www.celebsecrets.com Open in urlscan Pro
192.124.249.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://celebsecrets.com/
Effective URL:
https://www.celebsecrets.com/
Submission: On September 27 via manual (September 27th 2021, 6:08:40 pm UTC) from US — Scanned from DE

Summary HTTP 224 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 22 domains to perform 224 HTTP transactions. The main IP is 192.124.249.164, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is www.celebsecrets.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 10th 2021. Valid for: a year.

This is the only time www.celebsecrets.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 89	192.124.249.164 192.124.249.164	30148 (SUCURI-SEC) (SUCURI-SEC)
1	142.250.184.232 142.250.184.232	15169 (GOOGLE) (GOOGLE)
6	216.58.212.170 216.58.212.170	15169 (GOOGLE) (GOOGLE)
15	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	132.148.250.104 132.148.250.104	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
8	172.217.23.99 172.217.23.99	15169 (GOOGLE) (GOOGLE)
4	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
24	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
3	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
7	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	74.125.140.154 74.125.140.154	15169 (GOOGLE) (GOOGLE)
1 30	142.250.185.193 142.250.185.193	15169 (GOOGLE) (GOOGLE)
8	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
2 4	172.217.18.100 172.217.18.100	15169 (GOOGLE) (GOOGLE)
1	216.58.212.142 216.58.212.142	15169 (GOOGLE) (GOOGLE)
2	142.250.185.206 142.250.185.206	15169 (GOOGLE) (GOOGLE)
1	34.95.89.54 34.95.89.54	15169 (GOOGLE) (GOOGLE)
12	172.67.74.129 172.67.74.129	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	91.228.74.134 91.228.74.134	16509 (AMAZON-02) (AMAZON-02)
1 1	52.18.11.109 52.18.11.109	16509 (AMAZON-02) (AMAZON-02)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	18.169.113.1 18.169.113.1	16509 (AMAZON-02) (AMAZON-02)
1	104.26.6.27 104.26.6.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.26.11.209 104.26.11.209	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
1	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
224	27

89 192.124.249.164 (Menifee, United States) 1 redirects

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10164.sucuri.net

celebsecrets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.celebsecrets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 216.58.212.170 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f170.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 132.148.250.104 (Ashburn, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-132-148-250-104.ip.secureserver.net

celebsecretscountry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.23.99 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f99.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.140.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 142.250.185.193 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.100 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.142 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f14.1e100.net

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.89.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.89.95.34.bc.googleusercontent.com

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.67.74.129 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.134 (United Kingdom)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.11.109 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-11-109.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.169.113.1 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-169-113-1.eu-west-2.compute.amazonaws.com

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.6.27 (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.11.209 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.239.217 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
89	celebsecrets.com 1 redirects celebsecrets.com www.celebsecrets.com	1 MB
45	googlesyndication.com 1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com	509 KB
25	doubleclick.net 2 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	173 KB
19	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com	282 KB
14	ad4m.at as.ad4m.at ad4m.at assets.ad4m.at	256 KB
7	googletagservices.com www.googletagservices.com	260 KB
7	google.com 2 redirects adservice.google.com www.google.com	1 KB
6	googleapis.com fonts.googleapis.com	4 KB
4	google-analytics.com www.google-analytics.com	21 KB
3	awin1.com 1 redirects www.awin1.com	2 KB
3	google.de adservice.google.de	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	openx.net 2 redirects rtb.openx.net	759 B
2	ad4mat.net prod-rtb.ad4mat.net static-de.ad4mat.net	4 KB
1	congstar.de banner.congstar.de	518 B
1	innovid.com ag.innovid.com	296 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	461 B
1	everesttech.net 1 redirects pixel.everesttech.net	376 B
1	quantserve.com cms.quantserve.com	463 B
1	googleadservices.com partner.googleadservices.com	660 B
1	celebsecretscountry.com celebsecretscountry.com	330 KB
1	googletagmanager.com www.googletagmanager.com	39 KB
224	22

