1dd067b6470997f89
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame 57EB
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=681651561467
42 B
190 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=681651561467
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Jul 2022 15:58:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=681651561467
Pug
simage2.pubmatic.com/AdServer/ Frame EC76
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jafXLkYk1Oec615&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jafXLkYk1Oec615&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Jul 2022 05:59:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Jul 2022 15:58:47 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jafXLkYk1Oec615&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-08925eee229cd6931@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
i.match
a.tribalfusion.com/ Frame 11C5 		43 B
666 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
72dce67e5bd39ae5-MIA
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 20 Jul 2022 15:58:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
Pug
simage2.pubmatic.com/AdServer/ Frame 5553
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7116191251797004622
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7116191251797004622
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Jul 2022 05:35:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=74071
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Wed, 20 Jul 2022 15:58:48 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7116191251797004622
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
setuid
sync.quantumdex.io/ Frame C51E 		43 B
129 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
72dce67e2cd06dc7-MIA
content-length
43
content-type
image/gif
date
Wed, 20 Jul 2022 15:58:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
mw
mwzeom.zeotap.com/ Frame 8F03
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
  • https://spl.zeotap.com/?zdid=1332&zcluid=cd2175c102830f52
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fb06f0d5-2a23-442a-49d2-a16f1ea47dfc&reqId=58911631-f6ff-400f-47b7-5731ea1fe118&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESENUBYFhB8bYcQObAq5coTDU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fb06f0d5-2a23-442a-49d2-a16f1ea47dfc&reqId=58911631-f6ff-400f-47b7-573...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESENUBYFhB8bYcQObAq5coTDU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fb06f0d5-2a23-442a-49d2-a16f1ea47dfc&reqId=58911631-f6ff-400f-47b7-5731ea1fe118&zcluid=cd2175c102830f52&zdid=1332
Protocol
H2
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
72dce6814ef202d6-MIA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESENUBYFhB8bYcQObAq5coTDU&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=fb06f0d5-2a23-442a-49d2-a16f1ea47dfc&reqId=58911631-f6ff-400f-47b7-5731ea1fe118&zcluid=cd2175c102830f52&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 8F03
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&addseg=10,33,39
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&addseg=10,33,39
Protocol
H2
Server
162.248.18.10 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Redirect headers

date
Wed, 20 Jul 2022 15:58:48 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&addseg=10,33,39
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 8F03
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:48 GMT
Frontend-ID
1
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:48 GMT
Frontend-ID
5
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&sInitiator=external&gdpr=0&gdpr_consent=
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame 8F03 		43 B
657 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.146.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-146-34.ewr52.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:48 GMT
via
1.1 c00308f66532ff493ccf2757d4085e0c.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR52-C2
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
GfUGPWXuGGkTkaZttCgsjIn2xlNusM6ftnzdaBGyJvTgMtDBQJt1xg==
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8F03
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7650510858995602230
42 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7650510858995602230
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:48 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7650510858995602230
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sn.ashx
pmp.mxptint.net/ Frame 8F03
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D530_F351C38A_4E323AE7&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Protocol
HTTP/1.1
Server
38.67.14.233 Rockport, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-341319528; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:48 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-341319528; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Wed, 20 Jul 2022 15:58:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 8F03
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8343254669216575683
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8343254669216575683
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 09:16:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:48 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
534d747c-be3a-45bb-bf2c-6d1753ec3756
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8343254669216575683
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
2981
tags.bluekai.com/site/ Frame E758
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=0ca04202790e552e
  • https://cm.g.doubleclick.net/pixel?google_nid=bluekai&google_cm&google_sc&google_hm=YTR0ZC8rb1E5OVlEbjVDaQ%3D%3D
  • https://tags.bluekai.com/site/2981?id=&google_gid=CAESEOaBopwe3IalMCDT6Uva0ro&google_cver=1
62 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEOaBopwe3IalMCDT6Uva0ro&google_cver=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:48 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
62
bk-server
22bc
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:48 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://tags.bluekai.com/site/2981?id=&google_gid=CAESEOaBopwe3IalMCDT6Uva0ro&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame E758
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&addseg=10,33,39
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&addseg=10,33,39
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
162.248.18.10 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Redirect headers

date
Wed, 20 Jul 2022 15:58:48 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&addseg=10,33,39
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame E758
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:48 GMT
Frontend-ID
1
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:48 GMT
Frontend-ID
7
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&sInitiator=external&gdpr=0&gdpr_consent=
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame E758 		43 B
657 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.146.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-146-34.ewr52.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:48 GMT
via
1.1 c00308f66532ff493ccf2757d4085e0c.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR52-C2
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
2S-oqpyktqaALKurTw9gYaj8V0EwUMwkTfJ88wcRlkAF_ynwxKD29g==
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame CC2B
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d5fbdb76-0844-11ed-b6d2-1ec24d012f91
42 B
322 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d5fbdb76-0844-11ed-b6d2-1ec24d012f91
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Jul 2022 04:10:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 20 Jul 2022 15:58:48 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d5fbdb76-0844-11ed-b6d2-1ec24d012f91
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
lga-delivery-7
server
Cowboy
Pug
simage2.pubmatic.com/AdServer/ Frame 6DEC
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Jul 2022 04:10:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 15:58:47 GMT
expires
Wed, 20 Jul 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1930565
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 157A
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_dfbf1dd067b6470997f89
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_dfbf1dd067b6470997f89
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Jul 2022 04:07:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
image/gif
date
Wed, 20 Jul 2022 15:58:47 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_dfbf1dd067b6470997f89
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame 967A
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=681651419901
42 B
190 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=681651419901
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Jul 2022 15:58:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=681651419901
Pug
simage2.pubmatic.com/AdServer/ Frame E758
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7650510858995602230
42 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7650510858995602230
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 09:16:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:48 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7650510858995602230
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sn.ashx
pmp.mxptint.net/ Frame E758
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D530_F351C38A_4E323BE9&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
HTTP/1.1
Server
38.67.14.233 Rockport, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-341319528; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:48 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-341319528; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Wed, 20 Jul 2022 15:58:48 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame E1E1
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jafXLkYk1Oec615&gdpr=0&gdpr_consent=
42 B
196 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jafXLkYk1Oec615&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Jul 2022 15:58:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Jul 2022 15:58:47 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jafXLkYk1Oec615&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-03c033f55d001e571@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
i.match
a.tribalfusion.com/ Frame 4E12 		43 B
706 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
72dce67e5bd89ae5-MIA
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 20 Jul 2022 15:58:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
Pug
simage2.pubmatic.com/AdServer/ Frame 4669
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7116191251797004622
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7116191251797004622
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Jul 2022 05:10:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=74071
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Wed, 20 Jul 2022 15:58:48 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7116191251797004622
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
simage2.pubmatic.com/AdServer/ Frame E758
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8343254669216575683
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8343254669216575683
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:48 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
50f7cd2e-affd-4f89-8b71-44813f10de22
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8343254669216575683
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 307F 		43 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
72dce67e4d0d6dc7-MIA
content-length
43
content-type
image/gif
date
Wed, 20 Jul 2022 15:58:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
5386
tags.bluekai.com/site/ Frame 4EE8
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=0ca04202790e552e
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
  • https://tags.bluekai.com/site/5386?id=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&gdpr=0&gdpr_consent=
62 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5386?id=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&gdpr=0&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
cache-control
max-age=86400, private
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
content-type
image/gif
content-length
62
bk-server
81a1
expires
Thu, 21 Jul 2022 15:58:48 GMT

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:48 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://tags.bluekai.com/site/5386?id=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
221
Artemis
aud.pubmatic.com/AdServer/ Frame 4EE8
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&addseg=10,33,39
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&addseg=10,33,39
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
162.248.18.10 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Redirect headers

date
Wed, 20 Jul 2022 15:58:48 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&addseg=10,33,39
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 4EE8
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:48 GMT
Frontend-ID
1
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:48 GMT
Frontend-ID
7
Location
/pubmatic/1/info2?sType=sync&sExtCookieId=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&sInitiator=external&gdpr=0&gdpr_consent=
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
g.pixel
aa.agkn.com/adscores/ Frame 4EE8 		43 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212308278&puid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.146.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-146-34.ewr52.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:48 GMT
via
1.1 c00308f66532ff493ccf2757d4085e0c.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR52-C2
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
ZT5dxPeZJGseNG2EXKDlM-FQJO3QNnYlp0H0B3KwZxoOIssyf_OpFg==
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame A99A
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d5fbdb76-0844-11ed-b6d2-1ec24d012f91
42 B
323 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d5fbdb76-0844-11ed-b6d2-1ec24d012f91
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Jul 2022 05:14:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Wed, 20 Jul 2022 15:58:48 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d5fbdb76-0844-11ed-b6d2-1ec24d012f91
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
lga-delivery-7
server
Cowboy
Pug
simage2.pubmatic.com/AdServer/ Frame F1A9
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Jul 2022 15:58:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Wed, 20 Jul 2022 15:58:48 GMT
expires
Wed, 20 Jul 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1202657
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame E0D8
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_dfbf1dd067b6470997f89
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_dfbf1dd067b6470997f89
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Jul 2022 15:58:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
image/gif
date
Wed, 20 Jul 2022 15:58:47 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_dfbf1dd067b6470997f89
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
a
Pug
simage2.pubmatic.com/AdServer/ Frame BFC5
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=681651640284
42 B
393 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=681651640284
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Jul 2022 04:29:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=681651640284
Pug
simage2.pubmatic.com/AdServer/ Frame 4EE8
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7650510858995602230
42 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7650510858995602230
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:48 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7650510858995602230
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sn.ashx
pmp.mxptint.net/ Frame 4EE8
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D530_F351C38B_4E323EF0&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
HTTP/1.1
Server
38.67.14.233 Rockport, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-341319528; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:48 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-341319528; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Wed, 20 Jul 2022 04:07:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame DF3E
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jafXLkYk1Oec615&gdpr=0&gdpr_consent=
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jafXLkYk1Oec615&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Jul 2022 15:58:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Wed, 20 Jul 2022 15:58:47 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:jafXLkYk1Oec615&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0bcfddd28c0df5c9c@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
i.match
a.tribalfusion.com/ Frame 10E2 		43 B
668 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
72dce67e5bdf9ae5-MIA
content-length
43
content-type
image/gif; charset=utf-8
date
Wed, 20 Jul 2022 15:58:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
Pug
simage2.pubmatic.com/AdServer/ Frame B6B6
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7116191251797004622
42 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7116191251797004622
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Jul 2022 15:58:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=74071
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Wed, 20 Jul 2022 15:58:48 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7116191251797004622
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
simage2.pubmatic.com/AdServer/ Frame 4EE8
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8343254669216575683
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8343254669216575683
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs?us_privacy=1---
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:48 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
efe6916c-61f5-4f15-b42a-7e8ea9b60518
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8343254669216575683
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame C465 		43 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
72dce67e7d6f6dc7-MIA
content-length
43
content-type
image/gif
date
Wed, 20 Jul 2022 15:58:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
underdog
underdog.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://underdog.technoratimedia.com/openrtb/bids/underdog?src=prebid_prebid_6.21.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET, HEAD, OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:48 GMT
server
nginx
trinity.json
apex.go.sonobi.com/ 		542 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2227484866107183fd%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-middle-728x90%22%2C%222755d60b08bf4bef%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-middle-728x90%22%2C%2227633ea71d419997%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-middle-728x90%22%2C%222775780ee721430c%22%3A%22cf28415ff720c075a78e%7C728x90%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-middle-728x90%22%2C%22278fb39c53ea6d17%22%3A%224d5f61413a994ea882b1%7C160x600%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-160x600%22%2C%22279de407ee5f2079%22%3A%224d5f61413a994ea882b1%7C160x600%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-160x600%22%2C%22280d8b459fb9be15%22%3A%224d5f61413a994ea882b1%7C160x600%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-160x600%22%2C%222814ae0089828599%22%3A%224d5f61413a994ea882b1%7C160x600%7Cf%3D0.09999999999999999%7Cgpid%3Dslider-160x600%22%7D&ref=https%3A%2F%2Fwww.hawtcelebs.com%2F&s=d47a54b8-0a9d-4add-b080-47c9a1bb67c5&pv=7ad008a2-4660-4290-b417-50c718457257&vp=desktop&lib_name=prebid&lib_v=6.21.1&us=5&ius=0&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22udmserve.net%22%2C%22sid%22%3A%222993%22%2C%22hp%22%3A1%2C%22rid%22%3A%22720d7bc1-aeef-4aaf-8fb2-9173c590446c%22%7D%5D%7D&userid=%7B%22tdid%22%3A%22d6c6a7da-85eb-47bb-8b66-b02f00a05cb2%22%7D&eids=%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d6c6a7da-85eb-47bb-8b66-b02f00a05cb2%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D&coppa=0
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.15 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
3e2913b5c45f40702b3128036940f3565a644d18e63eae9180a085d9fb655c0f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:48 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-40
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-type
application/json
content-length
421
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
underdog
underdog.technoratimedia.com/openrtb/bids/ 		0
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://underdog.technoratimedia.com/openrtb/bids/underdog?src=prebid_prebid_6.21.1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.159.70.95 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
324645038
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		603 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a23404715b4dc4f3a1f4b557ef4b9448564f326d85ebeac30bd32fde0efdfc15
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 20 Jul 2022 15:58:48 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
31d99f67-c9d4-4487-994d-96d43f2df9ed
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
864 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24042&site_id=403056&zone_id=2257012%3B2257012%3B2257012%3B2257012%3B2257020%3B2257020%3B2257020%3B2257020&size_id=2%3B2%3B2%3B2%3B9%3B9%3B9%3B9&p_pos=atf&rp_schain=1.0,1!udmserve.net,2993,1,720d7bc1-aeef-4aaf-8fb2-9173c590446c,,&tpid_tdid=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&eid_adserver.org=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&rf=https%3A%2F%2Fwww.hawtcelebs.com%2F&tg_i.pbadslot=slider-middle-728x90%3Bslider-middle-728x90%3Bslider-middle-728x90%3Bslider-middle-728x90%3Bslider-160x600%3Bslider-160x600%3Bslider-160x600%3Bslider-160x600&tk_flint=pbjs_lite_v6.21.1&x_source.tid=dac99093-eca7-4735-90d5-3407a08c1bf8%3Bdac99093-eca7-4735-90d5-3407a08c1bf8%3Bdac99093-eca7-4735-90d5-3407a08c1bf8%3Bdac99093-eca7-4735-90d5-3407a08c1bf8%3Bfb60b6fd-80ae-4706-8d86-505d29e5a2ec%3Bfb60b6fd-80ae-4706-8d86-505d29e5a2ec%3Bfb60b6fd-80ae-4706-8d86-505d29e5a2ec%3Bfb60b6fd-80ae-4706-8d86-505d29e5a2ec&l_pb_bid_id=2986593d4e7e4d94%3B2991b5dfdf62f086%3B300d1ec5d5e44965%3B301efbbb04a14eb1%3B302e07dfbbc54137%3B30316f7443262103%3B304dc6a9e55c0b53%3B3052e1ab9c90e0da&p_screen_res=1600x1200&rp_floor=0.09574468085106383&rp_secure=1&rp_hard_floor=0.09574468085106383&rp_maxbids=1&p_gpid=slider-middle-728x90%3Bslider-middle-728x90%3Bslider-middle-728x90%3Bslider-middle-728x90%3Bslider-160x600%3Bslider-160x600%3Bslider-160x600%3Bslider-160x600&slots=8&rand=0.9838492133637569
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::116 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
42ed6e3a17f55bb79062a61558f050eb5d3614b1954d90b497e91762395b9163

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:48 GMT
Content-Encoding
gzip
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
381
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
72a66130849aaf54f4df199c7e1d5726eab408d39d9b4f82b0cad711628ce69b

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
d16ccae6b6c441ef08abe230ffeef5f99dd1a3615bcb9c22036d36151bea2708

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
81d72dcecc48e9a11a89ad138bcf8854561ad3e713b8123415a01ed38c3bd6e5

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
001abd2715a82493cd4eadad2883d4226c0b210bb8367f1c659df7caf8f9f7e5

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
f5941bf2e7c741352ce08346978b777322b09694b02ee04da73a19b418b28f17

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
77232dd336a184b5475226eda81b3f38d91bca7f595a4b1227ba8a2128adcf59

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
014c8f530193c63ab3e90ee856b7fa2f4611b815e9d5d6acca0688388637cd15

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
22e25db21a4de4f7fa00bc51a030a011f88a48156764c18f267c4e35444a3176

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
c
prebid.a-mo.net/a/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:47 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
138
vary
origin, Accept-Encoding
/
d.adroll.com/bid/prebid/ 		0
103 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/bid/prebid/
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.214.150 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-214-150.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:48 GMT
access-control-allow-credentials
true
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b4373065c&cmd=bid&reserve=0.10465116279069767&eidadserver.org=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
83e940a59aa71d4e3fd5fca3800e853690429828e1209db6e245da50660a21cc

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
283 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b4373065c&cmd=bid&reserve=0.10465116279069767&eidadserver.org=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
2eacc94f99cd3d81df21553ad4dbd41e356b5e0534bef81dd258acfdb8404484

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
93 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9698ab017474066989084b4b100643&pos=8a9698ab017474066989085b4373065c&cmd=bid&reserve=0.10465116279069767&eidadserver.org=d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&secure=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e1eb9937f99b165574c25787b823c44e2bf0e87ab09696f5406fe8febed50bd4

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
62
hb
ssc.33across.com/api/v1/ 		139 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=dv6qxAKmGr7ikOrkHcnlKl
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
cbd720234f99364c9bdb3400429dc0521c61fc9c881c3fc6523e773c9d3a6e38

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:48 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:48 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:48 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:48 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:48 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:48 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:48 GMT
server
ATS/9.1.0.46
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:48 GMT
server
ATS/9.1.0.46
PugMaster
image6.pubmatic.com/AdServer/ Frame 7853 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=59804144&p=158810&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
fb9664816322481731630fa5adec6fd89fdfa8b7554cf092e063af9434f4edb0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
2032
content-type
text/html; charset=UTF-8
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:48 GMT
server
ATS/9.1.0.46
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 20 Jul 2022 15:58:48 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		130 B
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.hawtcelebs.com%2F&pid=g95TCzhgOhGcR&cb=6&ws=1600x1200&v=8.1.0&t=1000&slots=%5B%7B%22sd%22%3A%22vi_7872651_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_7872651_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C63%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.109.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-109-24.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
b01ebb8e4d20a643e97c63e0f3ff60f35db9d3005ec35277dbd9f87353eef882
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
via
1.1 749177a97cae42477f22c33c927ca0ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
x-amz-rid
4J4PDQ82MR9B6VD98R74
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
130
x-amz-cf-id
zK_PpCpVr7yBUDim2xQgMTl2ycB8w6pwX9CY82eFWK0QCgFL4B5KLQ==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzdNKyYMBBKZ-BerB-Parq-aByP-yZtwUTteeeMYRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNKYUZTRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfNLg8iRMYgloOwz9iBiHfLOLCIPLVFdCuJOGL62hl6P7IvoeacpQipovQQkRQSA%2BV0%2BlhrnehLEhxe%2BIWeFF3AYuvqBFxB5Tr4P%2FpnxbUmg9u8TAAhaQisHh10Jbv9N7xhPfjh8hXFCUIsJ2FPhgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce6807c669acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzdNUtPBtYry-wMYr-PTKa-wqwB-UeBweUZKTMKARdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNKYUZTRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FP9IAZi3b4ZTKFnWRzGJ0uLY%2BDAJ9rmekBk8zdhIvAuRyHcilrhJMEhtQGL9WITg%2BllVyz5FnMF64X%2Fxv9XcLkRomS2V38fU3i9hz%2BM%2F3mfT%2FNrhaSsHWCEUUeBZy2DfEj%2B28UAh%2BIZK5%2BlGFK7IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce6807c689acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
cee40627f71f61917fe7c424f3c2d7a151f1479a215c28ec3c22aacd0482796e