	Domain	Requested by
88	www.celebsecrets.com	www.celebsecrets.com
30	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.celebsecrets.com
15	pagead2.googlesyndication.com	www.celebsecrets.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	www.gstatic.com	googleads.g.doubleclick.net
8	fonts.gstatic.com	fonts.googleapis.com
7	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	assets.ad4m.at	as.ad4m.at
6	fonts.googleapis.com	www.celebsecrets.com googleads.g.doubleclick.net
5	cm.g.doubleclick.net	googleads.g.doubleclick.net
4	ad4m.at	as.ad4m.at ad4m.at
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.celebsecrets.com
3	www.awin1.com	1 redirects as.ad4m.at
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	ad.doubleclick.net	2 redirects
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	2 redirects
2	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	banner.congstar.de	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	www.celebsecrets.com
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	celebsecretscountry.com	www.celebsecrets.com
1	www.googletagmanager.com	www.celebsecrets.com
1	celebsecrets.com	1 redirects
224	34

This site contains links to these domains. Also see Links.

Domain
celebsecrets.com
www.facebook.com
twitter.com
instagram.com
www.linkedin.com
celebsecrets.tumblr.com
youtube.com
open.spotify.com
www.tiktok.com
celebsecretscountry.com

Subject Issuer	Validity	Valid
celebsecrets.com Go Daddy Secure Certificate Authority - G2	`2021-06-10` - `2022-07-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
celebsecretscountry.com cPanel, Inc. Certification Authority	`2021-09-05` - `2021-12-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2021-08-24` - `2021-11-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.congstar.de TeleSec ServerPass Class 2 CA	`2021-05-18` - `2022-05-23`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://www.celebsecrets.com/
Frame ID: 27250697F9A01E446C0FD36FE9281C31
Requests: 124 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html
Frame ID: ECF9C55B66109F45A954FF4DAA3E10F9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&adk=1812271804&adf=3025194257&lmt=1632766113&plat=3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fwww.celebsecrets.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113197&bpp=2&bdt=895&idt=135&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4915946576541&frm=20&pv=2&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=148
Frame ID: 16CFC9D0EDADAC05A5D05C61945FAF55
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=214710841&adf=823446599&pi=t.ma~as.5893798001&w=1152&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1152x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113199&bpp=2&bdt=897&idt=151&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=224&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Qmn37XEFGl&p=https%3A//www.celebsecrets.com&dtd=159
Frame ID: DA33B4D8EC9AC7AA9271C034661A99F1
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=2311510092&adf=649567976&pi=t.ma~as.5893798001&w=758&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=758x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113201&bpp=1&bdt=899&idt=169&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=224&ady=1447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=kAcjP7q6JP&p=https%3A//www.celebsecrets.com&dtd=177
Frame ID: 9CCE1D1A7C4D4BCF3C5EDF19B18E622E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=653550653&adf=310528827&pi=t.ma~as.5893798001&w=364&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=364x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113204&bpp=1&bdt=902&idt=224&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1012&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GkSocNMbrI&p=https%3A//www.celebsecrets.com&dtd=228
Frame ID: 9F9B0B21F9D161C0007421B005812BE8
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=3492521732&adf=383669989&pi=t.ma~as.5893798001&w=1200&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113205&bpp=1&bdt=903&idt=236&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=200&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=bhb9W8zY8j&p=https%3A//www.celebsecrets.com&dtd=239
Frame ID: E06323323550E7F2029FC69D9F6252F6
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=250&adk=2194861970&adf=1061621326&pi=t.aa~a.3990590433~i.5~rp.4&w=304&fwrn=4&fwrnh=100&lmt=1632766114&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8181068076&tp=site_kit&psa=0&ad_type=text_image&format=304x250&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&pra=3&rh=253&rw=303&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766114038&bpp=2&bdt=1736&idt=2&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280%2C1200x280&nras=2&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1042&ady=3700&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=3&fsb=1&xpc=0ZJoy6TDw4&p=https%3A//www.celebsecrets.com&dtd=15
Frame ID: 946BC8D7A4AD334B4D9E9DB35077BC9A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 922EED5A689E4197F7917D62CFD10AA7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1
Frame ID: 60AD4530EA7E95A397878942BF8F8A95
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 333DA8088DEC80A4D6B821DBD877E458
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 308131C38AE8FB014ED731C88C8CFA1F
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js
Frame ID: 9F16FED95FF3230540624AC231CFE90A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js
Frame ID: 2966400FC32118591BF8F12E9D0207F4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js
Frame ID: 5E7F3FCB02E4C8CCFBBCF2476C227CC6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js
Frame ID: E3B19F29ABB8422E1844A47221E5337F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js
Frame ID: D7B90DC62451DFE697871F1DDABDD41C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Co--VoghSYevKBYOAwuIPlNKSwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTY2MTY5MTgyNjkxNzkyoAHCrujdA8gBCakCQKsTg1qfsz6oAwGqBLABT9DqxS1GWAMCIe9TDenoWAs9nxHny1mZSbpi9tGICV7a-OzaglKj_zysjRuUpnV0Yxan_htKZfI1CP0SLjR2hSspfTaj4WeDOzb8NnRA3LM8KIr6oEath-7ybBbdfz7_RRpcQFMqln8uFYJ857S_WfN115igZjtczxsvTGb2-yLntEwkxedqvJ8x2vJSCz3AjguK3k_xFYnPXBe3mp6uAFBl4vLDcTtIZjSPEYJ6fyWABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjk2NjE2OTE4MjY5MTc5MhgA&sigh=nJsbWF1pJew
Frame ID: 6758BAE6C53D0C6E0D7D4AD17F0DE374
Requests: 6 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h4ya18s1kfdnfd9ram3a8ddxmyw0x1ec6hwezrha1k1yywxx0ed6ac3wv12kwj8pepdezkevzrhgqcycg5m64q3p4jr19yxhw80p8dembmhp655fp6ry3k4ntrve7rftsdw6br47cbkp6qc6fh59zbv689j5hph3yt2dt5nwb95gfg8se3dj9t24xydaftx7j86b1cshmqjfr47rt7fvvvke3hw48pf01w6y53e3yvydbr2zfth13zxzfbvetd16xx9d9p16sgshbnsgwp6pbpn0apxt4wkvj2hspyvdwpeqmjsz0ar62n98axsps3b6kgmbryp31q6fkmnqny82r4yzwtrwekmrz7t8pmagrdg3e5dt8ywtgg8y0hcf2ea8zefhzdzd33a7831ha28pwvm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPlUEoghSYevKBYOAwuIPlNKSwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTY2MTY5MTgyNjkxNzkyoAHCrujdA8gBCakCQKsTg1qfsz6oAwGqBLMBT9DqxS1GWAMCIe9TDenoWAs9nxHny1mZSbpi9tGICV7a-OzaglKj_zysjRuUpnV0Yxan_htKZfI1CP0SLjR2hSspfTaj4WeDOzb8NnRA3LM8KIr6oEath-7ybBbdfz7_RRpcQFMqln8uFYJ857S_WfN115igZjtczxsvTGb2-yLntEwkxedqvJ8x2vJSCz3AjguK3k_xFYnPXBe3mp7sAl33NSdEMfPPLqJVWBCIRjGmn1yABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3CWrztQ8Dca7b-UNFaJhkE7mzIgg%26client%3Dca-pub-2966169182691792%26adurl%3D
Frame ID: 2EC5B71E6FD7D926B6A8228BC0D49BBF
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 488899969A7F3ADBB5786152EED2E2F3
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 3D1DBB42A1216B27E5F9A9B5DBAB24C3
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=w3oNY75lPv7hWTtkHYAt0RAD3aqQOOKU&g=52b8c06757afbade14d4b2278ee5582f%2F10677092497270297395&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632766115091&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h9j3f2e3x7201zch20hs4tzk27hsysr0nvq79tqw8m2ss1dag1n8s54vtqbt5z5krjzty8ccv6xzgr2vqet9wg5n7j543re0j8wcxfgqpy5c91kgrqym4ce4dyjcterc2vekpb79dzkxz6syn28y3yaw86q595nm80nzy1cda4z2r66d5t7pvm99ahh1ppv43xvne0yghv3zs3p43sadmebt7knpx9n1qpbc8hgjjg7m6rkw2ak82ah057g323hc4e16cx7k039w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCPlUEoghSYevKBYOAwuIPlNKSwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTY2MTY5MTgyNjkxNzkyoAHCrujdA8gBCakCQKsTg1qfsz6oAwGqBLMBT9DqxS1GWAMCIe9TDenoWAs9nxHny1mZSbpi9tGICV7a-OzaglKj_zysjRuUpnV0Yxan_htKZfI1CP0SLjR2hSspfTaj4WeDOzb8NnRA3LM8KIr6oEath-7ybBbdfz7_RRpcQFMqln8uFYJ857S_WfN115igZjtczxsvTGb2-yLntEwkxedqvJ8x2vJSCz3AjguK3k_xFYnPXBe3mp7sAl33NSdEMfPPLqJVWBCIRjGmn1yABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3CWrztQ8Dca7b-UNFaJhkE7mzIgg%252526client%25253Dca-pub-2966169182691792%252526adurl%25253D&y=1&z=0
Frame ID: AD3AFAB9EA7E7AAF275B13541E70B83E
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F8E1EA94CD1234AC01387DEC2932523C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 01B60FEBE60340957FBB588C3EEC7122
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Celeb Secrets – Celebrity News, Photos, Videos & Exclusives