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:48 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		252 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
26fa568ff894b915271c740a6b650b3f95ba3c90939fc4794759aa0e09070f2d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:48 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
c1ce3c68-2ecd-4ca7-aa5a-a7de106406d5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
252
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		188 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=123&profileId=185&av=34&wv=7.2.0&cb=23672461560
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
097e29dba505b81b60688c19cb06a9d56f705d5295fab9638802613494ccea33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:47 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
172
ROS
pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ 		432 B
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ROS?rnd=0.39745589516073365&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=7.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&ccpa=1---&e_amxId=Ok9KQkRT-W1hNQk5T-BV1NSEVYW1xKUFhA-ND5aXkZXT1pORkVOTFVIXEZVUV9UUE1SUVRaXlYVFhpWUCk&e_criteoId=MLUNIV9ET0pGb3ZWYTZ3WlZ2cVR3NjElMkZ4YiUyQnN3QlN1VTZ3a3V6dW1yNEdiN1Nzd3ptVEthbVBWRWUydFBKJTJCc3Z1OWl3eXI5OERCSWNka0Z0Z2swTDFRand3RmtYcnZMN1VKSU1MaU5jTmllVVlSdVd1MUVqVUR1SSUyQmZCZ04wYSUyRjclMkI1Uw&e_id5id=%257B%2522uid%2522%253A%2522ID5*jnNwuKeYZcsOVbSto75pu65a8BHAhjh3PxQeBIeAuYQbKIGKSWOvkACkC2PDLtsN%2522%252C%2522ext%2522%253A%257B%2522linkType%2522%253A0%257D%257D&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522hawtcelebs.com%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522gwqtxekeva_xon21058336769654%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=3e454c00-a647-473c-8fb6-cfd95d428962
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.125 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
2992739582d1128d83dbc9e7e5bb31db0cde5ddcc0d74b23b2fc8a2b86d0bc35

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.hawtcelebs.com
expires
Wed, 20 Jul 2022 15:58:48 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
432
x-sid
IAD-1216
v1
btlr.sharethrough.com/universal/ 		566 B
889 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.193.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-193-118.compute-1.amazonaws.com
Software
/
Resource Hash
74be962f4e8028b80cf8d1ffd2d238b54b92c7f302e57bc26c459318eb1cba84

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 20 Jul 2022 15:58:48 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
407
c
prebid.a-mo.net/a/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:48 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
151
vary
origin, Accept-Encoding
unruly_prebid
targeting.unrulymedia.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:48 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.2.0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&tmax=1000&us_privacy=1---
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.229.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-229-211.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:48 GMT
accept-ch
sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
pbjs
useast.quantumdex.io/auction/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
72dce68098306dc7-MIA
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRmNKYUZTRzdNatYZUyKw-wrYB-PqYY-qyUt-KMewTaMYPeqKRlmNKYMbaARdzNwqfftkRqxeNco_KMKYUZT_MRwkjNTRkjmNKYMbaARwlNnqiggllh,kzwigxlt,qhhftbxl,ekoztg,thsqffofu,liqktzikgxui,qdb,xfkxsn,zkohstsoyz,jxqfzxdrtbRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJ6A5W5N3kCkBPzOoecOOBLGtdjSZdSrFHInFQ8g7SX%2B1%2B5r4%2BDVHzavK1wGV1fQiBhtJpdPGrecuMiqOskF2GLizt8oAQ%2FDgZGndAWwQ4OtwHl%2FV152CybXiFKm7wJvl07HWMp%2FtreHts9OqtOtGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce6809c9f9acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRmNKYUZTRzdNPBAPKTUw-qwYt-PeAB-qTMK-TKAUYyUqZaPyRlmNaKAbaARdzNwqfftkRqxeNco_KMKYUZT_KRwkjNTRkjmNaKAbaARwlNkzwigxlt,qhhftbxl,thsqffofu,qdb,zkohstsoyz,jxqfzxdrtbRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zT1XbwBBFcB7B55nKH9GCmpmYdgUxeVRDVxTzyJ15Uw1GEv1fe6B77pUByTayDRM699QYLrPh8JBIo3ul4m6x3wo0qg9BvDLVUDUcujbtWKODxdd%2FKk2NrXr1UI5RGthbo4GbeOljMXcJ3SFtcL2kA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce6809ca19acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
events
bidder.criteo.com/csm/ 		0
219 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixels
ssp-sync.criteo.com/user-sync/ 		13 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?ccpa=1---&countrycode=US
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.73 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
content-encoding
br
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
Pug
image2.pubmatic.com/AdServer/ Frame 755D
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=cb844d8b-4f63-4595-8e4d-3e27d4360236
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=cb844d8b-4f63-4595-8e4d-3e27d4360236
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 20 Jul 2022 15:58:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Wed, 20 Jul 2022 15:58:48 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=cb844d8b-4f63-4595-8e4d-3e27d4360236
strict-transport-security
max-age=15724800; includeSubDomains
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame AC22
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=c8716e60-872d-4a68-ad1b-74d47f4a7d71&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
42 B
355 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.189.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-189-197.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
42
content-type
image/gif
date
Wed, 20 Jul 2022 15:58:48 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Wed, 20 Jul 2022 15:58:48 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 31BA
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 20 Jul 2022 15:58:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
72dce6818eea2227-MIA
content-length
0
date
Wed, 20 Jul 2022 15:58:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
server
cloudflare
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 4D22
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d297a475-8211-4841-8bbb-a8ce2d7a76bb-tuct9d1abb2&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d297a475-8211-4841-8bbb-a8ce2d7a76bb-tuct9d1abb2&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Wed, 20 Jul 2022 15:58:48 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia11375-MIA
x-timer
S1658332729.709306,VS0,VE31

Redirect headers

accept-ranges
bytes
content-length
0
date
Wed, 20 Jul 2022 15:58:48 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=d297a475-8211-4841-8bbb-a8ce2d7a76bb-tuct9d1abb2&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mia11383-MIA
x-timer
S1658332729.567157,VS0,VE32
x-vcl-time-ms
32
Pug
image2.pubmatic.com/AdServer/ Frame 2AFA
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=DIDR9lcIDC653HBLOSbYYg
42 B
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=DIDR9lcIDC653HBLOSbYYg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Jul 2022 15:58:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Wed, 20 Jul 2022 15:58:49 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=DIDR9lcIDC653HBLOSbYYg
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 4197
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0424DC42359B4A23A341971B284D6076
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0424DC42359B4A23A341971B284D6076
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Wed, 20 Jul 2022 04:10:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Wed, 20 Jul 2022 15:58:48 GMT
expires
Tue, 19 Jul 2022 15:58:48 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:0424DC42359B4A23A341971B284D6076
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 68AE
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://sync.1rx.io/usersync2/pubmatic?zcc=1&cb=1658332728763
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1074308123
  • https://sync.1rx.io/usersync/tradedesk/d6c6a7da-85eb-47bb-8b66-b02f00a05cb2
  • https://sync.targeting.unrulymedia.com/csync/RX-dda1d952-238c-436b-9a13-dbfe3b5c8d58-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-dda1d952-238c-436b-9a13-dbfe3b5c8d58-005
42 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-dda1d952-238c-436b-9a13-dbfe3b5c8d58-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Jul 2022 04:10:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Wed, 20 Jul 2022 15:58:49 GMT
ETag
RXdda1d952238c436b9a13dbfe3b5c8d58005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-dda1d952-238c-436b-9a13-dbfe3b5c8d58-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Transfer-Encoding
chunked
Pug
simage2.pubmatic.com/AdServer/ Frame CD2B
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://match.bnmla.com/usersync?dspid=6&uuid=0424DC42359B4A23A341971B284D6076
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D
  • https://match.bnmla.com/usersync?dspid=170&uuid=E175F4900EB147A79F0B69C11A4B77A0
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=a0757451-1b4f-4610-b8d3-413e52c2c291
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=a0757451-1b4f-4610-b8d3-413e52c2c291
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Jul 2022 15:58:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Wed, 20 Jul 2022 15:58:48 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=a0757451-1b4f-4610-b8d3-413e52c2c291
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 4C0E
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Kcg54J60SfRs33ChgCt-6SaEdkQ
42 B
203 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Kcg54J60SfRs33ChgCt-6SaEdkQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Wed, 20 Jul 2022 15:58:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Wed, 20 Jul 2022 15:58:48 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=Kcg54J60SfRs33ChgCt-6SaEdkQ
CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 4C7C 		0
709 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
72dce6812a729aba-MIA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Wed, 20 Jul 2022 15:58:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
vary
Accept-Encoding
/
io.narrative.io/ Frame 7853
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
  • https://io.narrative.io/?io.narrative.guid.v2=d7a3d4b0-0844-11ed-b220-0620fc7113a1&companyId=673&id=pubmatic_id:CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=d7a3d4b0-0844-11ed-b220-0620fc7113a1&companyId=673&id=pubmatic_id:CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Protocol
HTTP/1.1
Server
52.2.65.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-65-122.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Wed, 20 Jul 2022 15:58:48 GMT
Cache-Control
no-cache
Server
nginx/1.18.0
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=d7a3d4b0-0844-11ed-b220-0620fc7113a1&companyId=673&id=pubmatic_id:CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Date
Wed, 20 Jul 2022 15:58:48 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
qmap
sync.crwdcntrl.net/ Frame 7853 		49 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.102.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-102-235.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:48 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.1.4
content-type
image/gif
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 7853
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
  • https://sync.mathtag.com/sync/img?mt_exid=10072&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3D2989%26partner_device_id%3D%5BMM_UUID%5D%26pt%3D72b09538-e154-472b-9fb0-46...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2989&partner_device_id=0be862d8-2632-4700-b4a9-ffbbf32e26e2&pt=72b09538-e154-472b-9fb0-46549e06af35%2C
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2989&partner_device_id=0be862d8-2632-4700-b4a9-ffbbf32e26e2&pt=72b09538-e154-472b-9fb0-46549e06af35%2C
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

Date
Wed, 20 Jul 2022 15:58:48 GMT
Server
MT3 4475 c1dc35a master ord-pixel-x16 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=2989&partner_device_id=0be862d8-2632-4700-b4a9-ffbbf32e26e2&pt=72b09538-e154-472b-9fb0-46549e06af35%2C
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 20 Jul 2022 15:58:47 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 7853 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.198.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-198-75.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 7CD4 		264 B
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=91904763&p=156077&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
2f4afb9542db5f390f4e037dd0482e5ad447267cd0f22e7d0c1e3d755176df98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
264
content-type
text/html; charset=UTF-8
1
sync.connectad.io/umatch/ Frame F265 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.connectad.io/umatch/1?dataid=data1&uuid=CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
cf-cache-status
DYNAMIC
cf-ray
72dce6830bd9b3d9-MIA
date
Wed, 20 Jul 2022 15:58:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google
d1ba4609
rtb.gumgum.com/getuid/ Frame 7CD4 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.113.215 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-113-215.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:48 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
radApi
edge.udmserve.net/ 		20 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.udmserve.net/radApi
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.13.7.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.120 Toronto, Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
underdogmedia.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 20 Jul 2022 15:58:49 GMT
Content-Length
20
Content-Type
application/json
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 20 Jul 2022 15:58:49 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		130 B
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.hawtcelebs.com%2F&pid=g95TCzhgOhGcR&cb=7&ws=1600x1200&v=8.1.0&t=1000&slots=%5B%7B%22sd%22%3A%22vi_7872651_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_7872651_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C63%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.109.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-109-24.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
e0de373149d2cd1f55664ec8001025b0dcb4c32ea94eec9c83d7546bf8559ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:49 GMT
via
1.1 749177a97cae42477f22c33c927ca0ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
x-amz-rid
5MV1HE14TWKJEKWVN78Y
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
130
x-amz-cf-id
7beCdUh83Tv5nUoz8oyCy73_70G3PftQTrnyjTsOCSACfB4rCqw72w==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzdNqYaKKMZB-yrTA-PYwP-aUKa-BertatYAUwKYRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNKYUZTRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:49 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EC8CR%2BiTCjIYId6xi39v0uw8x78tzIWj1X9MUdz6eVmsUTOs4DTeK0OCCzXW2JQSymhPbP6lPhfln9cBKFbqv5UZ8KsatNRyMM%2B5EOSTqpoO6QtjczWp0LTaZwDFnNdrUgsN3BGWXuNr51Eyd23rlw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce6891c099acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzdNtYaarKeP-UKBw-PYPP-qeBr-wZaPyTBBqMMPRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNKYUZTRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:49 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrOnxDKshos2FMmopLO2oyQbCnd%2BY%2B2AaJgmelv7FI3LpYjbRJgxKlIl1M1N1jMFsnSI4e2WpHVq9e1SFWoyDxMah%2BTLNNGnSMwJt7edtRdawbKpERpW6EFBaN5bSbKlXC%2FqKIF2zLBfCQdnNvTZFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce6891c0a9acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
v1
btlr.sharethrough.com/universal/ 		615 B
812 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.193.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-193-118.compute-1.amazonaws.com
Software
/
Resource Hash
df15e702cc2a71d7f70543bd9f9f7bc489ee212c8fab2ee114d865bc5c16a9f7

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 20 Jul 2022 15:58:49 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
330
ROS
pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ 		432 B
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ROS?rnd=0.39745589516073365&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=7.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&ccpa=1---&e_amxId=Ok9KQkRT-W1hNQk5T-BV1NSEVYW1xKUFhA-ND5aXkZXT1pORkVOTFVIXEZVUV9UUE1SUVRaXlYVFhpWUCk&e_criteoId=MLUNIV9ET0pGb3ZWYTZ3WlZ2cVR3NjElMkZ4YiUyQnN3QlN1VTZ3a3V6dW1yNEdiN1Nzd3ptVEthbVBWRWUydFBKJTJCc3Z1OWl3eXI5OERCSWNka0Z0Z2swTDFRand3RmtYcnZMN1VKSU1MaU5jTmllVVlSdVd1MUVqVUR1SSUyQmZCZ04wYSUyRjclMkI1Uw&e_id5id=%257B%2522uid%2522%253A%2522ID5*jnNwuKeYZcsOVbSto75pu65a8BHAhjh3PxQeBIeAuYQbKIGKSWOvkACkC2PDLtsN%2522%252C%2522ext%2522%253A%257B%2522linkType%2522%253A0%257D%257D&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522hawtcelebs.com%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522gwqtxekeva_xon21058336769654%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=3e454c00-a647-473c-8fb6-cfd95d428962
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.125 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
2992739582d1128d83dbc9e7e5bb31db0cde5ddcc0d74b23b2fc8a2b86d0bc35

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:49 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.hawtcelebs.com
expires
Wed, 20 Jul 2022 15:58:49 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
432
x-sid
IAD-1216
c
prebid.a-mo.net/a/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:49 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
107
vary
origin, Accept-Encoding
cdb
bidder.criteo.com/ 		188 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=123&profileId=185&av=34&wv=7.2.0&cb=80695575974
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
1c22a420c798a0086c484e14c8a322b00eefcddd38c204ecfebeee0655d23f23
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:49 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
173
prebid
ib.adnxs.com/ut/v3/ 		252 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1202246c89a6a43d01fe1b2537de89b777d68e835279a43af21f96f3d8af522a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:49 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
461078ad-9e14-4aff-bfa3-8582806f5ba7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
252
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.2.0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&tmax=1000&us_privacy=1---
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.229.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-229-211.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:49 GMT
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
unruly_prebid
targeting.unrulymedia.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:49 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
pbjs
useast.quantumdex.io/auction/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:49 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
72dce6892b7d6dc7-MIA
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:49 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
103dadd9219b2d8a99430274038f6972c21238afc02b5ab5a6b764469338b8eb

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:49 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRmNKYUZTRzdNwwPYTKtB-atUU-PtBM-Mawt-tUKetTwUMPBqRlmNKYMbaARdzNwqfftkRqxeNco_KMKYUZT_MRwkjNTRkjmNKYMbaARwlNliqktzikgxui,thsqffofu,qdb,ekoztg,qhhftbxl,zkohstsoyz,xfkxsn,jxqfzxdrtb,kzwigxlt,nqiggllhRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:49 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3jUKJH2zK7AMbGz9JtJnfP72GiqCNw%2B%2B%2F1hScDowy9vKwhEeJ1Wz8ai9xJA5L%2FEvz1Og4MNvutlrEXHSvX2x8tfhAPfw4JlOXrXnl%2BZKy1lEiY0pZu%2BpqbXtN0GBFvPO%2BFeZDYcf5rGLkxsMX40Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce6892c259acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRmNKYUZTRzdNPtYPwwtZ-qUKU-Paaw-qPer-eZtZeqZeYKBrRlmNaKAbaARdzNwqfftkRqxeNco_KMKYUZT_KRwkjNTRkjmNaKAbaARwlNthsqffofu,qdb,qhhftbxl,zkohstsoyz,jxqfzxdrtb,kzwigxltRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:49 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oadWXoReno526ytBV4tUmWjKySCf%2FvqwMEKfPStP%2BWKR98MiU3ZL7RHDLbuGPG%2BOdwtqve90eMAgqP4kT%2BoRoNHZt4fNWgNSP0cvUiSzCeXOX39NOASlR%2B6GFZn2OOGAkf6H5b1YQqIcNtrtS%2BRvPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce6892c269acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:49 GMT
server
ATS/9.1.0.46
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 395B 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto:NaN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 19:31:57 GMT
x-content-type-options
nosniff
age
592012
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jul 2023 19:31:57 GMT
events
bidder.criteo.com/csm/ 		0
219 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Jul 2022 15:58:49 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixels
ssp-sync.criteo.com/user-sync/ 		13 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?ccpa=1---&countrycode=US
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.73 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:49 GMT
content-encoding
br
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2B78 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700|Roboto:NaN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 13 Jul 2022 19:31:57 GMT
x-content-type-options
nosniff
age
592012
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 13 Jul 2023 19:31:57 GMT
dc_oe=ChMIiZrx5OqH-QIVhwdxCh0ZzwIoEAAYACCckJlSQhMI56fJ5OqH-QIVBnKHCh2yLA_w;met=1;&timestamp=1658332729988;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 47D8 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIiZrx5OqH-QIVhwdxCh0ZzwIoEAAYACCckJlSQhMI56fJ5OqH-QIVBnKHCh2yLA_w;met=1;&timestamp=1658332729988;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 8F03 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.24 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 09:26:53 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dc_oe=ChMI4_zw5OqH-QIVJg-ICR31kQSvEAAYACCI_5hSQhMI-5XJ5OqH-QIVeoiDCB0Okw4V;met=1;&timestamp=1658332730027;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 74FF 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI4_zw5OqH-QIVJg-ICR31kQSvEAAYACCI_5hSQhMI-5XJ5OqH-QIVeoiDCB0Okw4V;met=1;&timestamp=1658332730027;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame E758 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.24 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 4EE8 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.24 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 7853 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158810&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.24 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 09:36:30 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 7CD4 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156077&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156077&predirect=https%3A%2F%2Fsync.connectad.io%2Fumatch%2F1%3Fdataid%3Ddata1%26uuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.24 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 20 Jul 2022 15:58:51 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:51 GMT
server
ATS/9.1.0.46
bid
c.amazon-adsystem.com/e/dtb/ 		130 B
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.hawtcelebs.com%2F&pid=g95TCzhgOhGcR&cb=8&ws=1600x1200&v=8.1.0&t=1000&slots=%5B%7B%22sd%22%3A%22vi_7872651_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_7872651_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C63%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.109.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-109-24.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
2b77a65bd796e5a7894f62fc75c1b386b6c646df1b8db00f1d593b0676f55386
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:51 GMT
via
1.1 749177a97cae42477f22c33c927ca0ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
x-amz-rid
KAG0A11RKK9TSMWRGS7C
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
130
x-amz-cf-id
qheivvU9Nh3xgjnHqoGY5GStYHF6xUfO9C7UvRFMvNAQSG3eBTeSxA==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzdNTrTeewZT-MBAr-PPYt-aKaa-AUMrAqtaPPMPRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNKYUZTRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:51 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wasaJlLuMeosD1oO%2FO5hxenbT%2FSBRj1qCQ7FANcV5XPYUj%2FS%2FvcJiQJIyC1VDQ2PDQMCD0nc32lcNiJ7J9YkM%2F7ZX87MBeV7vz%2BrZeT%2BLekjeTQfnmJYS8UMaptvw8Rw32ihhagHvkSh73sb2AnxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce691dde59acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzdNqrMwqwAr-yMYT-PwKe-qrBB-PaqtUwwttYqyRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNKYUZTRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:51 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bjyi9zcYJ8lia2D%2BjEAtACzpts9rpVscutluh2lbqAoVYSBeo9%2BxN%2B%2FB61mfI1zmTXB3NGj%2FIOvXZG70Jgms2kWLNkJm2yb4AArUqzW9099%2FLq7kXGN4I35lyQwRlOTgb6AWDJwt5iwfOw2JUi6tJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce691dde79acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
prebid
ib.adnxs.com/ut/v3/ 		252 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e6a5337ba8143cfd51714ca4419a7efb556e86fb5cb08df9db6b3e4b8c1b0f2d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:51 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
490cb079-c116-418d-ba82-18474cf924d0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
252
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ROS
pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ 		432 B
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ROS?rnd=0.39745589516073365&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=7.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&ccpa=1---&e_amxId=Ok9KQkRT-W1hNQk5T-BV1NSEVYW1xKUFhA-ND5aXkZXT1pORkVOTFVIXEZVUV9UUE1SUVRaXlYVFhpWUCk&e_criteoId=MLUNIV9ET0pGb3ZWYTZ3WlZ2cVR3NjElMkZ4YiUyQnN3QlN1VTZ3a3V6dW1yNEdiN1Nzd3ptVEthbVBWRWUydFBKJTJCc3Z1OWl3eXI5OERCSWNka0Z0Z2swTDFRand3RmtYcnZMN1VKSU1MaU5jTmllVVlSdVd1MUVqVUR1SSUyQmZCZ04wYSUyRjclMkI1Uw&e_id5id=%257B%2522uid%2522%253A%2522ID5*jnNwuKeYZcsOVbSto75pu65a8BHAhjh3PxQeBIeAuYQbKIGKSWOvkACkC2PDLtsN%2522%252C%2522ext%2522%253A%257B%2522linkType%2522%253A0%257D%257D&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522hawtcelebs.com%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522gwqtxekeva_xon21058336769654%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=3e454c00-a647-473c-8fb6-cfd95d428962
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.125 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
2992739582d1128d83dbc9e7e5bb31db0cde5ddcc0d74b23b2fc8a2b86d0bc35