Page URL History Show full URLs

http://celebsecrets.com/ HTTP 301
https://www.celebsecrets.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

224
Requests

100 %
HTTPS

0 %
IPv6

22
Domains

34
Subdomains

27
IPs

4
Countries

3256 kB
Transfer

6079 kB
Size

23
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://celebsecrets.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://www.facebook.com/celebsecrets
Title: facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/celebsecrets
Title: twitter

Search URL Search Domain Scan URL

URL: http://instagram.com/celebsecrets
Title: instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/celeb-secrets/
Title: linkedin

Search URL Search Domain Scan URL

URL: http://celebsecrets.tumblr.com/
Title: tumblr

Search URL Search Domain Scan URL

URL: http://youtube.com/celebsecrets4u
Title: youtube

Search URL Search Domain Scan URL

URL: https://open.spotify.com/user/celebsecrets
Title: spotify

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@celebsecrets
Title: tiktok

Search URL Search Domain Scan URL

URL: http://celebsecretscountry.com/

Search URL Search Domain Scan URL

URL: https://celebsecrets.com/category/news
Title: breaking news

Search URL Search Domain Scan URL

URL: https://celebsecrets.com/category/interviews
Title: interviews

Search URL Search Domain Scan URL

URL: https://celebsecrets.com/category/exclusive
Title: exclusive premieres

Search URL Search Domain Scan URL

URL: https://celebsecrets.com/category/awards
Title: awards

Search URL Search Domain Scan URL

URL: https://celebsecrets.com/category/lifestyle
Title: lifestyle

Search URL Search Domain Scan URL

URL: https://celebsecrets.com/category/music
Title: music

Search URL Search Domain Scan URL

URL: https://celebsecrets.com/category/movies
Title: movies

Search URL Search Domain Scan URL

URL: https://celebsecrets.com/category/sports
Title: sports

Search URL Search Domain Scan URL

URL: https://celebsecrets.com/category/television
Title: television

Search URL Search Domain Scan URL

URL: http://youtube.com/user/celebsecrets4u

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://celebsecrets.com/ HTTP 301
https://www.celebsecrets.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 157