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:51 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.hawtcelebs.com
expires
Wed, 20 Jul 2022 15:58:51 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
432
x-sid
IAD-1216
v1
btlr.sharethrough.com/universal/ 		603 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.193.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-193-118.compute-1.amazonaws.com
Software
/
Resource Hash
2c786eaa226d9e6f1697328377ec6ddf149279a850f2370d0db5a68fcd44cb34

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 20 Jul 2022 15:58:51 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
316
unruly_prebid
targeting.unrulymedia.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:51 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
pbjs
useast.quantumdex.io/auction/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
72dce691ff7f6dc7-MIA
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:51 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
auction
tlx.3lift.com/header/ 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.2.0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&tmax=1000&us_privacy=1---
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.229.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-229-211.compute-1.amazonaws.com
Software
/
Resource Hash
a3f5678ed2cc4659f7c791cde919ea6d7754f4753193eaef768b4bd01530fa23
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:51 GMT
content-encoding
gzip
accept-ch
sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
7211
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		188 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=123&profileId=185&av=34&wv=7.2.0&cb=49906314621
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
27752b8461ed117c278d4307a79d9348708ef878f8addb01fbc8772fe770a11a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:51 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
173
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
348bda21c420db9f010941d5e6b98bd728a0d195a36a33b0a15ad13156e7bdd1

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:51 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
c
prebid.a-mo.net/a/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:50 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
107
vary
origin, Accept-Encoding
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRmNKYUZTRzdNKerrBqAy-yPMw-PrAy-wAte-YAPtUewYZBATRlmNaKAbaARdzNwqfftkRqxeNco_KMKYUZT_KRwkjNTRkjmNaKAbaARwlNqhhftbxl,thsqffofu,jxqfzxdrtb,kzwigxlt,zkohstsoyz,qdbRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:51 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pm2cW4xScS1CushwEpHztE49QFiSLO3c0qGcNd3MjlpVtco7Dg4zae2zHoXmKiBn3fMv0AhlJqWUBPaWac9%2FgGqJ80AOpIApq5QGnOR1DYxLbhvEIbbaf8D9epFNpjSgxoowsmp%2B4UVQ2sJjB0NS%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce691fe169acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRmNKYUZTRzdNTtBAZKaK-tUaP-PwBe-qrBw-qArqMrrZKMeKRlmNKYMbaARdzNwqfftkRqxeNco_KMKYUZT_MRwkjNTRkjmNKYMbaARwlNqhhftbxl,thsqffofu,liqktzikgxui,xfkxsn,jxqfzxdrtb,kzwigxlt,zkohstsoyz,ekoztg,nqiggllh,qdbRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:51 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snXL%2Fk4VuFCBKi%2F9OLpLQQS2ye3E7NYjNPYl%2FW1oIY6xtztbIUDODmQ%2FA7TrUXR8AGNpYGBtSAN5gcmizmZJN2%2FtzBFTrpAj02z21CjwjklMR4Rqb%2B%2F%2FTkw3g1dpb%2BeKcfhCntp660brhVvnj8Asgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce691fe1a9acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
events
bidder.criteo.com/csm/ 		0
219 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Jul 2022 15:58:50 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixels
ssp-sync.criteo.com/user-sync/ 		13 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?ccpa=1---&countrycode=US
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.73 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:50 GMT
content-encoding
br
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
cc.jpeg
px.vliplatform.com/br-v4/ 		0
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/br-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzdNtZyYZUrq-UYKT-PTBB-aZYM-eUUTBMwaTqPBRlmNKYMbaARdzNwqfftkRqxeNco_KMKYUZT_MRysggkNAGATRwkNzkohstsoyz|AGAYB|KYMbaA|wqfftk|PMA|RmNKYUZTRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:51 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FejHuW2i8qihN76zpeeKZOf4apqiag3OfVaywHkOiwgEcLGGlHU3RDWrTXZVKWEGUUsVvS9RsA8QzjD4NtpXElUtrTPF5LZd%2Bcs8VJwdpBt14iFlcPuJMIjLDC%2BBU%2B%2FYCJlj9I93db5kY0%2FBGqPoMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce694fbc99acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
dc_oe=ChMIg_i55uqH-QIVmw1oCB0jbA0_EAAYACDa-stO;met=1;&timestamp=1658332732695;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame F910 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIg_i55uqH-QIVmw1oCB0jbA0_EAAYACDa-stO;met=1;&timestamp=1658332732695;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:52 GMT
server
ATS/9.1.0.46
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 20 Jul 2022 15:58:52 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		130 B
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.hawtcelebs.com%2F&pid=g95TCzhgOhGcR&cb=9&ws=1600x1200&v=8.1.0&t=1000&slots=%5B%7B%22sd%22%3A%22vi_7872651_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_7872651_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C63%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.109.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-109-24.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
61b8c41ac7e32a01152861a5fb8c44bb0a1b5daf2522f93ed7b27c6460d8f8cc
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:53 GMT
via
1.1 749177a97cae42477f22c33c927ca0ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
x-amz-rid
1DTF0P5SQRACXPBW0Z1K
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
130
x-amz-cf-id
IVK_PxgNz8AHBALtoA3jgljdoNUvwYJVdUix6EkyavJmcyzrIKJoTQ==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzdNAKayTtwq-qatt-Ptra-aZMA-qYtweePeeqwBRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNKYUZTRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:52 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GiIBn6w0%2Fqe1lsrCRrW3jcJ47cfwtG74ZjqLavgztA8nytOr8V3R6XbNSj6d5VAkI5ln%2BMpwg2mAgwR0leLQdewXfkyVpNxvj%2FomJUizN3odkAtxqfN2Zwv8bY7xbVQlvXJLEdAfBSJTnilQOBbcsA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce69bd98b9acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzdNeKKqwKwT-ewPq-PtUt-aAaa-rPPaPTewBeYaRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNKYUZTRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:52 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jGuo4TqkKephNMFngIH9qndCIwd6D9Ej5muoY3VAvOl5oGjgFDnJ0PE9HF3orJeWkt5TLwR4fBWC4umoosrizsZUFughRIzOxrmDSE%2BTBuRMiLbsOgTUDzGQcwWjcucx9DvpUjwLL5TaiMGbz0xecg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce69bd98f9acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
87373f0024358a66ae4d84cab88777f7e5dcc9ddde7891c6af585c80f269a330

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:52 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
ROS
pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ 		432 B
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ROS?rnd=0.39745589516073365&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=7.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&ccpa=1---&e_amxId=Ok9KQkRT-W1hNQk5T-BV1NSEVYW1xKUFhA-ND5aXkZXT1pORkVOTFVIXEZVUV9UUE1SUVRaXlYVFhpWUCk&e_criteoId=MLUNIV9ET0pGb3ZWYTZ3WlZ2cVR3NjElMkZ4YiUyQnN3QlN1VTZ3a3V6dW1yNEdiN1Nzd3ptVEthbVBWRWUydFBKJTJCc3Z1OWl3eXI5OERCSWNka0Z0Z2swTDFRand3RmtYcnZMN1VKSU1MaU5jTmllVVlSdVd1MUVqVUR1SSUyQmZCZ04wYSUyRjclMkI1Uw&e_id5id=%257B%2522uid%2522%253A%2522ID5*jnNwuKeYZcsOVbSto75pu65a8BHAhjh3PxQeBIeAuYQbKIGKSWOvkACkC2PDLtsN%2522%252C%2522ext%2522%253A%257B%2522linkType%2522%253A0%257D%257D&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522hawtcelebs.com%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522gwqtxekeva_xon21058336769654%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=3e454c00-a647-473c-8fb6-cfd95d428962
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.125 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
2992739582d1128d83dbc9e7e5bb31db0cde5ddcc0d74b23b2fc8a2b86d0bc35

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:52 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.hawtcelebs.com
expires
Wed, 20 Jul 2022 15:58:52 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
432
x-sid
IAD-1216
unruly_prebid
targeting.unrulymedia.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:52 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		647 B
944 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.193.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-193-118.compute-1.amazonaws.com
Software
/
Resource Hash
b22c34633d521eb14166e6f41b929138d60e1fe3b6ed1350e325b1b02cfc72b7

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 20 Jul 2022 15:58:52 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
462
pbjs
useast.quantumdex.io/auction/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
72dce69bfcfb6dc7-MIA
prebid
ib.adnxs.com/ut/v3/ 		257 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f43ce0fa9703a02593b6aca0a155887aaf6d8bc2271301104ea0910072da241f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:52 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a0030bbf-acb6-415e-96e0-e90b68ab4d8d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
257
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:52 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
146
vary
origin, Accept-Encoding
auction
tlx.3lift.com/header/ 		19 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.2.0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&tmax=1000&us_privacy=1---
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.229.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-229-211.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:52 GMT
accept-ch
sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:52 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ 		188 B
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=123&profileId=185&av=34&wv=7.2.0&cb=98493678142
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
0720adfc95b623b5432369afe1f96bdda775a3c140514c47334e5b90232b20a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:52 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
172
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRmNKYUZTRzdNeaYyaZBT-PrqM-PUaB-qYwe-TUTPZUwKqwUMRlmNKYMbaARdzNwqfftkRqxeNco_KMKYUZT_MRwkjNTRkjmNKYMbaARwlNnqiggllh,thsqffofu,xfkxsn,liqktzikgxui,jxqfzxdrtb,qhhftbxl,qdb,zkohstsoyz,kzwigxlt,ekoztgRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:52 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7hJdQNBZK0t8GsmDT9TPCmE3ioNW20IlhrOvsri1GsUUuPXevvU0wswHsRCoXrZ3eDS1R4CsePDnHTvqpu8WUJFf%2BHXZiW0OlVsQBnO5zMtAw04ZCdvslnDkyw9lYEnPKZIqqwu7JytB06cYkWXtgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce69bf9c99acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRmNKYUZTRzdNrYByZYTT-MwrU-PPZP-qtKZ-KrUPZBZBtYtTRlmNaKAbaARdzNwqfftkRqxeNco_KMKYUZT_KRwkjNTRkjmNaKAbaARwlNthsqffofu,jxqfzxdrtb,qhhftbxl,qdb,zkohstsoyz,kzwigxltRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:52 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=adxtbRaIb4pb6VAZVF50whuzQ%2B0b8suQY2XoAf0zVncmmv7%2Flw0OK4DSYqHuNphG%2Fqw%2B9XRBt%2FQh8dpBcYAhBeGdBanA7YM3gwZRWScUES5urvYzswC5JbYqmItNtl4NvNH8gYMqYuZnp6T2BJ1szQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce69bf9ca9acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
events
bidder.criteo.com/csm/ 		0
219 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Jul 2022 15:58:51 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixels
ssp-sync.criteo.com/user-sync/ 		13 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?ccpa=1---&countrycode=US
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.73 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:52 GMT
content-encoding
br
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 20 Jul 2022 15:58:54 GMT
server
ATS/9.1.0.46
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.hawtcelebs.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.hawtcelebs.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Wed, 20 Jul 2022 15:58:54 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		131 B
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.hawtcelebs.com%2F&pid=g95TCzhgOhGcR&cb=10&ws=1600x1200&v=8.1.0&t=1000&slots=%5B%7B%22sd%22%3A%22vi_7872651_7%22%2C%22s%22%3A%5B%22970x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%2C%7B%22sd%22%3A%22vi_7872651_8%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22Amazon%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A1%7D%5D&schain=1.0%2C1!interdogmedia.com%2C63%2C1%2C%2C%2C&pubid=9cf0c4f1-7630-476b-9141-f4472e005192&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.109.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-109-24.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
b1cbe8d72f70537d96ac4017a2ac07692db6fff26dbc1af46969ff1e0edd92de
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:54 GMT
via
1.1 749177a97cae42477f22c33c927ca0ce.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
x-amz-rid
W06S9213W23XXPGTPZ07
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
131
x-amz-cf-id
_mPJ442iHZs6dsHOmZMKXTsbKUsTv1SWjuTePgBuLYV7ZsqhNVz8XQ==
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzdNqTwMTMaa-KqyT-PrrY-wTMZ-eMaqyKaqwAwZRdzNwqfftkRlmNaKAbaARwlNqdqmgfRkjmNaKAbaARrdzNqdqmgfRwkjNARmNKYUZTRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:54 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgLiGQQLris4Jzi8ca6T8xPQCvF8QKwVeO2m9Kqx7zbBKou%2FEIPeh%2FiD84OGuWX4hBE%2FsqcuOsP%2FpzAzWzBCbERr1bKi1NKQjoDUXwF1L2h93qtGkLyOCijHewk5GgaerYyUY6Kl1LBf5EX0hUNJHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce6a5dd7a9acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
582 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRzdNYaZeyePy-TZYe-PMqw-aTwA-APYAtTteMPUZRdzNwqfftkRlmNKYMbaARwlNqdqmgfRkjmNKYMbaARrdzNqdqmgfRwkjNARmNKYUZTRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:54 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wyBjr8c2sPChtgUlQIRCr6AAxR4nf0gwi8Bns4j7JzONdBskN4YcuxstIE4zxVRX4wNJ9jo83spa9HtEsQ2nxCy0BvCRwrt%2Fj6zm78QOsTFjT%2BEoN7b7ta8BkWyZnEY9DOw82QQHQVyRkDe%2BFfEeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce6a5dd7c9acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
prebid
ib.adnxs.com/ut/v3/ 		252 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
bece47a6ac7117c58458d05e7935b3930b7a653a7f8681f054d73a8ac1363059
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 20 Jul 2022 15:58:54 GMT
X-Proxy-Origin
38.132.118.68; 38.132.118.68; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
6851392e-ffca-40e6-977d-9d48cc27464b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
252
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
useast.quantumdex.io/auction/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://useast.quantumdex.io/auction/pbjs
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods
POST, GET
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cf-ray
72dce6a5eb0c6dc7-MIA
v1
btlr.sharethrough.com/universal/ 		679 B
904 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.193.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-193-118.compute-1.amazonaws.com
Software
/
Resource Hash
3ddda325e83cdc5a855988453a5de2a0a19e1060460998b47a8e5983c06a8b59

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 20 Jul 2022 15:58:54 GMT
content-encoding
gzip
x-openrtb-version
2.5
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.hawtcelebs.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
422
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
287 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
9cb46807f6851d24976745e685f99b7e58138a8c2ac8e53e9ad793c6f20b379a

Request headers

Referer
https://www.hawtcelebs.com/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 20 Jul 2022 15:58:54 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
content-length
66
cdb
bidder.criteo.com/ 		188 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=123&profileId=185&av=34&wv=7.2.0&cb=24090026430
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9e0a3ce58d31f4c083fe46602a74a4ab0e5691ae6e5fadb79718fbf358837dcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:53 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
173
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
180 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:54 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
ROS
pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ 		432 B
756 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2c995/1/www.hawtcelebs.com/ROS?rnd=0.39745589516073365&e=970x90_0%3A970x90%2B728x90_0%3A728x90&ur=https%3A%2F%2Fwww.hawtcelebs.com%2F&pbv=7.2.0&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fwww.hawtcelebs.com%2F&ccpa=1---&e_amxId=Ok9KQkRT-W1hNQk5T-BV1NSEVYW1xKUFhA-ND5aXkZXT1pORkVOTFVIXEZVUV9UUE1SUVRaXlYVFhpWUCk&e_criteoId=MLUNIV9ET0pGb3ZWYTZ3WlZ2cVR3NjElMkZ4YiUyQnN3QlN1VTZ3a3V6dW1yNEdiN1Nzd3ptVEthbVBWRWUydFBKJTJCc3Z1OWl3eXI5OERCSWNka0Z0Z2swTDFRand3RmtYcnZMN1VKSU1MaU5jTmllVVlSdVd1MUVqVUR1SSUyQmZCZ04wYSUyRjclMkI1Uw&e_id5id=%257B%2522uid%2522%253A%2522ID5*jnNwuKeYZcsOVbSto75pu65a8BHAhjh3PxQeBIeAuYQbKIGKSWOvkACkC2PDLtsN%2522%252C%2522ext%2522%253A%257B%2522linkType%2522%253A0%257D%257D&e_pubProvidedId=%255B%257B%2522source%2522%253A%2522hawtcelebs.com%2522%252C%2522uids%2522%253A%255B%257B%2522id%2522%253A%2522gwqtxekeva_xon21058336769654%2522%252C%2522atype%2522%253A1%252C%2522ext%2522%253A%257B%2522stype%2522%253A%2522ppuid%2522%257D%257D%255D%257D%255D&e_pubcid=3e454c00-a647-473c-8fb6-cfd95d428962
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.125 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
2992739582d1128d83dbc9e7e5bb31db0cde5ddcc0d74b23b2fc8a2b86d0bc35

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 20 Jul 2022 15:58:54 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.hawtcelebs.com
expires
Wed, 20 Jul 2022 15:58:54 GMT
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
content-length
432
x-sid
IAD-1216
auction
tlx.3lift.com/header/ 		19 B
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.2.0&referrer=https%3A%2F%2Fwww.hawtcelebs.com%2F&tmax=1000&us_privacy=1---
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
100.25.229.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-100-25-229-211.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Jul 2022 15:58:54 GMT
accept-ch
sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
unruly_prebid
targeting.unrulymedia.com/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.226.210.221 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
pragma
no-cache
date
Wed, 20 Jul 2022 15:58:54 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-7.2.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.hawtcelebs.com
date
Wed, 20 Jul 2022 15:58:53 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
160
vary
origin, Accept-Encoding
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRmNKYUZTRzdNaAeZPtAe-trtB-PPwr-MPPM-MqMtAUKKqZYqRlmNaKAbaARdzNwqfftkRqxeNco_KMKYUZT_KRwkjNTRkjmNaKAbaARwlNqhhftbxl,jxqfzxdrtb,kzwigxlt,thsqffofu,zkohstsoyz,qdbRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:54 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aZ2I2d3O7rCF3uTajwyJwQY%2F7%2Fw6wYwqyxpbIbSGzHZDZSAMX1Ovq%2FQrMTNCEL4tqH6tNF2OZIs6r2Tvd8U0JQgDGN7X5G9JHM0NoW9bwqJ%2B67q5LokPjsHyICuREhVQCRmqrWIAPk0dYh0f2VTgAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce6a5fdaa9acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
cc.jpeg
px.vliplatform.com/bi-v4/ 		0
579 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.vliplatform.com/bi-v4/cc.jpeg?e=rNKMRrtNrtl0zghRmNKYUZTRzdNABrPrAPe-ZwKP-PyKZ-MMPw-tYYYqTPTeKZTRlmNKYMbaARdzNwqfftkRqxeNco_KMKYUZT_MRwkjNTRkjmNKYMbaARwlNqhhftbxl,jxqfzxdrtb,liqktzikgxui,nqiggllh,ekoztg,kzwigxlt,thsqffofu,zkohstsoyz,xfkxsn,qdbRleNpl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::ac43:9e3b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:54 GMT
cf-cache-status
MISS
last-modified
Wed, 20 Jul 2022 15:58:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhyhFeuIwHyTWN6c06j898bZt2ahsN5KdG5QKxbXtzifFavoG6Swl64s4Yabi44e2XoUdiF11pqaMCIXY77Yksm7nnuB5HUAMOjWNwm5w09y%2FSUiSjbVewSdWyqawBxnuKbfi0%2BJSfdXKdFHmyAQvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=864000, immutable
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
72dce6a5fdb09acc-MIA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-robots-tag
noindex, nofollow, noarchive, nosnippet
events
bidder.criteo.com/csm/ 		0
219 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.hawtcelebs.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Jul 2022 15:58:54 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.hawtcelebs.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
pixels
ssp-sync.criteo.com/user-sync/ 		13 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?ccpa=1---&countrycode=US
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.73 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.hawtcelebs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 15:58:54 GMT
content-encoding
br
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.hawtcelebs.com
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=13781
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10593873702528322555&ssp=pubmatic&gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eXXbsn1xje5iIoe-KSGS7ypx3rJifty7KyH8VjXf

Verdicts & Comments Add Verdict or Comment

392 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| __cfQR string| demandSupplySc string| demandSupplyCr number| demandSupplySr object| houseAdCampaigns string| demandSupplyTi number| demandSupplyAp object| demandSupplyTc object| demandSupplyTcI object| demandSupply object| $g object| dspbjs object| _app object| udm_ads_queue boolean| udm_confiant_init object| confiant boolean| udm_edge_init object| _qoptions object| _qevents object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint object| udm_r3 function| quantserve function| __qc object| ezt function| qtrack object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| udm_r3Chunk function| endedHandler function| udm_process_ads_queue function| delete_udm_edge function| reload_udm_edge undefined| $ function| jQuery function| gtag object| dataLayer object| menuItems object| trigger number| width object| bounding number| step function| slideMenu function| __tcfapi function| __uspapi object| google_tag_manager object| _VLIOBJ object| vitag object| _Hasync object| _wau boolean| __cfRLUnblockHandlers object| udmRenderRates boolean| udmVideoPlayerRequested function| w_event function| createElementFromHTML function| stripScripts function| generateID function| checkScriptHead function| observe_mutation function| getCpcPrediction object| WAU_ren function| WAU_classic function| WAU_classic_request function| WAU_r_c function| WAU_insert function| WAU_legacy_b function| WAU_la function| WAU_addCommas function| WAU_lrd function| WAU_lrs function| WAU_cps function| docReady string| GoogleAnalyticsObject function| ga object| udmDefinedBlockedCreativeIds function| udmVideojs object| _molSettings function| InLine__A object| udmVideoPlayer function| udmRenderAd object| _PBCFG function| getEidsByVLI string| tagApi object| viAPItag object| observeElementInViewport function| chfh function| chfh2 string| _HST_cntval object| Histats object| GoogleGcLKhOms object| gaplugins object| gaData object| a object| cv object| _dtspv object| x string| x1 string| x2 object| Tynt object| $sf object| vlipbChunk object| vlipb object| ADAGIO object| mnet string| nobidVersion object| nobid object| regeneratorRuntime function| __tcfapiui string| contentURL string| no_script_tag object| ldAdInit object| data boolean| apstagLOADED object| apstag object| _HistatsCounterGraphics_0_setValues object| lotame_3825 number| char object| _33Across object| _google_rum_ns_ number| google_global_correlator function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google function| Splide object| viSplide object| Criteo object| wpJsonRciWidget object| ua_result function| __NEXT_PRELOADREADY object| revcontent function| renderRCWidget object| _ldAdIdMap function| lotameIsCompatible function| lt3825_ba function| lt3825_b undefined| lt3825_c undefined| lt3825_ca undefined| lt3825_da function| lt3825_ea object| lt3825_e function| lt3825_fa function| lt3825_ga object| lt3825_ object| lt3825_Oa object| lt3825_7 function| lt3825_aa function| lt3825_a function| lt3825_d function| lt3825_f function| lt3825_g function| lt3825_h function| lt3825_i function| lt3825_j function| lt3825_k function| lt3825_ia function| lt3825_ha function| lt3825_l function| lt3825_m function| lt3825_ja function| lt3825_n function| lt3825_o function| lt3825_p function| lt3825_q function| lt3825_r function| lt3825_na function| lt3825_ka function| lt3825_la function| lt3825_t function| lt3825_ma function| lt3825_u function| lt3825_v function| lt3825_w function| lt3825_s function| lt3825_x function| lt3825_y function| lt3825_z function| lt3825_A function| lt3825_oa function| lt3825_B function| lt3825_C function| lt3825_pa function| lt3825_D function| lt3825_E function| lt3825_F function| lt3825_qa function| lt3825_H function| lt3825_I function| lt3825_G function| lt3825_ra function| lt3825_J function| lt3825_K function| lt3825_sa function| lt3825_ta function| lt3825_L function| lt3825_ua function| lt3825_va function| lt3825_wa function| lt3825_Aa function| lt3825_xa function| lt3825_ya function| lt3825_za function| lt3825_Ba function| lt3825_Da function| lt3825_Ca function| lt3825_M function| lt3825_Ea function| lt3825_Fa function| lt3825_Ga function| lt3825_Ha function| lt3825_Ia function| lt3825_Ja function| lt3825_Ka function| lt3825_La function| lt3825_Ma function| lt3825_N function| lt3825_O function| lt3825_P function| lt3825_Q function| lt3825_R function| lt3825_S function| lt3825_T function| lt3825_U function| lt3825_V function| lt3825_W function| lt3825_X function| lt3825_Y function| lt3825_Z function| lt3825_Na function| lt3825__ function| lt3825_0 function| lt3825_1 function| lt3825_2 function| lt3825_Pa function| lt3825_4 function| lt3825_Qa function| lt3825_Sa function| lt3825_Ra function| lt3825_Ua function| lt3825_Ta function| lt3825_3 function| lt3825_Va function| lt3825_Wa function| lt3825_Xa function| lt3825_Ya function| lt3825_Za function| lt3825__a function| lt3825_5 function| lt3825_6 function| lt3825_0a function| lt3825_1a function| lt3825_2a function| lt3825_3a function| lt3825_4a function| lt3825_5a function| lt3825_6a function| lt3825_7a function| lt3825_8a function| lt3825_9a function| lt3825_8 function| lt3825_bb function| lt3825_cb function| lt3825_ab function| lt3825_$a function| lt3825_eb function| lt3825_db function| lt3825_gb function| lt3825_fb function| lt3825_hb function| lt3825_ib function| lt3825_jb function| lt3825_kb function| lt3825_lb function| lt3825_mb function| lt3825_ob function| lt3825_rb function| lt3825_qb function| lt3825_nb function| lt3825_ub function| lt3825_pb function| lt3825_sb function| lt3825_wb function| lt3825_vb function| lt3825_xb function| lt3825_tb function| lt3825_yb function| lt3825_zb function| lt3825_Ab function| lt3825_9 function| lt3825_Bb function| lt3825_Cb function| lt3825_Db function| lt3825_Eb function| lt3825_Fb function| lt3825_$ function| lt3825_Gb function| lt3825_Hb function| lt3825_Ib function| lt3825_Jb function| lt3825_Kb function| lt3825_Lb function| lt3825_Mb function| lt3825_Ob function| lt3825_Pb function| lt3825_Qb function| lt3825_Nb object| owpbjsChunk object| owpbjs object| PWT string| partnerName string| key function| dspCriteoRTUSCallback object| google_image_requests number| j object| item object| goog_ddm_ps object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 object| criteo_syncframe_state number| lnt_z