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 181

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 192

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_n_ytjgEQvAUYvAUyCMNw1969VdNC HTTP 301
https://tpc.googlesyndication.com/simgad/16070581098593856202

Request Chain 207

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLEwi0FmtrF_NVDdgOG6qhEGbabU8nsnjv6FnkIgstqHnLDKrZ8udt_GOowUhe-vo6XWScz6FXmCEWOZlb0ks7NTRq1m__W&google_gid=CAESEFjqnAL3WyHaQqn1_9MRTB0&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVZJSW9nQUFCTVo1bW1vNA&google_push=AYg5qPLEwi0FmtrF_NVDdgOG6qhEGbabU8nsnjv6FnkIgstqHnLDKrZ8udt_GOowUhe-vo6XWScz6FXmCEWOZlb0ks7NTRq1m__W

Request Chain 208

https://rtb.openx.net/sync/dds?google_gid=CAESEG2Rb1aajd7vZJmMk1pQgwk&google_cver=1&google_push=AYg5qPIfcaeTkwOgovspylVzoAqR39MdSmwWx5fYr5nuBpeD-U5b63o8OpryYgqXQ8r7KyZfT505HYIOSfDbn000xf5S5xwAhKH- HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEG2Rb1aajd7vZJmMk1pQgwk&google_cver=1&google_push=AYg5qPIfcaeTkwOgovspylVzoAqR39MdSmwWx5fYr5nuBpeD-U5b63o8OpryYgqXQ8r7KyZfT505HYIOSfDbn000xf5S5xwAhKH-&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIfcaeTkwOgovspylVzoAqR39MdSmwWx5fYr5nuBpeD-U5b63o8OpryYgqXQ8r7KyZfT505HYIOSfDbn000xf5S5xwAhKH-&google_hm=6z3hJX8Yzi4JF0n4rCv5kw==

Request Chain 209

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFz2kB1oaJAksirkvyU5AB8&google_cver=1&google_push=AYg5qPKunsnqw52u3Pz_6BvqrL10GaFKDURFFGsZzTN9Mu3r9fxdL2HAMpJ4RHovcrD5u2k-AfYsjYP06l6Uso6t-Kh_f5qBeSMr HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEFz2kB1oaJAksirkvyU5AB8&google_cver=1&google_push=AYg5qPKunsnqw52u3Pz_6BvqrL10GaFKDURFFGsZzTN9Mu3r9fxdL2HAMpJ4RHovcrD5u2k-AfYsjYP06l6Uso6t-Kh_f5qBeSMr&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P6aV2GJ9Ttmd-1RpyMyk3A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKunsnqw52u3Pz_6BvqrL10GaFKDURFFGsZzTN9Mu3r9fxdL2HAMpJ4RHovcrD5u2k-AfYsjYP06l6Uso6t-Kh_f5qBeSMr

Request Chain 210

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOx7yQRBogF_TfGYxb6I-Ac&google_cver=1&google_push=AYg5qPLyE1MOYEJvfsN2VSzZTWtcOR1CVWKaRj1BeKABZlw8kDOiJ57w7TPCHA-SaAAzYkah03gLfEVyzeTVZJdP93A2CON7Dl2X HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1UyWVNEQjUtMVAtMkU1Vw==&google_push=AYg5qPLyE1MOYEJvfsN2VSzZTWtcOR1CVWKaRj1BeKABZlw8kDOiJ57w7TPCHA-SaAAzYkah03gLfEVyzeTVZJdP93A2CON7Dl2X