356 Cookies

Domain/Path Name / Value
map.go.affec.tv/map/an Name: oo
Value: 1
.3lift.com/sync Name: sync
Value: CgoIoQEQqfnU4qEwCgoIgQIQqfnU4qEwCgoI4gEQqfnU4qEwCgoI5gEQqfnU4qEwCgoIhwIQqfnU4qEwCgkICRCp-dTioTAKCQg6EKn51OKhMAoJCAsQqfnU4qEwCgoIjAIQqfnU4qEwCgkIXxCp-dTioTA=
live.demand.supply/ Name: demandSupplyTi
Value: ffb5bc00-f573-434b-bc10-51f6fd1955b7
.udmserve.net/ Name: dt
Value: 72F6A493-DD1B-345C-BF53-A87716F1A201
.casalemedia.com/ Name: CMID
Value: YtgmLaNUKrapf3hd7CxpWwAA
.casalemedia.com/ Name: CMPS
Value: 362
.casalemedia.com/ Name: CMPRO
Value: 362
.adnxs.com/ Name: uuid2
Value: 8343254669216575683
.udmserve.net/ Name: apnid
Value: 8343254669216575683
www.hawtcelebs.com/ Name: udmsrc
Value: %7B%7D
www.hawtcelebs.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.udmserve.net/ Name: indx
Value: YtgmLaNUKrapf3hd7CxpWwAAAWoAAAAB
.pubmatic.com/ Name: KADUSERCOOKIE
Value: CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
.quantserve.com/ Name: mc
Value: 62d8262d-e84ff-ee6a8-9c1df
.hawtcelebs.com/ Name: __qca
Value: P0-1034272385-1658332717914
.hawtcelebs.com/ Name: __gads
Value: ID=6a508daada1d94eb-224b97d37d7c00f8:T=1658332717:S=ALNI_MaukKVP04GfaIlexVnJxeXO-fcAzg
.hawtcelebs.com/ Name: __gpi
Value: UID=00000794ec13219b:T=1658332717:RT=1658332717:S=ALNI_MYw2x_GRRXSVW_v0IGdJyfcI5j_2A
.doubleclick.net/ Name: IDE
Value: AHWqTUmr-WrvGVftKHL891PhVHq-TI7SPLCNtOE18BAQggjZryXcZXliMmpXBaIrQH4
.yieldoptimizer.com/ Name: ph
Value: %7B%22p%22%3A%5B%5D%2C%22t%22%3A%5B%5D%7D
.yieldoptimizer.com/ Name: fbh0
Value: %7B%7D
.yieldoptimizer.com/ Name: dph
Value: %7B%22t%22%3A%5B%5D%2C%22dp%22%3A%5B%5D%7D
.yieldoptimizer.com/ Name: gcma
Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/ Name: rmxc
Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/ Name: cktst
Value: 524919801
.yieldoptimizer.com/ Name: itk
Value: xgDO1czNfZDNxAjMxMjN4IDNwEzN1YjM
.yieldoptimizer.com/ Name: ckid
Value: 2027558419193
.udmserve.net/ Name: pmid
Value: CAC5EC0D-09F2-4CA3-8675-3FEACEEFA707
www.hawtcelebs.com/ Name: __ppIdCC
Value: gwqtxekeva_xon21058336769654
www.hawtcelebs.com/ Name: HstCfa1890596
Value: 1658332720299
www.hawtcelebs.com/ Name: HstCla1890596
Value: 1658332720299
www.hawtcelebs.com/ Name: HstCmu1890596
Value: 1658332720299
www.hawtcelebs.com/ Name: HstPn1890596
Value: 1
www.hawtcelebs.com/ Name: HstPt1890596
Value: 1
www.hawtcelebs.com/ Name: HstCnv1890596
Value: 1
www.hawtcelebs.com/ Name: HstCns1890596
Value: 1
.dtscout.com/ Name: df
Value: 1658332720
.dtscout.com/ Name: l
Value: 4C3016583327209843EADB3AECDD644B
.hawtcelebs.com/ Name: _ga
Value: GA1.2.837706208.1658332718
.hawtcelebs.com/ Name: _gid
Value: GA1.2.1251686778.1658332720
.hawtcelebs.com/ Name: _gat_gtag_UA_10995097_8
Value: 1
.go.sonobi.com/ Name: __uis
Value: 3afbcbaa-855f-4f46-97fd-4e30594221a5
.go.sonobi.com/ Name: _usd_hawtcelebs.com
Value: 7ad008a2-4660-4290-b417-50c718457257
.go.sonobi.com/ Name: __uih
Value: 1
.go.sonobi.com/ Name: __uir_bw
Value: 1
.go.sonobi.com/ Name: __uir_mm
Value: 1
.go.sonobi.com/ Name: __uir_td
Value: 1
.go.sonobi.com/ Name: __uir_zt
Value: 1
.go.sonobi.com/ Name: __uir_pp
Value: 1
.a-mo.net/ Name: amuid2
Value: beec9f7c-bab7-46d9-b2e1-a84b64afadeb
.prebid.a-mo.net/ Name: sd_amuid2
Value: beec9f7c-bab7-46d9-b2e1-a84b64afadeb
.technoratimedia.com/ Name: tads_uid
Value: E175F4900EB147A79F0B69C11A4B77A0
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220720115840-0400
.technoratimedia.com/ Name: tads_zora
Value: 2
.yahoo.com/ Name: A3
Value: d=AQABBDAm2GICEFUVMEj0ZrKioLObjkOmzkUFEgEBAQF32WLiYgAAAAAA_eMAAA&S=AQAAAkGiloTA8obUoknfimv1eQ0
.hawtcelebs.com/ Name: __dtsu
Value: 4C3016583327209843EADB3AECDD644B
.sharethis.com/ Name: __stid
Value: ZHoABWLYJjAAAAAIUHkGAw==
.sharethis.com/ Name: __stidv
Value: 2
.udmserve.net/ Name: geode
Value: "63783104320:38.132.118.68:840:C57:D501:S33:us:new york:New York:00000:broadband:hosting:vpn"
.dtscout.com/ Name: m
Value: 2
.dtscout.com/ Name: st
Value: 2
.dtscout.com/ Name: oa
Value: 2
.onaudience.com/ Name: cookie
Value: cd2175c102830f52
.onaudience.com/ Name: done_redirects147
Value: 1
.rubiconproject.com/ Name: khaos
Value: L5TSHGLI-U-ECYW
.dtscdn.com/ Name: uid
Value: 4C3016583327209843EADB3AECDD644B
.tynt.com/ Name: uid
Value: CoIKSmLYJjBu1V7aKVimAg==
.hawtcelebs.com/ Name: lotame_domain_check
Value: hawtcelebs.com
pbjs.e-planning.net/ Name: CT
Value: 1
.quantumdex.io/ Name: uid
Value: 1f87a643-340d-4d8e-9fb5-1b4df7a7eff3
.adsrvr.org/ Name: TDID
Value: d6c6a7da-85eb-47bb-8b66-b02f00a05cb2
.decide.dev/ Name: account_id
Value: 15282210832057088
.decide.dev/ Name: login_token
Value: %2215282210832057088%7C1666108721067%3A%7Call%7CbHZGvMnXIo89qCB0m0BmiJBNdlmFZYdP%2BbO1Cil7FRq9DO4ckwJhWRu3Kp8csl0PVzRXSrx7Kr%2B7t05969jJVw%3D%3D%22
.decide.dev/ Name: ldrid
Value: bqGRk1ybS4Nn30Y%2FVqJHN4yapaiCX341LJX6ZOqShU8CSF8kA5%2FFuoDvuKmjXHDfNFL%2BtpeKK3ulyYvlc3DEIXVKN4TtZS%2FGuljmXMwrP%2F65tEqK7ftieH6ahK7RFupV
.e-planning.net/ Name: E
Value: ALpCBplDmycqep85
.sharethrough.com/ Name: stx_user_id
Value: 4d9c16ec-80de-44af-9601-927d92605670
.aralego.com/ Name: sspid
Value: 03e23cc9-0920-31e8-b998-bf8bbf043466
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 23b3b44991744da7949e4f4ef5c970c5
www.hawtcelebs.com/ Name: udm_session_rad
Value: 1
.hawtcelebs.com/ Name: _pubcid
Value: 62c6a05b-1b7b-48a8-8fc9-ced8a4e31e88
.onaudience.com/ Name: done_redirects104
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: A0WUc7P54kwNiG-JZpOIMG8
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%221d819f216e%22%2C%22f%22%3A1%2C%22ts%22%3A1658332721308%7D%2C%7B%22p%22%3A%2207dc82ae68%22%2C%22f%22%3A1%2C%22ts%22%3A1658332721308%7D%2C%7B%22p%22%3A%220c1ae001bf%22%2C%22f%22%3A1%2C%22ts%22%3A1658332721308%7D%2C%7B%22p%22%3A%224bbb341d17%22%2C%22f%22%3A1%2C%22ts%22%3A1658332721308%7D%2C%7B%22p%22%3A%227361b0e8e4%22%2C%22f%22%3A1%2C%22ts%22%3A1658332721308%7D%2C%7B%22p%22%3A%22e9b03986ff%22%2C%22f%22%3A1%2C%22ts%22%3A1658332721308%7D%5D
.hawtcelebs.com/ Name: _cc_id
Value: 23b3b44991744da7949e4f4ef5c970c5
.ml314.com/ Name: pi
Value: 3628755140668817450
.onaudience.com/ Name: done_redirects236
Value: 1
.tapad.com/ Name: TapAd_TS
Value: 1658332721497
.tapad.com/ Name: TapAd_DID
Value: 72b09538-e154-472b-9fb0-46549e06af35
.bluecava.com/ Name: lv
Value: 2022-07-20 15:58:41Z
.bluecava.com/ Name: acx
Value: dhttx|^JoR2RA==|InaQt2hq2gg=|$ipatx|^JoR2RA==|wnaQt2hq2gg=|$lipx|^2022-07-20 15:58:41Z|$pt|^H4sIADEm2GIA/wXCyQ2AQAgAwF74k3CKWMXWwLIPEwswUXs3Mw+w+aTowqw2NKPGZCUsr0hb0+aKd5z3uuCATSM1JV3YhXwXgu8HvLeHokMAAAA=
.bluecava.com/ Name: idx
Value: dxx|^097a4bcc-ac6d-415f-ac74-4d3e599b1767|$mx|^307961ce-6cb7-451d-892b-28c7622f3b7a
.t.sharethis.com/ Name: pxcelPage_default_c010_C
Value: 2_0_1658332721339
.linkedin.com/ Name: li_sugr
Value: 5b9634fc-fb2f-46c9-a2ce-c5657bab8f46
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&9de4db28-1e2c-4b5b-84a0-8cb708d1b062"
.linkedin.com/ Name: lidc
Value: "b=VGST04:s=V:r=V:a=V:p=V:g=2677:u=1:x=1:i=1658332721:t=1658419121:v=2:sig=AQF5Va5cisvxlQ5KuC5Xpx7i2pzj97jM"
.crsspxl.com/ Name: uid
Value: 912626507062985202
.crsspxl.com/ Name: uuid
Value: 28fdd833-4af0-4abe-82b0-c0b64bacb4d2
.33across.com/ Name: 33x_ps
Value: u%3D78147065046372%3As1%3D1658332721606%3Ats%3D1658332721606
.crsspxl.com/ Name: st_c
Value: 1
.go.affec.tv/ Name: ck
Value: 62d8263129b51300010ca2fc
.go.affec.tv/ Name: oo
Value: 1
.smartadserver.com/ Name: pid
Value: 1278341628099599906
.3lift.com/ Name: tluid
Value: 1862237872783926789061
.mgid.com/ Name: muidn
Value: m6kFwO2L-6W8
.mgid.com/ Name: __cf_bm
Value: qdAwDfG_U.C7ginXyPvxc4k53UBiV92DTcbPwhDCL8I-1658332721-0-AWPPVsEjxDAq+KSbL5ZMdD/KRsz6gxTbTcEkZb40H+2QSmO+0z2W+FzMUWg/VaPP1UKWOqDgKBZKJWZhrom8zJU=
.truoptik.com/ Name: to_master_s
Value: be6c5ae8e316dc8b98a574243d048647
.truoptik.com/ Name: to_version_s
Value: b2
.smaato.net/ Name: SCM
Value: 252eabd
.smaato.net/ Name: SCMaps
Value: 252eabd
.adsymptotic.com/ Name: U
Value: d375acd134b0e7d4bd75d240d92f5c58
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bku
Value: 4tL99eWZtsvy2gXi
.bidr.io/ Name: bito
Value: AABXF07FsEwAABBUGzwKHw
.bidr.io/ Name: bitoIsSecure
Value: ok
.agkn.com/ Name: ab
Value: 0001%3AbKDZOT6uqO%2FiaWeS%2FqAMtHOT61H19ldI
.ipredictive.com/ Name: cu
Value: d3832960-0844-11ed-8d4b-7527f8cc64c7|1658332721774
.surveywall-api.survata.com/ Name: svResp
Value: dda9e798-8e67-f003-0e5c-1d77e8b141a9
.pippio.com/ Name: didts
Value: 1658332721
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: did
Value: hZEdlxlFgtjUOFdz
.demdex.net/ Name: demdex
Value: 75380306836493605940184551906796271848
cm.mgid.com/ Name: mg_sync
Value: {}
.krxd.net/ Name: _kuid_
Value: O-AAzYc6
.dpm.demdex.net/ Name: dpm
Value: 75380306836493605940184551906796271848
.simpli.fi/ Name: suid
Value: 0424DC42359B4A23A341971B284D6076
.go.affec.tv/ Name: pt
Value: eyJhbiI6eyJkdCI6MTY1ODMzMjcyMSwiaWQiOiI4MzQzMjU0NjY5MjE2NTc1NjgzIiwibHMiOjE2NTgzMzI3MjF9LCJ0dCI6eyJkdCI6MTY1ODMzMjcyMSwiaWQiOiJDb0lLU21MWUpqQnUxVjdhS1ZpbUFnPT0iLCJscyI6MTY1ODMzMjcyMX0sInYiOjB9|1658332721|a2acb97232c5a6418b74df8a0ffc4c942d2a892c
.zeotap.com/ Name: zc
Value: fb06f0d5-2a23-442a-49d2-a16f1ea47dfc
.mathtag.com/ Name: uuid
Value: 0be862d8-2632-4700-b4a9-ffbbf32e26e2
.sitescout.com/ Name: ssi
Value: eaafd2ac-3bea-4dab-a914-365d3fa01772#1658332722009
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-29c839e0-9eb4-49f4-6cdf-70a1802b7ee9.CMP6APUjzi1Yy6qfKrNdr%2BCTEbBe9ldrek5ByLGV174
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AKcg54J60SfRs33ChgCt-6SaEdkQ.PPY2gzEoKes2XwoGHAq3CJScs%2BPMI8lW5ggIoYHFwdM
.crsspxl.com/ Name: dcid
Value: 1
.eyeota.net/ Name: mako_uid
Value: 1821c5533b8-20480000010a593f
.turn.com/ Name: uid
Value: 2394348841350322825
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: clzhosqhxg0bcfxmysfbmsrg
.criteo.com/ Name: uid
Value: fa6714ef-baf8-4dc7-afd6-6d8f4e195305
.mfadsrvr.com/ Name: tuuid
Value: f74425d5-0fc4-4ef4-99f7-238315af2c7a
.mfadsrvr.com/ Name: c
Value: 1658332722
.mfadsrvr.com/ Name: tuuid_lu
Value: 1658332722
.bidswitch.net/ Name: tuuid
Value: 622885e8-69bc-4dce-b7b7-33df6ad940af
.bidswitch.net/ Name: c
Value: 1658332722
.bidswitch.net/ Name: tuuid_lu
Value: 1658332722
.eyeota.net/ Name: SERVERID
Value: 22755~DM
.zemanta.com/ Name: zuid
Value: 7EcbTJ0xr6mloBuw1D0R
ib.mookie1.com/ Name: ASP.NET_SessionId
Value: yrmyc01ukyipvnlaj3qyxdnc
.ib.mookie1.com/ Name: ibkukiuno
Value: s=d913ac67-f450-4647-9388-ff39cc1cb494&h=&v=0&l=-8585432741629807211&op=&hl=0&vlu=0&tcs=1&dcc=-8585432741629807211
.ib.mookie1.com/ Name: ibkukinet
Value: 646215236=-8585432741629807211
.mfadsrvr.com/ Name: bsw_uid
Value: 622885e8-69bc-4dce-b7b7-33df6ad940af
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1658332722!revcontent,1658332722
.revcontent.com/ Name: v1_154
Value: 1
.revcontent.com/ Name: v1_3
Value: 1
.fg8dgt.com/ Name: tuuid
Value: 22aa9c10-9b20-4b15-8b51-501e79f03448
.fg8dgt.com/ Name: c
Value: 1658332722
.revcontent.com/ Name: __ID
Value: 6634004babb945f39f2ad722682c01f1
.revcontent.com/ Name: v1_118
Value: 1
.taboola.com/ Name: t_gid
Value: d297a475-8211-4841-8bbb-a8ce2d7a76bb-tuct9d1abb2
.fg8dgt.com/ Name: tuuid_lu
Value: 1658332723
.admixer.net/ Name: am-uid
Value: 34088094723f4b27b0cd233dccdaed15
www.hawtcelebs.com/ Name: _lr_retry_request
Value: true
www.hawtcelebs.com/ Name: _lr_env_src_ats
Value: false
www.hawtcelebs.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22d6c6a7da-85eb-47bb-8b66-b02f00a05cb2%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-06-20T15%3A58%3A43%22%7D
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDJOMk4yMbG0NDQ3MUlJNLc0sUw1STNJTTNNtjQ3SDZlAIKkG2rGIBoKAESQCio%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIuqFmDKSgAAAUXwGU"
.hawtcelebs.com/ Name: panoramaId_expiry
Value: 1658419123485
tk.airfrance.fr/ Name: uid
Value: rB8BPWLYJjOcNQ47Y5G2Ag==
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.contextweb.com/ Name: V
Value: R1Ioz9Sk500U
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 0dbf026991e37985
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSsjQ3MDA2NjQ1Mzc0N7O0MLUwFuIz1C0sNnTOysxPTPcyyAYA6_5pfyQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSsjQ3MDA2NjQ1Mzc0N7O0MLUwFuIz1C0sNnTOysxPTPcyyAYA6_5pfyQAAAA
.go.sonobi.com/ Name: __uin_td
Value: d6c6a7da-85eb-47bb-8b66-b02f00a05cb2
.go.sonobi.com/ Name: __uin_mm
Value: 0be862d8-2632-4700-b4a9-ffbbf32e26e2
.go.sonobi.com/ Name: __uin_bw
Value: 622885e8-69bc-4dce-b7b7-33df6ad940af
.go.sonobi.com/ Name: __uin_zt
Value: 970033156717698583
.go.sonobi.com/ Name: HAPLB8S
Value: s85147|YtgmK
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.go.sonobi.com/ Name: __uin_pp
Value: R1Ioz9Sk500U
.t.sharethis.com/ Name: pxcelBcnLcy
Value: 75
.contextweb.com/ Name: ccpa
Value: 1---
.smaato.net/ Name: SCMs
Value: 252eabd
.c.bing.com/ Name: MR
Value: 0
.smaato.net/ Name: SCMp
Value: 252eabd
.bing.com/ Name: MUID
Value: 236D4B07EF086CF33F525AE0EE126D54
.openx.net/ Name: i
Value: 6bed1b67-f368-46fd-b26f-649d6843e8f2|1658332724
.mookie1.com/ Name: id
Value: 10593873702528322555
.mookie1.com/ Name: mdata
Value: 1|10593873702528322555|1658332724686
.mookie1.com/ Name: ov
Value: 90eb1bf5818025656b53223254f013ef
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: tuuid
Value: bb9c4bf7-bb16-53c9-8d20-a972eff88f46
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABXF07FsEwAABBUGzwKHw
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYW14Ijp7InVpZCI6ImJlZWM5ZjdjLWJhYjctNDZkOS1iMmUxLWE4NGI2NGFmYWRlYiIsImV4cGlyZXMiOiIyMDIyLTA4LTAzVDE1OjU4OjQ0LjcyMDM0MjQ4OFoifSwicnViaWNvbiI6eyJ1aWQiOiJMNVRTSEdMSS1VLUVDWVciLCJleHBpcmVzIjoiMjAyMi0wOC0wM1QxNTo1ODo0NC43MTk4MTkxMTZaIn19LCJiZGF5IjoiMjAyMi0wNy0yMFQxNTo1ODo0NC43MTk4MTc4MjRaIn0=
.a-mx.com/ Name: amuid2
Value: beec9f7c-bab7-46d9-b2e1-a84b64afadeb
.betweendigital.com/ Name: ut
Value: YtgmNAAMVECeOYwqe3AfM7kS1xx6GJXDFoFaRA==
.hawtcelebs.com/ Name: cto_bundle
Value: ke0pq19Jdm5TWjdHUGNPMUN3YUNYVWVaUWxweUZlaW5aN0p5ZG1lc29aUDhKRmpySHVsWG55NVUwYmJKMFlheHB1aHJUNzBYN3E0TmhpSUMzOHJhb0djJTJCb28xcSUyQlAlMkJsTUlER253RWo0VWlpSmx5VWxseEFRdUh6NUVHViUyQlNTaUFYbVFJdmtzT3lsJTJGVlFnUTU0bERyb2NiUDlnJTNEJTNE
.hawtcelebs.com/ Name: cto_bidid
Value: MLUNIV9ET0pGb3ZWYTZ3WlZ2cVR3NjElMkZ4YiUyQnN3QlN1VTZ3a3V6dW1yNEdiN1Nzd3ptVEthbVBWRWUydFBKJTJCc3Z1OWl3eXI5OERCSWNka0Z0Z2swTDFRand3RmtYcnZMN1VKSU1MaU5jTmllVVlSdVd1MUVqVUR1SSUyQmZCZ04wYSUyRjclMkI1Uw
.media.net/ Name: data-pbs
Value: setstatuscode~~1
pb-server.ezoic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiYmVlYzlmN2MtYmFiNy00NmQ5LWIyZTEtYTg0YjY0YWZhZGViIiwiZXhwaXJlcyI6IjIwMjItMDgtMDNUMTU6NTg6NDQuODU1ODMyMTAyWiJ9fSwiYmRheSI6IjIwMjItMDctMjBUMTU6NTg6NDQuODU1ODI2ODE1WiJ9
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.aralego.com/ Name: usprivacy
Value: 1---
.brand-display.com/ Name: _knxq_