Request Chain 211

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xKYgMTQAmRtpCALYcQMM-MSXzvY2nUIhO4BsXEIphnOtAuLmH7UCxqPdAJsBKijbL HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xKYgMTQAmRtpCALYcQMM-MSXzvY2nUIhO4BsXEIphnOtAuLmH7UCxqPdAJsBKijbL&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xKYgMTQAmRtpCALYcQMM-MSXzvY2nUIhO4BsXEIphnOtAuLmH7UCxqPdAJsBKijbL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xKYgMTQAmRtpCALYcQMM-MSXzvY2nUIhO4BsXEIphnOtAuLmH7UCxqPdAJsBKijbL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xKYgMTQAmRtpCALYcQMM-MSXzvY2nUIhO4BsXEIphnOtAuLmH7UCxqPdAJsBKijbL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xKYgMTQAmRtpCALYcQMM-MSXzvY2nUIhO4BsXEIphnOtAuLmH7UCxqPdAJsBKijbL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xKYgMTQAmRtpCALYcQMM-MSXzvY2nUIhO4BsXEIphnOtAuLmH7UCxqPdAJsBKijbL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xKYgMTQAmRtpCALYcQMM-MSXzvY2nUIhO4BsXEIphnOtAuLmH7UCxqPdAJsBKijbL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xKYgMTQAmRtpCALYcQMM-MSXzvY2nUIhO4BsXEIphnOtAuLmH7UCxqPdAJsBKijbL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xKYgMTQAmRtpCALYcQMM-MSXzvY2nUIhO4BsXEIphnOtAuLmH7UCxqPdAJsBKijbL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xKYgMTQAmRtpCALYcQMM-MSXzvY2nUIhO4BsXEIphnOtAuLmH7UCxqPdAJsBKijbL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xKYgMTQAmRtpCALYcQMM-MSXzvY2nUIhO4BsXEIphnOtAuLmH7UCxqPdAJsBKijbL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xKYgMTQAmRtpCALYcQMM-MSXzvY2nUIhO4BsXEIphnOtAuLmH7UCxqPdAJsBKijbL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xKYgMTQAmRtpCALYcQMM-MSXzvY2nUIhO4BsXEIphnOtAuLmH7UCxqPdAJsBKijbL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xKYgMTQAmRtpCALYcQMM-MSXzvY2nUIhO4BsXEIphnOtAuLmH7UCxqPdAJsBKijbL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xKYgMTQAmRtpCALYcQMM-MSXzvY2nUIhO4BsXEIphnOtAuLmH7UCxqPdAJsBKijbL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xKYgMTQAmRtpCALYcQMM-MSXzvY2nUIhO4BsXEIphnOtAuLmH7UCxqPdAJsBKijbL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xKYgMTQAmRtpCALYcQMM-MSXzvY2nUIhO4BsXEIphnOtAuLmH7UCxqPdAJsBKijbL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xKYgMTQAmRtpCALYcQMM-MSXzvY2nUIhO4BsXEIphnOtAuLmH7UCxqPdAJsBKijbL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xKYgMTQAmRtpCALYcQMM-MSXzvY2nUIhO4BsXEIphnOtAuLmH7UCxqPdAJsBKijbL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xKYgMTQAmRtpCALYcQMM-MSXzvY2nUIhO4BsXEIphnOtAuLmH7UCxqPdAJsBKijbL

Request Chain 232

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidw3oNY75lPv7hWTtkHYAt0RAD3aqQOOKUasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=COLKtOLfn_MCFTRY5QodODQD4w;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidw3oNY75lPv7hWTtkHYAt0RAD3aqQOOKUasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidw3oNY75lPv7hWTtkHYAt0RAD3aqQOOKUasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1632766115_ee975d60-1fbd-11ec-a1d8-692d067fb68d

224 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.celebsecrets.com/
Redirect Chain

http://celebsecrets.com/
https://www.celebsecrets.com/

233 KB
33 KB

2062ms
2022ms

Document
text/html

192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

c577726c3a9a76b040889f2e86bdc61ede513e9fd58569e7d669771b4bdb3a06

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.celebsecrets.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Mon, 27 Sep 2021 18:08:31 GMT
content-type: text/html; charset=UTF-8
content-length: 33696
x-sucuri-id: 15014
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://www.celebsecrets.com/wp-json/>; rel="https://api.w.org/"
set-cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860; path=/
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-sucuri-cache: MISS