Value: 17705b2f-6973-175a-722a3f64.1658332724.0.1658332724.1658332724
.adform.net/ Name: C
Value: 1
.ow.pubmatic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiYmVlYzlmN2MtYmFiNy00NmQ5LWIyZTEtYTg0YjY0YWZhZGViIiwiZXhwaXJlcyI6IjIwMjItMDgtMDNUMTU6NTg6NDQuODc3MzkzMzQ1WiJ9fSwiYmRheSI6IjIwMjItMDctMjBUMTU6NTg6NDQuODc3Mzg5NTYxWiJ9
.media.net/ Name: visitor-id
Value: 3013343241523617000V10
.exelator.com/ Name: EE
Value: "d267d810e2b37fea85fde9c08c0aeeeb"
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.sportradarserving.com/ Name: zuuid
Value: 7258d0e8-a959-4131-8406-155c6b6e063e
.sportradarserving.com/ Name: c
Value: 1658332724
.mookie1.com/ Name: syncdata_TAP
Value: 1
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHFyMw8xcLQINUoydg8LTXRwjQtJdUy2cAi2SAxNTU1aXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAeEl%252BUWb6otDgxUUpaQyLSopPBR%252Fk0wYA7Fgqng%253D%253D"
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~264f:196y~264f:197l~264f:192w~264f:18z8~264f"
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEELjQeFb8DKxb4mvpUSQ3dM&KRTB&22987-CAESEELjQeFb8DKxb4mvpUSQ3dM&KRTB&23025-CAESEELjQeFb8DKxb4mvpUSQ3dM&KRTB&23386-CAESEELjQeFb8DKxb4mvpUSQ3dM
.mookie1.com/ Name: syncdata_IOW
Value: 1
.disqus.com/ Name: zeta-ssp-user-id
Value: 54d22a5c-f5e4-ff4a-7b3d-4730cd6c799b
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.prebid.a-mo.net/ Name: _sv3_6
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:0424DC42359B4A23A341971B284D6076
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&KRTB&22918-d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&KRTB&22926-d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&KRTB&23031-d6c6a7da-85eb-47bb-8b66-b02f00a05cb2
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-d3832960-0844-11ed-8d4b-7527f8cc64c7&KRTB&23011-d3832960-0844-11ed-8d4b-7527f8cc64c7&KRTB&23355-d3832960-0844-11ed-8d4b-7527f8cc64c7
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2394348841350322825&KRTB&23150-2394348841350322825
.eqads.com/ Name: EQUser
Value: UID=3a47d2e6-bada-4d03-8fba-97521d60631d
.adform.net/ Name: uid
Value: 7650510858995602230
.technoratimedia.com/ Name: tads_uidp_73
Value: AABXF07FsEwAABBUGzwKHw
.deepintent.com/ Name: CDIUSER
Value: di_dfbf1dd067b6470997f89
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:0be862d8-2632-4700-b4a9-ffbbf32e26e2&KRTB&16736-uid:0be862d8-2632-4700-b4a9-ffbbf32e26e2&KRTB&23019-uid:0be862d8-2632-4700-b4a9-ffbbf32e26e2&KRTB&23208-uid:0be862d8-2632-4700-b4a9-ffbbf32e26e2
.pippio.com/ Name: pxrc
Value: CLLM4JYGEgQIAhAAEgYI3awrEAASBgjfrCsQAw==
.sportradarserving.com/ Name: zuuid_lu
Value: 1658332725
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1658332725
.mookie1.com/ Name: syncdata_NEU
Value: 1
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: callback
Value:
.owneriq.net/ Name: si
Value: Q7116191251797004622
.w55c.net/ Name: wfivefivec
Value: jafXLkYk1Oec615
.lijit.com/ Name: ljt_reader
Value: FAgeSLZHo8TuhUBRRuqMzo78
.smartadserver.com/ Name: csync
Value: 127:AABXF07FsEwAABBUGzwKHw
.w55c.net/ Name: matchcasale
Value: 5
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16100%3b%24o%3d11100
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8343254669216575683&KRTB&23339-8343254669216575683&KRTB&23388-8343254669216575683
.adnxs.com/ Name: anj
Value: dTM7k!M40me8)4*ghqdmU(7TLR1^sp#?nGoNW9ThRe4r:[f-zyRnu7%mKLc'f]Q.Zv>[rmft63/?.7*DDLio_h=1O90Kc<2(EfLAgb2jG<@9Gn18f!=4@muf5cuO)BmCsJeHW^>1.Q0UiHD3RgXssu3iWaOCokE7T!5EDTI9UL9I8'#Xy1!lG=pG%:DOuPIR81yIGz.ZL-[=LVZC8C_K=PxP-HC_#ty[o5$rYZ
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiYmVlYzlmN2MtYmFiNy00NmQ5LWIyZTEtYTg0YjY0YWZhZGViIiwiZXhwaXJlcyI6IjIwMjItMTAtMThUMTU6NTg6NDRaIn0sInNtaWxld2FudGVkIjp7InVpZCI6ImUzYTE3OThlYzcwOGYxNTNlMjkzZGQ2N2M0M2Y1YWFjIiwiZXhwaXJlcyI6IjIwMjItMTAtMThUMTU6NTg6NDVaIn19LCJiaXJ0aGRheSI6IjIwMjItMDctMjBUMTU6NTg6NDRaIn0=
.id5-sync.com/ Name: id5
Value: 21327e28-3899-4d8f-bde0-8dd79f027dd4#1658332725004#2
ads.stickyadstv.com/ Name: UID
Value: c7821dd282fafbbf98d2ebe5f9b7ebf
ads.stickyadstv.com/ Name: sessionId
Value: cddff52b38b69d9d5297ab6c5b58b6e7
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1f2a|4is.0.CAESEOXNcBxXp9rbKJpUeyw0N_E|7bs.0.1|7LJ.0.3afbcbaa-855f-4f46-97fd-4e30594221a5|7dN.0.AABXF07FsEwAABBUGzwKHw
.rlcdn.com/ Name: rlas3
Value: sYIlZveg9uuSoS/OcVX2QZAbqBeML+0kRDLzQ6+SUGY=
.rlcdn.com/ Name: pxrc
Value: CLTM4JYGEgUI6EcQABIGCLjrARAAEgYIkLwrEAE=
.quantumdex.io/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsicnViaWNvbiI6eyJ1aWQiOiJMNVRTSEdMSS1VLUVDWVciLCJleHBpcmVzIjoiMjAyMi0wOC0wM1QxNTo1ODo0NS4yOTE4N1oifX0sImJkYXkiOiIyMDIyLTA3LTIwVDE1OjU4OjQ1LjI5MTcxOFoifQ==
.360yield.com/ Name: tuuid
Value: dd6578ab-4ece-4f4b-acad-7973cbec3b22
.360yield.com/ Name: tuuid_lu
Value: 1658332725
.creativecdn.com/ Name: u
Value: l5vyLtLLbMx5GDYxrFdU
.creativecdn.com/ Name: ts
Value: 1658332725
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.connectad.io/ Name: uid
Value: LQ1c1jeXDvqXCvD0pQRdcmiK5hnzgR9RYUHuBaf8
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bGElA9opqfz3qS5Bv7H1ouoxdnNVF8ci15uCi/yklARtIm3ZcaNWmvTIngCZ8sE9vVAMA48T2bttHKY++jymV4/rR50Es95ldV3tQZanXB3xC5CKjgN0siQTc5gaaihuXs=
.spotxchange.com/ Name: audience
Value: d5baf2a2-0844-11ed-8cf7-1f45e0b00203
.openx.net/ Name: pd
Value: v2|1658332725|vMgahEkWgyiK
.dotomi.com/ Name: DotomiTest
Value: 4fdcaaeb87851201
.casalemedia.com/ Name: CMRUM3
Value: 2862d8263527603a47d2e6-bada-4d03-8fba-97521d60631d&3962d8263505a0&0362d8263427600be862d8-2632-4700-b4a9-ffbbf32e26e2&0d62d8263505a0&b062d8263405a0&2f62d826352760jafXLkYk1Oec615&2962d8263505a0&5162d826342760uv15_L75L6ChqiXw6qkwoen5fPyh9n716KlbO8My&ce62d8263405a0&2e62d8263427608343254669216575683&f162d8263405a0&3362d826352760622885e8-69bc-4dce-b7b7-33df6ad940af&5862d8263405a0&2d62d8262e05a0CAESEAYJZLu_G5FX6TqcGUxx0o4&4162d8263505a0AAAGZoj4_ebmxQNB-cuWAAAAAAA&1f62d826352760Q7116191251797004622&6962d8263505a0&e662d826342760&be62d8263527608343254669216575683&8362d82635276018072662294236259296&c462d8263505a0&4062d826352760eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553&9862d826352760a7e1e7d8-2c6b-41cb-9097-33166d94dd4f&bf62d82635276017705b2f-6973-175a-722a3f64&4962d8263505a0&6f62d8263527608424493705991858542&2762d826342760d6c6a7da-85eb-47bb-8b66-b02f00a05cb2&0462d8263527602394348841350322825&c362d826342760av-a8519086-127d-4882-b755-945c81c159db&0862d8263505a0&7b62d8263505a0&5a62d8263427600424DC42359B4A23A341971B284D6076&1a62d826352760d297a475-8211-4841-8bbb-a8ce2d7a76bb-tuct9d1abb2&8262d826352760AABXF07FsEwAABBUGzwKHw
.casalemedia.com/ Name: CMST
Value: YtgmNGLYJjUA
.go.sonobi.com/ Name: __uin_z1
Value: 1
.go.sonobi.com/ Name: __uir_z1
Value: 1
.go.sonobi.com/ Name: __uin_iq
Value: 1
.go.sonobi.com/ Name: __uir_iq
Value: 1
.go.sonobi.com/ Name: __uir_lr
Value: 1
.go.sonobi.com/ Name: __uin_i5
Value: 1
.go.sonobi.com/ Name: __uir_i5
Value: 1
.go.sonobi.com/ Name: __uin_tp
Value: 1
.go.sonobi.com/ Name: __uir_tp
Value: 1
.go.sonobi.com/ Name: HAPLB8G
Value: s8540|YtgmO
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAPvFyGtoZmphbGxkbmRqbmGyShTBN7Y0swAAdT9i5CAAAAA
.openx.net/ Name: univ_id
Value: 537072971|d6c6a7da-85eb-47bb-8b66-b02f00a05cb2|1658332725794306
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAGZXgfzA2oFwMGXSdEAAAAAAA&KRTB&22713-AAAGZXgfzA2oFwMGXSdEAAAAAAA&KRTB&22715-AAAGZXgfzA2oFwMGXSdEAAAAAAA
www.hawtcelebs.com/ Name: udm_session
Value: 4
www.hawtcelebs.com/ Name: udm_edge_floater_fcap
Value: %5B1658332725927%2C1658332723306%2C1658332720688%5D
beacon.lynx.cognitivlabs.com/ Name: UID
Value: c8716e60-872d-4a68-ad1b-74d47f4a7d71
.adgrx.com/ Name: ADGRX_UID
Value: d5fbdb76-0844-11ed-b6d2-1ec24d012f91
.dyntrk.com/ Name: dyn_u
Value: 06030001_62d82635ea076
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY1ODMzMjcyNTk2NSwiMjQiOjE2NTgzMzI3MjQ5MDksIjMiOjE2NTgzMzI3MjQ5MDksIjQiOjE2NTgzMzI3MjQ3NzQsIjM5IjoxNjU4MzMyNzI0Nzc0LCI3IjoxNjU4MzMyNzIyMTMwfQ
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-eaafd2ac-3bea-4dab-a914-365d3fa01772-62d82632-5553
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.pswec.com/ Name: tuuid
Value: 35120cf5-4a57-4f6a-9b56-b02358b19330
.pswec.com/ Name: c
Value: 1658332726
.pswec.com/ Name: tuuid_lu
Value: 1658332726
.server.cpmstar.com/ Name: USER_ID
Value: %fc%90%5cz%c2%d8%f3%8d%23J%87%5c%5dO%df
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-622885e8-69bc-4dce-b7b7-33df6ad940af
.quantserve.com/ Name: d
Value: EIABEgHUJvijC_vLEA
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-eXXbsn1xje5iIoe-KSGS7ypx3rJifty7KyH8VjXf&KRTB&19420-eXXbsn1xje5iIoe-KSGS7ypx3rJifty7KyH8VjXf&KRTB&22979-eXXbsn1xje5iIoe-KSGS7ypx3rJifty7KyH8VjXf
.pubmatic.com/ Name: SPugT
Value: 1658332726
.adotmob.com/ Name: uid
Value: 07ea220407cdc1f0af4c98c4
.adotmob.com/ Name: uuid
Value: 07ea220407cdc1f0af4c98c4
.adotmob.com/ Name: partners
Value: IX%3A1658332727318
.w55c.net/ Name: matchpubmatic
Value: 5
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22141%22%3A%2220220720%22%7D
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:jafXLkYk1Oec615
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-d5fbdb76-0844-11ed-b6d2-1ec24d012f91&KRTB&23275-d5fbdb76-0844-11ed-b6d2-1ec24d012f91
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_dfbf1dd067b6470997f89
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7650510858995602230&KRTB&23263-7650510858995602230
.fiftyt.com/ Name: cs
Value: MTY1ODMzMjcyOHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fKKqyKYrUx2ne17kz9t3Fz23D-HyO7CCcb9bzPkXxjX-
.fiftyt.com/ Name: fifid
Value: 28d9167f-c7d4-4d9d-423f-82ed59709f35
.udmserve.net/ Name: udmts
Value: 1658332728.0
.tribalfusion.com/ Name: ANON_ID
Value: abnufrxlqLknJVsPUmnpS32mB64ZcZatHpam1WUQxdeZbpcvlMBJhSof6YXrOLWIJ4klpmKTnaTTYxjWpcnK4MOZcnnltIUb1gibUMnR9b7b
ads.playground.xyz/ Name: connect.sid
Value: s%3ANQgztKmDA8LxivjOz1RCu5pGsuZkFay7.BUzULT9Ip3swglUHWeCti6hFnuKA4V%2Bjd84tO2aGRRM
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: pmc
Value: 1
.acuityplatform.com/ Name: auid
Value: 681651640284
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBQQcKVFyWmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUEHClRclo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.onaudience.com/ Name: done_redirects219
Value: 1
.mxptint.net/ Name: mxpim
Value: R1D530_F351C38B_4E323EF0.1.000000000000000062D82638
.onaudience.com/ Name: done_redirects109
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q7116191251797004622&KRTB&22521-Q7116191251797004622
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-681651640284
.semasio.net/ Name: SEUNCY
Value: 1F728A0949317383
.fiftyt.com/ Name: fppm
Value: 20220720155848
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1D530_F351C38B_4E323EF0&KRTB&23092-R1D530_F351C38B_4E323EF0
.zeotap.com/ Name: zsc
Value: 7%1C%28t%9Cwmw%B1s%85%D6%DB%D9a%BC%DE%EA%7D%8Ed%28%C2%60%3E%3C%8B%C2%06o%96g%0E%B7%27%29%B9Q%87%2C%E3%F6%BD_b%C4M_%D6%B2%8Ep%9A%3F%AE%60Y%2A%9C%B5%A9s%F8%FB%F7%93%ACp%A1E%B6%8E%C4%B4%B3%1F%8AC%C0%EB%B7%FA%0A
.prebid.a-mo.net/ Name: __amc
Value: 9_1658332720_1658332728
.pubmatic.com/ Name: DPSync3
Value: 1659484800%3A197_236_221_228_201_245_219_226%7C1658361600%3A174%7C1658880000%3A248_164
.go.sonobi.com/ Name: __uir_eb
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-c8716e60-872d-4a68-ad1b-74d47f4a7d71&KRTB&23340-c8716e60-872d-4a68-ad1b-74d47f4a7d71
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-Kcg54J60SfRs33ChgCt-6SaEdkQ
.adnxs.com/ Name: icu
Value: ChgI-7AlEAoYBSAFKAUwuMzglgY4BUAFSAUKGAjVhV8QChgBIAEoATCxzOCWBjgBQAFIAQoYCOTAbBAKGAIgAigCMLbM4JYGOAJAAkgCELjM4JYGGAc.
.smilewanted.com/ Name: sw_user_params_infos
Value: LnETQHMtjhUddo4xhHewAhFXYaRSbt4XiqYsQSbFCkBkcvgH8spi2P09EfQlmYTpp0n6a5fVQ1q3Y%2B668SYbE3QEQJinn%2ByOp1Nt%2BTCswRLUu5odzL%2F33Op2lRuBfaPnQs5sZ%2BIWPsEsjvRvuyAkRWr30%2Bp8uozEmA9iZl7PW2ftRiWgm0ofxUBdweBSI9OFrMTwjL%2FNgFGOaqMx5b0QDYT586MTd2e%2FjVV9U5gevZRuWnUJARRI%2FpjEel463Gf3uf53rsm0pmEcwuJMohnQaepQli%2FXqt1ilMc%2FuVHRGK6BncQ5VB4YXbIuhZybziROeNeEmevC4IpocdV0fxOD0An%2FICUSlSzgwm6lcUyT2Gg%3D
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!4839-2!4839-3!4839-6!4839
beacon.lynx.cognitivlabs.com/ Name: ss
Value: 6JUJzSBbJO%2FE444Znak1ptW1T%2FXXshoJjVQxMhropnXvdt%2BRYV839U%2BXbGIBhjDnYc9g6YNrUov14tAg14lWag%3D%3D
.ads.pubmatic.com/ Name: KCCH
Value: YES
.inmobi.com/ Name: idsp_c
Value: cb844d8b-4f63-4595-8e4d-3e27d4360236
.csync.loopme.me/ Name: viewer_token
Value: 080533c1-ff95-42b0-891f-e868f4fdf47f
io.narrative.io/ Name: io.narrative.guid.v2
Value: d7a3d4b0-0844-11ed-b220-0620fc7113a1
.bnmla.com/ Name: rx_sspurl_10738
Value: https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3Da0757451-1b4f-4610-b8d3-413e52c2c291
.bnmla.com/ Name: rx_uuid
Value: a0757451-1b4f-4610-b8d3-413e52c2c291
.bnmla.com/ Name: rx_maxage_10738
Value: 1659628728
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 14
.pubmatic.com/ Name: pi
Value: 156077:4
.pubmatic.com/ Name: SyncRTB3
Value: 1663459200%3A69%7C1659484800%3A222_231_8_7_3_204_189_71_56_240_233_220_54_57_96_22_104_5_99_239_21_48_166_165_178_234_55_13_176%7C1659571200%3A35%7C1658880000%3A38_2_15_223%7C1659139200%3A63%7C1660867200%3A224
.bnmla.com/ Name: rx_sspid_10738
Value: 170
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwi2xIf_15z1OhAFEhsKDHNoYXJldGhyb3VnaBILCOKklIHYnPU6EAUSFgoHc3Z4OXQ1MBILCKbzkprYnPU6EAUSFQoGY2FzYWxlEgsI6va5nNic9ToQBRIXCghwdWJtYXRpYxILCOzur57YnPU6EAUSFgoHcnViaWNvbhILCJiV9KLYnPU6EAUSFgoHYmx1ZWthaRILCJbRw8DYnPU6EAUYASABKAIyCwim8u_w7pz1OhAFOAFaC2FkY29uZHVjdG9yYAI.
.connectad.io/ Name: id
Value: eyJpdiI6IlJPV1VFOWhjbFlDZGVrbDFvWUtZeHc9PSIsInZhbHVlIjoiQ2t2TEQwNTR4VHJuRWhpa2dEZXExdDBDa0FUK2l4MWZVdnhhSXptdVc2MkhDeE1mMW1hYUdRVnBaQWptTFwvc09JTHRkNE03c3FqTzk3MVFpOUh3TkVJSFZGNXVwNXpRVExSbEM5K1hEZ3dWMXlSMGtWQm5uUlBXdG5haGo4M05mRHF3TVNcLzhXZlBBRGJpQWI1QlBLVXBOVlZiXC92UlFXcXdEWDc1d1FxTForVm5xZXMzK25PNVM2Z01ERHNudmpIRHN4cXA0QzlGQ3BJWGc4OWJ6NUo4dTM1S2d5a2kwZEdRTmFXNkUyMGpxRk53TEpITVpGbGJvVDV2aXJEVWtWOVwvMTJqdnNROWVSWU1rdEdleGJtMXE3dVdKS0JZZFA3NXd3dEh1MkVDcEJzPSIsIm1hYyI6IjVjZDdkZjk4YzZjZTA0MDFiZGEyYjhjNzUyZjI0ZmViZDA1NDQwMzcwYjRmODNlZjRiMzFlMDg2YWE1ZTNjZGEifQ%3D%3D
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-dda1d952-238c-436b-9a13-dbfe3b5c8d58-005%22%2C%22nxtrdr%22%3Afalse%7D
.c.appier.net/ Name: _auid
Value: DIDR9lcIDC653HBLOSbYYg
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-DIDR9lcIDC653HBLOSbYYg&KRTB&23130-DIDR9lcIDC653HBLOSbYYg
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-dda1d952-238c-436b-9a13-dbfe3b5c8d58-005%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-dda1d952-238c-436b-9a13-dbfe3b5c8d58-005&KRTB&17107-RX-dda1d952-238c-436b-9a13-dbfe3b5c8d58-005
.pubmatic.com/ Name: PugT
Value: 1658290248
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YtgmOQAAU7NeMQAK
.casalemedia.com/ Name: CMTS
Value: 381