Redirect headers

Server: Sucuri/Cloudproxy
Date: Mon, 27 Sep 2021 18:08:29 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 237
Connection: keep-alive
X-Sucuri-ID: 15014
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Location: https://www.celebsecrets.com/
X-Sucuri-Cache: EXPIRED

GET
H2 200 g1-socials.woff
www.celebsecrets.com/wp-content/plugins/g1-socials/css/iconfont/fonts/ 9 KB
9 KB 95ms
94ms Font
font/x-woff 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/g1-socials/css/iconfont/fonts/g1-socials.woff

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

5fee992fe9fe9fb5bebd96f8a7a0bc978f755703a818fccff9d78d3ba2d7dc6c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.celebsecrets.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
:path: /wp-content/plugins/g1-socials/css/iconfont/fonts/g1-socials.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebsecrets.com/
Origin: https://www.celebsecrets.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 8693
x-xss-protection: 1; mode=block
last-modified: Wed, 14 Apr 2021 16:58:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c1f5c-2204-5bff1a7662086-gzip"
vary: Accept-Encoding,User-Agent
content-type: font/x-woff
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 snaxicon.woff
www.celebsecrets.com/wp-content/plugins/snax/css/snaxicon/fonts/ 12 KB
13 KB 365ms
365ms Font
font/x-woff 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/snax/css/snaxicon/fonts/snaxicon.woff

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

a7eb4dfaeb3a5b3370523b353c14853d801722a62325eb88ef60b3fd08f016f4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.celebsecrets.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
:path: /wp-content/plugins/snax/css/snaxicon/fonts/snaxicon.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebsecrets.com/
Origin: https://www.celebsecrets.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 12789
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 00:32:11 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8e00d2-31fc-5c564099089ba-gzip"
vary: Accept-Encoding,User-Agent
content-type: font/x-woff
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 121ms
56ms Script
application/javascript 142.250.184.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-90528847-1

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

10aedcc6862cd5551fe93a26d7212b71332c401fd05352388c6976bad2e1de94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:33 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39311
x-xss-protection: 0
expires: Mon, 27 Sep 2021 18:08:33 GMT

GET
H2 200 style.min.css
www.celebsecrets.com/wp-content/plugins/ad-ace/assets/css/ 6 KB
2 KB 375ms
373ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/ad-ace/assets/css/style.min.css?ver=1.3.24

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

8b3313ac4bf98c0f8bab5b27cb0e7909351cd7f5d62c68bfad25c0b04cc9c99b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/ad-ace/assets/css/style.min.css?ver=1.3.24
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 1602
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 00:32:00 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "9892b7-18f8-5c56408ef7b08-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 shoppable-images-front.min.css
www.celebsecrets.com/wp-content/plugins/ad-ace/assets/css/ 6 KB
2 KB 649ms
645ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/ad-ace/assets/css/shoppable-images-front.min.css?ver=1.3.24

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

30cd961db82d46c3ac5c6a4abb291fcdc9e1bd4ded973363d2c8dad8039bf3df

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/ad-ace/assets/css/shoppable-images-front.min.css?ver=1.3.24
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 1343
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 00:32:00 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "9892b9-19e6-5c56408ef9e30-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mashsb.min.css
www.celebsecrets.com/wp-content/plugins/mashsharer/assets/css/ 50 KB
30 KB 381ms
377ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/mashsharer/assets/css/mashsb.min.css?ver=3.8.0

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

916079cc6df11c53017bb1357534c9d0c19583159b1c5645dabf6070b84adcc2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/mashsharer/assets/css/mashsb.min.css?ver=3.8.0
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 29930
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 18:36:16 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c13b8-c7c0-5ca7aa4698479-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 youtube.min.css
www.celebsecrets.com/wp-content/plugins/media-ace/includes/lazy-load/assets/css/ 1019 B
833 B 364ms
360ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/media-ace/includes/lazy-load/assets/css/youtube.min.css?ver=1.4.12