13 Console Messages

Source Level URL
Text
other warning URL: https://www.googletagservices.com/dcm/impl_v90.js(Line 88)
Message:
Unrecognized feature: 'attribution-reporting'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://r4---sn-hp57kn6y.googlevideo.com/videoplayback?expire=1658343349&ei=VfvXYo-5DcSDkwaF_JzICA&ip=184.164.141.146&id=o-AHrELxchHiFlErI4eaNnd2bsJjLk4QeyRzuhfJvTK_S1&itag=134&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&spc=lT-KhqPUij1E8NlmMGO9fJMEdaF_0Ds&vprv=1&mime=video%2Fmp4&ns=dnA96sftmSBK2UloVbRmZqkH&gir=yes&clen=10427993&otfp=1&dur=207.340&lmt=1600678288117961&keepalive=yes&fexp=24001373%2C24007246&c=WEB&n=1GQdZHesJ6hp7xH3&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cotfp%2Cdur%2Clmt&sig=AOq0QJ8wRQIhALuF4x1h7d71QFXRwiBaZvZGsfZ3EviBfRd7O1EbPdi9AiBwiFgW3btblgEZTYPM7JKhiGIj6WedDcxJA5LfDkQrmQ%3D%3D&cms_redirect=yes&mh=3a&mip=2001:550:1d05:1::12&mm=31&mn=sn-hp57kn6y&ms=au&mt=1658332394&mv=m&mvi=4&pl=48&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgVh5vtu3b1oyEB263fQjmMrt-62zQ6v7kpNKRuhawto0CIE6OY1mcmGyyURN58ozvGyK47TdDOIV6gQbht37csApQ
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
other warning URL: https://www.googletagservices.com/dcm/impl_v90.js(Line 88)
Message:
Unrecognized feature: 'attribution-reporting'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
javascript error URL: https://www.hawtcelebs.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=13781' from origin 'https://www.hawtcelebs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13781
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://b1sync.zemanta.com/usersync/sharethrough/&us_privacy=1---
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=eXXbsn1xje5iIoe-KSGS7ypx3rJifty7KyH8VjXf
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dtssrv.com
a.sportradarserving.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adventori.com
ag.yieldoptimizer.com
amazon-tam-match.dotomi.com
ap.lijit.com
apex.go.sonobi.com
api.demand.supply
api.rlcdn.com
api.whizzco.com
apis.cmp.quantcast.com
assets.a-mo.net
assets.revcontent.com
assets.vlitag.com
aud.pubmatic.com
audex.userreport.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bid.underdog.media
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.pubgw.yahoo.com
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cdn-tc.33across.com
cdn.adnxs.com
cdn.aralego.net
cdn.connectad.io
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.revcontent.com
cdn.tynt.com
cdn.whizzco.com
cdn1.decide.dev
cdn2.decide.dev
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
cms-xch.33across.com
colossusssp.com
confiant-integrations.global.ssl.fastly.net
creativecdn.com
csync.loopme.me
csync.smilewanted.com
d.adroll.com
d.turn.com
data00.adlooxtracking.com
de.tynt.com
decide.dev
dis.criteo.com
dmp.brand-display.com
dmp.truoptik.com
dp1.33across.com
dp2.33across.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.dtscout.com
eb2.3lift.com
edge.udmserve.net
eus.rubiconproject.com
fae63cf7dcf66672de0cf1de0248608d.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
global.ib-ibi.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hb.aralego.com
hbx.media.net
i.simpli.fi
ib.adnxs.com
ib.mookie1.com
ic.tynt.com
ice.360yield.com
id.a-mx.com
id.crwdcntrl.net
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.revcontent.com
imasdk.googleapis.com
img.revcontent.com
inv-nets.admixer.net
io.narrative.io
j.adlooxtracking.com
lbs-event.gcp.lineate-33x.net
live.demand.supply
loadm.exelator.com
loadus.exelator.com
m.fg8dgt.com
map.go.affec.tv
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
media.vlitag.com
ml314.com
mug.criteo.com
mweb.ck.inmobi.com
mwzeom.zeotap.com
nep.advangelists.com
nym1-ib.adnxs.com
odr.mookie1.com
onetag-sys.com
ow.pubmatic.com
p.adsymptotic.com
p.alcmpn.com
p.rfihub.com
pagead2.googlesyndication.com
pb-server.ezoic.com
pbjs.e-planning.net
pd.sharethis.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid-us.creativecdn.com
prebid.a-mo.net
prebid.smilewanted.com
prod-use.perf-serving.com
protected-by.clarium.io
ps.eyeota.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
px.surveywall-api.survata.com
px.vliplatform.com
quantcast.mgr.consensu.org
r.bidswitch.net
r.casalemedia.com
r4---sn-hp57kn6y.googlevideo.com
rc.rlcdn.com
redirector.googlevideo.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s10.histats.com
s4.histats.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
server.cpmstar.com
services.vlitag.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ss-pbs.quantumdex.io
ssbsync-global.smartadserver.com
ssbsync-us.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssp-sync.criteo.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
stx-match.dotomi.com
sync-eu.connectad.io
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aralego.com
sync.connectad.io
sync.crwdcntrl.net
sync.extend.tv
sync.go.sonobi.com
sync.graph.bluecava.com
sync.ipredictive.com
sync.mathtag.com
sync.quantumdex.io
sync.search.spotxchange.com
sync.sharethis.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
t.dtscdn.com
t.dtscout.com
t.sharethis.com
tag.crsspxl.com
tag.vlitag.com
tag.yieldoptimizer.com
tags.bkrtx.com
tags.bluekai.com
tags.crwdcntrl.net
targeting.unrulymedia.com
tk.airfrance.fr
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
trends.revcontent.com
u.openx.net
udmserve.net
uipglob.semasio.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
underdog.technoratimedia.com
ups.analytics.yahoo.com
us-east-sync.bidswitch.net
us-u.openx.net
useast.quantumdex.io
usermatch.krxd.net
usermatch.targeting.unrulymedia.com
visitor.fiftyt.com
waust.at
whos.amung.us
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.hawtcelebs.com
x.bidswitch.net
yeet.revcontent.com
api.rlcdn.com
image2.pubmatic.com
x.bidswitch.net
100.25.229.211
104.105.42.146
104.126.112.185
104.16.108.154
104.18.100.194
104.18.18.126
104.18.19.126
104.18.35.34
104.18.36.173
104.19.136.78
104.22.69.131
104.36.113.23
104.36.113.24
104.36.113.35
104.36.115.109
104.36.115.123
104.45.178.220
107.178.246.49
107.178.254.65
108.138.109.24
129.159.70.95
13.33.60.25
130.211.9.179
135.125.180.61
135.148.35.198
141.226.224.48
141.95.98.68
142.250.176.194
142.250.80.34
142.251.40.130
142.251.40.134
142.251.41.2
143.204.146.34
145.40.88.5
15.197.193.217
151.101.129.108
151.101.129.44
151.101.130.49
151.101.65.194
151.139.128.11
158.69.139.230
158.69.139.238
162.248.18.10
169.197.150.7
169.47.141.243
169.55.104.49
172.105.221.29
172.98.26.125
173.231.178.115
18.116.122.191
18.217.183.114
185.167.164.49
185.184.10.30
185.184.8.90
192.96.200.41
192.99.0.58
198.148.27.139
199.127.204.142
199.187.193.182
199.187.193.185
199.187.193.192
199.187.193.202
199.38.167.130
204.62.13.72
207.198.113.88
216.200.232.249
23.205.61.25
23.219.17.240
23.221.200.79
23.235.251.213
23.3.125.39
23.4.226.82
23.5.229.102
23.64.60.212
2600:1f18:4e9:5a02:357b:502f:f800:1eb
2600:9000:2120:6e00:3:7df3:55c0:93a1
2600:9000:2140:1800:1b:5138:8a40:93a1
2600:9000:2162:7600:9:46dc:4700:93a1
2600:9000:2162:8e00:5:c4ab:c3c0:93a1
2600:9000:21dd:2400:9:d7ff:bd00:93a1
2600:9000:2209:600:6:44e3:f8c0:93a1
2602:803:c002:200::116
2606:4700:10::6816:1957
2606:4700:10::ac43:2ac9
2606:4700:10::ac43:8ae
2606:4700:20::681a:507
2606:4700:20::681a:567
2606:4700:3032::ac43:dc33
2606:4700:3033::6815:3c4d
2606:4700:3036::ac43:b893
2606:4700:3036::ac43:c1dd
2606:4700:3037::ac43:9a47
2606:4700:3037::ac43:9e3b
2606:4700:4400::ac40:98f5
2606:4700::6810:5814
2606:4700::6810:8616
2606:4700::6812:1c79
2606:4700::6812:1d79
2606:4700::6813:9e13
2606:4700::6813:ad6c
2606:ae80:1451:13::2330
2607:f8b0:4004:c09::9b
2607:f8b0:4006:809::200a
2607:f8b0:4006:809::200e
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80d::2003
2607:f8b0:4006:816::2001
2607:f8b0:4006:816::2004
2607:f8b0:4006:817::2006
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::2008
2607:f8b0:4006:821::200e
2607:f8b0:4006:822::2002
2607:f8b0:4006:823::2001
2607:f8b0:4006:824::2002
2607:f8b0:4021:7::9
2620:100:a001::4
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:a021:b886:81cc:55cf
2620:1ec:21::14
2620:1ec:c11::200
2a02:2638:1::13
2a04:4e42:200::300
3.138.233.59
3.224.73.141
3.225.46.53
3.225.53.134
3.233.22.19
3.92.156.8
34.102.253.54
34.111.151.213
34.111.234.236
34.117.239.71
34.149.139.129
34.149.20.76
34.197.185.21
34.197.4.79
34.225.144.85
34.232.140.51
34.98.64.218
35.190.52.204
35.190.60.146
35.190.90.30
35.201.74.200
35.201.96.126
35.207.24.140
35.211.118.13
35.211.141.197
35.211.178.172
35.211.20.91
35.211.233.246
35.226.42.89
35.241.31.249
35.71.139.29
37.157.6.245
38.67.14.233
44.196.137.234
45.55.120.93
46.105.201.240
46.105.202.126
5.135.142.36
50.31.142.95
50.57.31.206
51.222.39.185
51.222.80.231
52.0.156.250
52.2.125.196
52.2.65.122
52.206.113.215
52.23.75.135
52.45.33.138
52.45.92.187
52.46.128.147
52.54.161.46
52.7.193.118
52.7.73.102
52.70.163.135
52.70.74.97
52.73.102.235
52.95.126.138
54.144.189.197
54.144.223.251
54.157.54.2
54.164.129.77
54.243.198.75
54.243.214.150
54.81.150.202
54.84.62.20
54.88.217.144
54.90.233.89
54.92.156.105
63.251.28.219
64.58.232.179
64.58.232.180
67.202.105.24
67.202.105.32
67.202.94.86
67.226.210.221
68.67.160.186
68.67.160.76
68.67.161.182
68.71.249.118
68.71.249.120
69.12.8.74
69.166.1.10
69.166.1.15
69.173.151.100
69.175.41.15
69.90.254.78
74.119.119.129
74.119.119.139
74.119.119.150
74.119.119.73
74.222.140.126
8.2.111.123
8.43.72.98
96.46.183.20
99.84.126.46
99.84.126.66
001abd2715a82493cd4eadad2883d4226c0b210bb8367f1c659df7caf8f9f7e5
00d931addd3889929137c7409aecdd66078d4159e228959d8a64b8e998f8ff42
0113aa214f14f694828b66647ee291880d116322d367731c778bdecdcf6ab9fd
014433f27daf645ba87d704156ca178a0728bd09c852a06de7a2328f9c487c0f
014c8f530193c63ab3e90ee856b7fa2f4611b815e9d5d6acca0688388637cd15
018995f66b8ca6200d3390a9c9f93600b5520109bb08e0fc4f29cb6ec5010f68
01e5d38d9555342f5143960c116f5593e069216a1643413993a9d0a9c06948a7
020f6bd3287f84ee8c131af228596cb1a43839b4c32fcfac8d259fa9f5895544
022191965c00624ce850d60723b9311c2d95f06c419176501bf532df68e23792
025b0838d8cee874c7941f4d6509713806750c37b656c1154b1678939aa3e0ef
03ab021bf7592a701b5239b3bec197b355f6a97b23a0a89e26be9aadc55392ed
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
04229993c9ded71cd72d1ac688b3e1490bef2a769c20651f6e39cd53fbaa4b32
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
058264d32b7050f3091158beae452067386520e7381d925cacff7d7c112b7be7
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0720adfc95b623b5432369afe1f96bdda775a3c140514c47334e5b90232b20a1
07baef112fe117c0bb81aaba1ec7aa2245c19625ba7b9d51f30fa75ae50bddf8
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
097e29dba505b81b60688c19cb06a9d56f705d5295fab9638802613494ccea33
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
09e3347331a5b35010454b3f83a833794f3356e7a26146c7dbfb948a298d6770
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b41b8621ddf15fa1674ce5edcfdac9e966c69d8796ad2c9bcaa55995692f3d5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9753e821db7d94095343e5de7e96a94997192a8c1a096f1c9a8f8688c3d49a
0c45a131d246c40d6b1222edda96c89b6c156af22eb77e0baa5ce4b0d4abc26f
0cad8820e9cacebba08ca2a8742b0e683e752846c13c20d6b55ddcffb2402f49
0cd7b4391a82e614ff30dcbc6fa8309600687239a37b5781c88075a19fbd0558
0dbe8557cf989bc417149292624d7cbf6bdfdbb38de706b401ab705933a7a9e1
0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6
0e0d4e4b8fbfa0a9ab7ebdf70d4e39986c3e0964886c1101bd00403435139fa2
0e1c7b2eade6a07b161c6ca0124c8a02404bc34dfe468cb519219443f7eab960
1039ca16a0188fb2c0b4ceb185e439b68851b0502ae5fae129ec0b4266037e4d
103dadd9219b2d8a99430274038f6972c21238afc02b5ab5a6b764469338b8eb
111f013210ac23b4539631d459df481346d851b4b7e400795e1ec751aa5688d7
1160129e1a22359cca633d2aded338de98ac212ed619bf23fe92384124911771
1202246c89a6a43d01fe1b2537de89b777d68e835279a43af21f96f3d8af522a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
128532491682e0da9c06b7a10d2ff9ebc76afdef40d5bdc82671d0686a61063b
142b69bb19548df18316ec18af58106128c555fe390a222a7e915d7944f15699
15874dbfec320c1219481122375b9fa26e41e5a647a18362c3e568eefc182e84
1663da85d3e5a59ac5561c7eeb0a66a62129c6ed7eddd833d8955019e5940ee5
16af933f9846ccea77bac90bbfbc9d807b0bdb047f6d7439ca8d866375581b3f
171cda4d3dbdee2f4fd2fe8bb216d01ec076f528c89d7f529bb0a71d74c2cde9
176ff4118c06a15907655b533309bf79da619e09b4e4bdbda171ad6a320d8632
17b8fbb0401ceec10be6457fe8e49781aafee5fea2d9c44ed4a73dfd1b310baa
17cbd3c8cb551886f17b9033fb41a02e350b891c0e408c05e1732aabe3e01166
17fd61d9ed745e00f7e6054706978137a1e6a772f953f7ef6fc381a7dd5ea443
1804c1503a635504069478a735986974a43f866c37c35c052b7b4661142eac82
18091a39db3bc6d68a187de5d46d8f28e49beb8d9431e9c8e5e9db7cb071dc65
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
193edc77bef9fe78df5a2e67b7d3dee9b0371b3a9db2fa1552daf20af4f59424
19b62fbb15b0c0212343a74574f415ea8cc201b01f91fd745643ad33701e1a02
1a47d2692213d973fb09aceb9122bf77a2bfd3c2cb5f78fc27455937bd5bb323
1abc28f84150069b3d3bbd74976b8a616e5d18cb3307eecaf58ce7932cb522c1
1b6dfbc0392b3e04e6f10a39a7c097635148b6bc998c13ffbda40d5b3df488c8
1c22a420c798a0086c484e14c8a322b00eefcddd38c204ecfebeee0655d23f23
1d421d3d40e562be8925af9f0d462635dcc86617eb2a1f8182f8f13f510ceb6a
1d8b18157b06b8e1728d355129fef62d1f6371bf73552e5a06546ed5db297aca
1ea50329b826918b0b803777e2f5ac48a3570aa1f9c06bc92b6a1731ae37654a
1eee34931cf505455f8eec63ed94483b298da6e0c3f636afe43a837662996b4d
20051e7d7eea46376585914cc6254771881c9e916b37c4ebdfdf34504ebea46a
203326883415ab3e0d2ac6e650ee911b2f609e3935de3e4292a19380c95fc1b5
204270ebb96e316a0c5584ea915dd40fd77982f40abc982a3ff5447d677400f0
208d4378ed7130ef069bc8656c21423ffd06c1aafb2e708584b0fbae4420622c
2147b018583fa01576c78218ad4b19dccee88ac04d11c2ded5071a872d09c2aa
214aa83d8e538640dcfeabf6a5a88e8a9645b217e4195ba07e17402aa523c786
21ee300bfd9885653093598704517de6f087604866b1b45d9225db6c3f83b6e2
22e25db21a4de4f7fa00bc51a030a011f88a48156764c18f267c4e35444a3176
23514ffd8dcbbbf91e694957773d778cd063181aef25215340150eef9c5b0760
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
24733b4e73e08f85632ff1319246c94ca2509a750ce1728519e45f93e467b73e
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86
26e71839283aaac2e69b63b08431b0f03407e723c8b131fab4e5b79475380eaf
26f7bfd56370553650f0fb1bf1faf255d80fc5099a578221bf8eae25cb4abac5
26fa568ff894b915271c740a6b650b3f95ba3c90939fc4794759aa0e09070f2d
275d7e0034a2d177fa57d9b750285effb821a9232f875655c98cf1bee45bddd0
27752b8461ed117c278d4307a79d9348708ef878f8addb01fbc8772fe770a11a
27d53d06f4320607d5f28af2130a90d28d2cb3f1322dd14710f28ce99d508e5d
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
291c4797b461861fe7c412db352b67d6fca87718181b8b74deed785b72450055
2966b362d79e9851df4470bae332f5ec214c0278536a5581d94ed905e2bc454f
2992739582d1128d83dbc9e7e5bb31db0cde5ddcc0d74b23b2fc8a2b86d0bc35
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b77a65bd796e5a7894f62fc75c1b386b6c646df1b8db00f1d593b0676f55386
2bac1ba805c5ac438464a53166f85869b9617d85f902ef6e843028e7641c8f13
2c786eaa226d9e6f1697328377ec6ddf149279a850f2370d0db5a68fcd44cb34
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2e6d2f3c96455e33110ac4ee9d19f6c7bf6dfe46fa80250f30a4be1c00611407
2eacc94f99cd3d81df21553ad4dbd41e356b5e0534bef81dd258acfdb8404484
2f4afb9542db5f390f4e037dd0482e5ad447267cd0f22e7d0c1e3d755176df98
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f818630ddc58f8a3a0562ec7b56aac0b77496ca62171ede1477578a2e0f3c71
2fc33da58bdb34aebe2fd40d8cfa397338c110120625f3561b980959fb260625
2fd74f08fb05185674d57aef1f15f1e9a8aad401a65a55c87e27378605acc49a
31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb
31e0292b2162515346068c9d1726a329ddaf8eefa85c43d5ffaec0ff2a7655a1
3271ea810058a7562fa314c2fe969bf4df6278191e8120497147e07a76b0f95c
33e6cd66c614424e0165c4d41234b6ad6b4b659260f02f18ba1644322e186d22
345843438b5078febeb2ecf9fda880a85dd71c44021702786ad9f615da0d69d1
348bda21c420db9f010941d5e6b98bd728a0d195a36a33b0a15ad13156e7bdd1
34d3c5bccdafcfd082aba4d2c845ac06ef9a24ae683225d596117f0e53ff1300
351551941a48271cd0e2206269d674646474893c4d0b193c2ea73f7fe041c3b5
357cdb070366911d9d0126f2894ad3d365fc1855c69771e857eb20832ed11912
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3784c7669c145028289d04c44326848557478970aa8212e2ca45e642c268335a
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37bd89d0776acdb8565abd79559d140909e68570f7d74a6f0141d21aed4122f4
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
3abbd2526eeec5664438974a7cf887b9a972fe61fa5cc1e5e99583ce6ff33b9e
3b9e4c686af372db67792b219e341972078835c7b8a544ce4e9d18ded1d2a7b7
3bd5e1e7e15d05d07670d3ee8ff72fa7900ee04b819babcce34f28bd1a7a4f3b
3c9525bd904b3f4ceed1e47ce94830a7973eb7e51a7ab0a5709a0b21523a7b8d
3d23d39a30bb7323f8ccfd64c52cf286138fba4f83e78f7edcf66703b7c23aaa
3d3bd31f59ac3efe93404a114c344a91432611536a05937f892ab1c54e5f745f
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3da563d409854faad3f3b39918b789d908f34431fe654e4038859740cc01cdc0
3db2657debd19868697a7c6140e672657276c176d5d5020e8d1ce5b200fc3179
3ddda325e83cdc5a855988453a5de2a0a19e1060460998b47a8e5983c06a8b59
3e0f8c5ddc9342d1a55c19ab512c0899c544207abfe0b4387021b3cb1dd430bd
3e2913b5c45f40702b3128036940f3565a644d18e63eae9180a085d9fb655c0f
3e397ba3caa50a76451d4cb86b5e7eabad67c07af9a7aa098abb3822a5710ee6
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eb1e17058a518b1e111dda1164d63480f84a03ba15f1898eac4b36a9b7f8791
3fc7776fd6d027a64535c65f4fce3978c74754d3c3d84777d78788353b01133e
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ff9d4dc5f1b6c2da938bd8cdab04fbede698e8111f71b777566bed57f5aeda6
40fd340757592ac787d36a000dca4811970eda90286385ac4cdbe2680d305225
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
42ceee0de36e62ff6c52fad1bfe460f4a861aac6b865df3fb960ee239b2470da
42ed6e3a17f55bb79062a61558f050eb5d3614b1954d90b497e91762395b9163
42fc207ebec992c03f7e8b3bf2f56ed07d798add6da0d4e91777eef7c9262875
43ab813eff7b800c276a9d7566d5dddfb56295e6c825ce2be2e73657e080fd92
45d432db9526422d366d431ebff572adfbcc807c69b2c819816e5eeaf7aa52f5
45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707
463d7ba54dcd6fb08d1cafa7e420401aeeeb269950986521c3605e0ec6dfc318
4731e1923dffc46272facb2508502ba154fc7c744a1aac37ad7811fd8abe29df
47ecec0312b98dc3f4b5977fa38fc06d8f7e60f22901b852860f6006bd0e6def
47fafebd562058b4a4999265d22647fb2d871b5d7577eeb3c4c0d2fdb77d7df6
483379019bd3258eabd023a6795bdc8baae5b2c7d0acf17799bea4ae3abc24dd
489332be3c0056ec9699f616efc965b42051061ae468aff37b0f51328c71d019
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49250ed8e3698633fe130e218b05ca9f44a8acb04833bd280c2ad570ffcc3cf7
4a02a29236c5848c34f8de0660554c4ccfae72df22d9e63ba9db1768681b819b
4ad1573d5088d27268a8d30b28a0c1814ed1ff549579dbf3af7073005f23bd63
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d0f1b3e038165153e74b906cf44e69bc21cfab505cb0e5fee09277cb1197ef7
4d12f95611aa8608d4744913c13489910bc27a45225a61b5f7e5f5e00f519e02
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
508005b9a622c4c017a0e6431808bbba0909c86a4efbf51070727e97a56bd1cb
524a9715a52a1a1ff8bc3fab2d8aeb1e398dd6dadf94e2b5bb2f9d891e1eab83
52c96e65b6b61e9ad70c74bf8154b878fab217633098900141e9472f28bbe0d3
532ba64228ebf97f389c08b77a8bd908076f9e20067aafa70b6270c841ccebb7
53350525edba0b889e87ea52a16ed843a928a2557e9f8d6747acd7ff991c95c3
5409a7909c51bd5336c6f438fb83fa30e431a11e2907c89458186a435ea608c4
5411aadbe4b7c1f687597c3cbc837bbe00341a1cf54570a117e3dfd323458f73
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54da7aa310a90d5d322d4b18671f07cb08f652ff83e8a54ea4ea1fd70a5e8d64
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55a5a451cc6ad305438589d1843b58d29c4e2603cf8bbaf9e35d3f86c43825d8
561804a862b5aaf9e01bd5570d1e6147debfc6820c95ed0250a7a2b45aff2fca
56392a97bf35956d4a099fbf3c764a01ee1f2cf2e070a0d8aacf458dbecca0a9
5656d53691bafeeacd1447c681d092fab5ef098264a771df72dfc1f82ea5f64b
571cc1e3b9210a3e1da4b1ac7292fc391da3cd6589310619cc597dcd8e22a853
57b7f2b2bcdd983268775ebc6ee71d208510b285d79dd058f2717248079c59d1
57c073849570882251534d31fcad2be1a0b5955bf4aca22a14c6d0a7b6610cee
5afbaeaaea207603a84b0129b429c202213ad50a9076c0eeab49858abcdeebb0
5c0cd2a173126884b05c06a5d218265405a98ab9519ea5640fccf715907bf54b
5cde22d0deb6b245505ad6283394dc8af651c841b4dc18ae22846bb489de32c7
5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3
5eb141717f51c44f96058d241cfd4183c21632385e0b9fa1163ca9d8f7f606d2
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60cf5e118ca1c179bf1b725f60b86930d7e154da36fb207c1fffc9fd7ee2cf83
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61882128b488e476b0a26afa14e818e3f39775b715f139653e23345613071dda
61b8c41ac7e32a01152861a5fb8c44bb0a1b5daf2522f93ed7b27c6460d8f8cc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6395dfdf272c4b6f4cabe8d50c198acceb2553e0cb6dac7c2d9c0f9a9aa8f2af
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64e03c800707fda712719fd2bd987d6b8c5bdd6c81e7a945259c686aee1b63be
662817e21330cbf78ce4c0f606a0989b107d3dc4cf55849b6065ad9ee5096d66
66584fed865f49b6295682617de442504a13e1f800abcab2cc8faca87765cebc
67cf3763fc9d4e5d82d051cbb940dec1471b5eac88554645d87b685aaaa98004
687c1fbaa91a5f59ba02613f0eeada7a84eec2c78f2c57f0324740ed2bf7404f
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b4a0088aec91c494c6d23bd0e061bf198cfa09dae193ce7e17cfdaf84e80ced
6b4f8b6e3f6c6662d82caf8a9a08e87e5cf0b8fce8dcd998c258ba47c4633b0f
6c3a33926fb4eeb19e28a7a721602262d9a6c5f73ba82926dbe44d6ab8d08dfd
6d2de39b920dda85ff1ce727e780f948816f301765d4f36e98d922e1ef99fbf8
6dc5032196a4f167a485d72c323f33d7ab3cba0a65d924d11e79db4445eb6a02
6dd95b334a086b272ea8274b9e65179a9a0363c1874c4769e1258e77acdf8b8b
6e0c8b2c5f60579810401efae17a79b333c8de8049d10ca8e50fb3973fb18b0e
6f25dd079335376ca5de5dacf205ae53d2d6748746a323eb2e890bc378e9afb1
6f87cd86c391c6361adca474b987f3e4b6d81d281795120c584d0a0c1ca7f5ba
70170e469d8d05527acab7e3335c6fe91e2966ddbb6e9ea6211260b8f717d120
7044572316ca53f4fb2a256e069be6d328863fe6174d90e2b653734401b82693
712c641e37b7088744d7e7617cbbf19cb50fa37114f4429aa64d075ca68af958
72a66130849aaf54f4df199c7e1d5726eab408d39d9b4f82b0cad711628ce69b
72dca416a3755410f3d658fd925d2de5267e9612bc14d59e3ce1e89d3447bd32
732493d486f9c2950f73e84f678f2f4b1d7090682a4771940ff6401c26bb1c41
73f00c216acf2f2c3f647e708f6dd4bfad91b9d369caf25fd57977174ae92031
742451fdc2781b02e4d414c5cb363fe035e482856c13245e3c96c00872995d74
747e8f5454d77ac3ee2339c3490cb7b805d59d7fedd4cc0682ae6ed9c33b7d25
74be962f4e8028b80cf8d1ffd2d238b54b92c7f302e57bc26c459318eb1cba84
75fe20c3d4f679ff79015af0423b3293cde85cc34aed5e2d4e337ef9b60e8c38
7681103bc0f9d31eeb86c705c3a942c93f33f841d65b8101e2cebf920ee30b5a
76adbc01770ed65f73492f91fd49a9d23d95b9150a5232f5786ea3a9fd51dfe7
76f6fa2a63e9d6d9a76f94f42bae470fb15e1c81f047153fd97f8dc35dc54eaa
77232dd336a184b5475226eda81b3f38d91bca7f595a4b1227ba8a2128adcf59
77ee057f3fca99f15c3075a7e915fa24637f65268f1b1dd466a66da0b61fb0b1
789b81aa8ab337c86a20d6ab8c04526c953ccce114656554dac31bc86a190716
79371fa45ccdd4c78740113f0b95d06ca340f2935470fcbb1df0aa39b7ad9015
79b539165a07d73c606ca3021814f17ae94fa1575211e666b657d1d33d7a46ee
7a5f97ae791beef344e61320d5015965207e6c7e3e171d606ddf48e2bdd718f1
7a839f7f5541f448239ef91040d93699595e360ae2cddcdc1e663777de25a7aa
7a99f6c80f192451945c4291633eaf4a921c61939888d955f40dd5c72e7fe502
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
7c489ad6affc4142f178da612cdccef73efd81fedb388b130bc736f9840f7377
7c90c7f79142cf31d79474ae2688bd42d71d7fb943e26f4185bae538a2292379
7d1c8babb03cfb8bba7dba9729e372ed5b7d74fb69d26bea0409b7f24dfa8bb0
7ded4562307b0aafd4ceff0deca6818a2925f4f3c5011653d98a23bb8f56b9de
7eda756a05b04f82bff7351e54c93f3b5ed33bb4d723dc0f114b5d45a48baef5
7fb49699465bd0ad85d59b9cf0dd03558baef898d728b685aebe1e5e04630e6e
7fe4c804a20b8c333014cfa14370d529406baa39ce3d80bf03398f63fe29f722
80b8b67459cd3a252a01d4a76dcda19621d68220323a2ace6ed65c82f658a0fe
80c1767d22d1add6529edf53c75b5d373e748f41f04c3a67357ffaa927da9916
80c2d79c60490444a0dd3a4101e3b1fc00053ed804ecf7be2706d0dd5c7f27dd
81d72dcecc48e9a11a89ad138bcf8854561ad3e713b8123415a01ed38c3bd6e5
821f90e927cfe1be50462e648aa329841e4906b1a7540485f5f57e38ff698c42
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e940a59aa71d4e3fd5fca3800e853690429828e1209db6e245da50660a21cc
840710d4724f89679dd314bedaba5e0dca874a89e35983f04f6b02fca5f43be4
84dfa737caf86f9510e44a723cfa2782d30babdb9e44007d117e6bf5fac76905
8539bc8d2f70ef9d1edd1c228e2d4466633ec0b0a832b0b757ef0803f1831249
8687b0fa19468d3afec880e9dfa2176095977cc942d69355bb7fcd5c8698d956
87373f0024358a66ae4d84cab88777f7e5dcc9ddde7891c6af585c80f269a330
88b8078cd7d0654e8a552d6972e3a18fd344d5ee5c93e29bd40beacd8759d1f3
88cd43c3f5453f7b4db2cbe884b47db3c8317860a2ce6e9b2bc934ff4b8e32eb
894d05bddae496aaa8f08f5f97d6694ad268675e4e262f43ba3343ac907a4069
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b156d86773c2ca2990249a70041071531e3bad16f48a19d89cfde330ca8609c
8ba0569466bde7a2f2c280080bb04c5893049ce511c8aaded715512a28defc5a
8ba58700889d4a90393e2ee9aa0112a663ef60055740ee7fa781af5e69675811
8bded7c44334fb1338ab3e44fa582d533544416d6bc7df18fc4875c58dbeded3
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8cd8581a76f914e7718208894e8e691a2a5db5c179696d5f316059b8edc6aa82
8d2d90782b363bf6f907dd572d1281a9b6a43f3a8d5d758b676c9f053b959903
8d3ba0dfb90ce66e1bf8d1d96543835d5437169c496ba80a0ea637b59284a1c7
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
911bfd230d3b9fca5c18eca692bbb5fca3b6b2c1fbb7efbc23e79f479591340c
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
917989d44c7b47139b83cb4be3f5a786c1635d8fb70f58c60cf356eadd60f584
91f7301b615782d2a44e59e5d7927da6414204b8d5b2827c803a178e44b3105a
92761d43628e530a5d1311ba858969cfc3f4f6c6502cf25a2ecc1fc8b8ab01c8
92ecbee7e51b8b6d262f40438f27ca2d2ae064db7d822cd47836903c290000a2
939c234f0cfb4ab2fcc745c8e54be7f28c4539bd4435e3447f410c850110985f
93e6bf14a3094ee4490d6db6a5da15abf597d9cd3766de773cff9967edcf250d
93f15c1e8e89766e1a58ce3a799a32451ddc9a9f0ff57cc09ad60cbf7d4bd426
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
94e2ae958f8cff8c2d70003475f782eea051289cf9e084bc9f23c5202cacc1f9
94e83e818bd1c32ae7d7063c051de117a7ee97eb25a8f43ad65d671e8a8ba333
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9d5dafcdbe06ff13b1acb632ce67d229625cfd6963ff1072fc292c376202eb
9cafff4e0fc9eaa5d9ca9185c6c53fe8cfce7272d7c0fd57de72a27c513ef111
9cb46807f6851d24976745e685f99b7e58138a8c2ac8e53e9ad793c6f20b379a
9e0a3ce58d31f4c083fe46602a74a4ab0e5691ae6e5fadb79718fbf358837dcb
9e681d6365415cf8330fea21c1ed612e92fc63d64aeaa0277100dae9f0bb37ac
9f69c00df57efb858d8d68fd8de34c80a259af2becb27723d73d92d2727e86ef
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a03959be309e9866facdcacd5d2b479e23488b125669a938db1fa041668848ab
a04751049149485e8ec38ef9465bbb415440feb64b3b4e909674ea91e9aff444
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0964a2c0874062268cd661e63dc7f77a51394229fed893a78a9b25442651e23
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2028e0aef8d1dcf220c4d25ca71e83cd5aa71820f3ef7f9897574abbb009e53
a23404715b4dc4f3a1f4b557ef4b9448564f326d85ebeac30bd32fde0efdfc15
a26ac9884afb1b9b6f446b68489f1cb48dbc8fa5c02cd25fd3dffab8dcbb0660
a3f5678ed2cc4659f7c791cde919ea6d7754f4753193eaef768b4bd01530fa23
a40dcd59c23d9ed6f0fbaeefeb57c78543b487ad93c49f5f74b89dd85b0ea278
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4eb2060150d9fc24ee035cb939a77e9d386616cbb36979dce9cf9276492e1ad
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a771adb35e71a737f66b1301c31702f80cbc29924e9fc9f407ccc5985bbc239f
a86cb3b76f227652a3a693076161bf7a8b493ea6f37bddb12e18edcbd2be3205
a87131327ab11d202042ed3da6a4474dab3c4fc7557a9b31e874da3060f4fd6f
a97447e8c04e5e743f0e0a6ecc199fd2d1370d54015c10db9f55f59e5065d31e
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
ab0dcc631acbeab223d019bdfe387a024a158966dec43ad3cbc7fccc4e8b9046
ac9aae896e31480718b101c96ecb2d154a2aaecaaf14160201302a7c505a5e9b
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae664e4f8f09a1cb8d4c1dc35d1f8b7766f9bab8f4ca7b48018982d583b099d1
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af0d6570462dee3c3937e8694b2ee98ea78313219976105080e94680c29769ad
af7e9a278a24308599e438f11934d5c578b8415af9a42e15532d2271542bce35
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b01ebb8e4d20a643e97c63e0f3ff60f35db9d3005ec35277dbd9f87353eef882
b07f38b554c503600efcdbfd30d4f5ee3555c7bf9bbfeda35ba0d187d368d6a7
b0a632f38b41e087224a6472747031280b8ea068cb083f7f8acd35bbaed7aaeb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1cbe8d72f70537d96ac4017a2ac07692db6fff26dbc1af46969ff1e0edd92de
b1f56cef9b15e2d87d2ed00316f63581f54477649aa0a783db3bbbe2baf245ed
b22c34633d521eb14166e6f41b929138d60e1fe3b6ed1350e325b1b02cfc72b7
b303e6cd63c996bf26f13285113dbfb293cfce054ba4ce88dd5274605b5db009
b3580312c2ad252cb33af93974ddb6691f117cc08b82cae1a190916c844d87ff
b3ad90dc7a2fc738b508d467f5eebd47bdec340827869ff70b7712e57777c5fd
b4837f2f0bced02a9549681ac5cf6f2966a89f317c3a7de35b9f1ffea8937ebb
b62c111248c0f1c634ec6f9ec89d920295b80b730d50ed982303f1f24eb68fc0
b666d5f775c9ba0aa22fc85a1a7829dfd03042f29103cfb53ce815ea9de07080
b6c63b35fabf1c366517d1298b3ef268e153b2192db73c8d8951edb6b135fea3
b6d1f6662fba6c649c4b906368c6c758a51a9ffc03639875681c3fc4ce2f8998
b6febcb3f5b6a0ce6826deca1106f885a9fcbd7cfab9607ba5d002fbadb66bc9
b7455d144e490666c4ea40495e9e5b7bf0d5b761f083117bea243fba7bf55617
b76cd40f0063087fdb3a1431f3aef8475b1ab1dbf2df538e344924ac18e0e8b8
b7e97bc42925b3851f43e93b3c9ba0c575805a3bb38796e3f552d3485289bb13
b7fe7fae54822b386f4189cba6b42ca5e39b588f351890cb720e2df3a235c2ca
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
b88be4c8b6d3d902fb0b4743a31ed50249d7e615c3d8c7e56e9b714008860bc6
ba20c04523ca1a6317201ed9e6c18c2c1c6add8c1704b19326ef3273a89843ea
ba6acd68106f8be24510525c15e77dd455b0d3b782b769720888d94506fddc3c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb71a210176037ef1b3c16f234f91b35f166f114e079270f122bf3b5c14cc72b
bb7769f781e63da1d34bf82fa179835903731fe182444d4a590eab210eb00cfc
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bece47a6ac7117c58458d05e7935b3930b7a653a7f8681f054d73a8ac1363059
bee4c3ddceefb6558b86e3d6bbe40326f6d67e1b0b535eb6949d570e7630d82d
bf74d05ef3658bb17a776ac753f5fd5dc934674c820cfc3fae82dff138b4265b
bfbe41519afb9ff3826bef2c01636b51fbfe592b37f42bf0d6dc2297396a0a63
c0f40267a0f670e15259a0c0e51bef54bfbb36267dac8186a4591c7c670a8a32
c136ff382ff9c1956d3230ffb83159ca00838dadaa3e239c37bd2c7ddce562f5
c180c1576187cb43db899d7f2e3536cfdbc26ecabdbfbf2a680f2e2e35ba8d0d
c1ba233081200a5f9a126278eb189aa1c192b633751acee9cf57752f7018290a
c20b1655f6bd97382e802009ef8c44e6869e56b9df00b2e048877bf7a557e94a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c37fd79deedf6507a9e0dbb2a5337870ee3d9054b30e707109bcab4df606a5bb
c3e5424c940e81b700243272693cbd0ef8e46a75e5e420d479974cfa7c022665
c46a4548b4a6e07f9e61074b08b305cbfa6194f703c741c36b7369527e0e7ac7
c5ad6a4ef692126850d2b5edc80ee1fe55a1a0fdf936a34eed1e9b2c088c0417
c5d7a47985453e79ff8d0be4ab22f35ac07eb5309ae3af0cf02382405db717a0
c612403127e1df840a458618f95245fee6e5a5891729132fb1b6f1a51db2c5c0
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c69f607556ae0debd4424e6173291dc3aa996ef3f32d0b8e0a90dd8c4c075ed6
c787774c567e123a78d24f8d9954b472cf1fcd126c95c8cddf7d7c1d983ee034
c787e18900faf758fc763e8cdc8ea06d4b45b776444140a7f97b2f5f888f3c0e
c8a1d73c0c379a65e2633ab420a8736eb7ebe46171dbeee5d03fecf506f8b5d5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca7776311a40664b65d73ab73c168ce0b908053c8ae48810ee7d7b388413d72a
cbbbd444a11deb8cd2e859fcaaf2ef16aac751ba04642ffafc0a35d928a52102
cbd720234f99364c9bdb3400429dc0521c61fc9c881c3fc6523e773c9d3a6e38
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cee40627f71f61917fe7c424f3c2d7a151f1479a215c28ec3c22aacd0482796e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d11bf5cc02f893e5237c37c2716f2abfa60e35efb82365d185c078412409585c
d16ccae6b6c441ef08abe230ffeef5f99dd1a3615bcb9c22036d36151bea2708
d2d8d76e1ee4540345921cd40d453b6f3eab04a552670034b8b49d3eed2952a1
d443235c5040b9e5a2461f69bcef0930f5820c356830bb0c59a4953d16f8a59e
d633bf877db4883e785b16e5374a1222ebcfe02b794fa85cba39166a4aac1436
d68041a6277f299fffb0599b9ad770df15db1143829fdb11b22c799144b81e11
d84a0b1762ac236a63b725af33ec3de2b13c62867991e036b658d1daf1f89a81
d9426dc10f95bb1705a7844de23cc7f34f6803cf825479c0a140f301d5019268
d9bedaea0cec5cb7b3a9410718e476880b99608aa6d60828bda420bc4d700d88
da49a1404ff461f3ef235a31261fe19ed1e9a3155f1650652e96afb90744a8e8
da54f4077278dbb27bc7f122beaac199d61116a5e14bf9b2b191185cb132e27c
da89bf5cdeaed1c080057dff7314a4803b9a076bc851efbc032a7ff9cedb94cf
dae0684c99fd70921cadd41f0cbc6fc259020d652a5a03e5e0820e8dec632384
dafa3ce4de4cc56876b0fc6c36628fbcade9f4b07d7f27e4ca67744d91b2beb7
db3e8693a105306852148f0d3793d98cfaa4c7e7d59e835285a3f873d805b467
db44792d121b053781d74ae047172be9692e17979c78bf5a30619f616cc2b457
dba883c097f684545c96e0fa741e7bbd2a64273642df313b292b0157acf36f4a
dc23b9190a73bdca9d87c2a6d55165f19ea6d7336b8c0535d0c2300753b8d33d
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df15e702cc2a71d7f70543bd9f9f7bc489ee212c8fab2ee114d865bc5c16a9f7
df6052a1c5ee56a008da2ebac08c26c972495b5594c4c74d24383173a2106e4b
e0c804f4ee55eb0605cf0a011f53bea90ce2b1a90569c41f2f304787a0b7b4cb
e0de373149d2cd1f55664ec8001025b0dcb4c32ea94eec9c83d7546bf8559ce4
e19e820f4c4a540343d9ccaaccb7ded1f7b102a235f414ad5f87777b6e045f34
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e1eb9937f99b165574c25787b823c44e2bf0e87ab09696f5406fe8febed50bd4
e292c18c4176b103f3b8c37113e4403429094ceed346f4504932eafe09b329c9
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e352bd3598be515c20c398e90549e3f966fbce570d88adea32a7f43de7b08f83
e35826ea94105f6db9cbbe89d32755fe84706096c0bb22aca7954c024d40566c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c325bd8c8ebbcc78a4b17348415bfafe2bd8c0f05439b85c05aa07afe676c9
e3cefe45d5e31617a8357236d915cd7f9e3b17638539601cdbf458e5128e1866
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4750ab4269bbd4a010bb44391946cb8f98d0c019949ab7393c3e420666cff7f
e4775138bd3f9f648e391266e2e3464c9ec17cb68ad65191e437c054083df789
e4c2c952996c9079d1674ed28854a064013e6725f57242d53398e8edfa525836
e62ff111daf17418d9a23c8cf57947f202701d3d0fb370d29579f60bc9b29dc8
e6a5337ba8143cfd51714ca4419a7efb556e86fb5cb08df9db6b3e4b8c1b0f2d
e79e411e4315addbc7c37430ed40b187291f03fdce4a4c0d0745d42a0206b0c6
e7e665e11676888ee5a3479c00fecf5f064bb5ec0654532bd6ae85b236be58d5
e8c4ab07002d64eb3434073989a815c795658868c71aee4eadb6725d1f92d348
e9105a60cf41379142eea4fb3e0a70aacc055a01a3e1ebbb08ff99145f7154b0
e98e004596f9acb560d94b3cbdea79b5d82045f2c64917b01d10f7070cc47e2d
e9d4ea9a68849273c2928009596af50cb978ffcb3fcb10792566eabf37428b56
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb5fc745ec35dab17fc36f7db86124acd20c266c3b2135fe51d4bd5e20120592
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec637ae132868426c8801fda4fa17877692befe7d1fb6e4a2a32eb5a020b2a17
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ed1bbc47dcfc7e0d6aca3ae5d3ede6936632d44e5e2e77f559fcf83fa76c1a01
ef07cced5d667f893aae903a9dd20019ece46817597ec28448bb5ea6e665340b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa56debf07f9a07ec806f671b8cb77d7166fac12db64d5fb9ac49dc5902e9f4
f2746b3f6a40896f5297f519a84027a2c76a0c494f61877bd2a7db5aa7d0d78b
f2e59d2e46b3f5e4d48e78ce4e354b02833536d27766eaf0e1f0865267d6aa58
f31ed4edda66b286ae5e18c8a4e87d66bd6e87869a0ed339788cd5b97ba65c28
f4241710e57486ad91102e31823e855469608e1aea362f1f0e059609c9eb9a56
f43ce0fa9703a02593b6aca0a155887aaf6d8bc2271301104ea0910072da241f
f5941bf2e7c741352ce08346978b777322b09694b02ee04da73a19b418b28f17
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f7250e7293dcef84a3167a1074ad35e2ab598ffdb8ee0b49ef7fdc6cf848a169
f8711e5f1f556c0dca8f2242a720b78f6d8a5e725d6beafd45fa51438e0d312d
fb9664816322481731630fa5adec6fd89fdfa8b7554cf092e063af9434f4edb0
fe221ff04e857119d31bf32e58b6933983f00c2746e7ef06621e749b68f8d5c8
fe7bd8cacf9680625b7da9649a92bee8ab705909190040bad2396b2d6ca9436e
ff356f603e54a4309675ba3b0bb3cd441ba609eb2e92b611b9276704bba4302b