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

91f8456df712188504db6297b5a7e05225cf9466910e68c754a138ba79060546

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/media-ace/includes/lazy-load/assets/css/youtube.min.css?ver=1.4.12
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 451
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 00:32:04 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c20d2-3fb-5c5640922990b-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gallery.min.css
www.celebsecrets.com/wp-content/plugins/media-ace/includes/gallery/css/ 13 KB
3 KB 368ms
364ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/media-ace/includes/gallery/css/gallery.min.css?ver=4.9.18

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

65125c9094777f67a9ff4142953b40709a43718de763e7fd23e63fa18d53fa79

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/media-ace/includes/gallery/css/gallery.min.css?ver=4.9.18
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 2355
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 00:32:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c2031-3425-5c564091bee00-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 magnific-popup.css
www.celebsecrets.com/wp-content/plugins/snax/assets/js/jquery.magnific-popup/ 7 KB
2 KB 370ms
366ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/snax/assets/js/jquery.magnific-popup/magnific-popup.css?ver=4.9.18

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/snax/assets/js/jquery.magnific-popup/magnific-popup.css?ver=4.9.18
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 1816
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 00:32:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8e01df-1b27-5c56409a267f8-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 snax.min.css
www.celebsecrets.com/wp-content/plugins/snax/css/ 48 KB
8 KB 395ms
391ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/snax/css/snax.min.css?ver=1.89

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

8bd0ece453523856db6704ce9e88360cd63332528e1fe83cc60731e21109f6f1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/snax/css/snax.min.css?ver=1.89
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 7747
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 00:32:11 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8e0067-be74-5c564098b9c00-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.min.css
www.celebsecrets.com/wp-content/plugins/whats-your-reaction/css/ 5 KB
1 KB 368ms
364ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/whats-your-reaction/css/main.min.css?ver=1.3.17

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

be782e7a599f69742b110ad7060bb33567b4cf4c0a2178a0691529bdecd0bae5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/whats-your-reaction/css/main.min.css?ver=1.3.17
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 1077
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 00:32:14 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8e03a9-1249-5c56409bcaaa9-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.css
www.celebsecrets.com/wp-content/plugins/wp-user-avatar/assets/css/ 70 KB
10 KB 381ms
377ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=3.1.17

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

8adc377a6a5c1d3a9ab10793c57b6dc6fdfcff0de61f52dda905da037d1c1e7c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/wp-user-avatar/assets/css/frontend.min.css?ver=3.1.17
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 9791
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 18:36:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c1493-117d9-5ca7aa49d17ac-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 flatpickr.min.css
www.celebsecrets.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 16 KB
3 KB 375ms
371ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=3.1.17

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

661e00570c65c29528d9ce6ee19e5e9939986716c293def67b07f8b6a191b018

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.css?ver=3.1.17
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 3011
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 18:36:19 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c140e-3e52-5ca7aa498ca1b-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 select2.min.css
www.celebsecrets.com/wp-content/plugins/wp-user-avatar/assets/select2/ 15 KB
2 KB 378ms
374ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=4.9.18

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/wp-user-avatar/assets/select2/select2.min.css?ver=4.9.18
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 1995
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 18:36:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c14c4-3a75-5ca7aa49fdab5-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 all-light.min.css
www.celebsecrets.com/wp-content/themes/bimber/css/9.1.1/styles/news/ 203 KB
31 KB 391ms
387ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/themes/bimber/css/9.1.1/styles/news/all-light.min.css?ver=9.1.1

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

72916f7bbe1f58074ed2c8307708f415ea14c84c1db4ed0ad1e203ff05b0c903

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/bimber/css/9.1.1/styles/news/all-light.min.css?ver=9.1.1
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 31685
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 18:31:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c099a-32db7-5ca7a91bd04cd-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 60ms
22ms Stylesheet
text/css 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%2C700&subset=latin%2Clatin-ext&display=swap&ver=9.1.1

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f170.1e100.net

Software

ESF /

Resource Hash

d9c65db554d57f17a964bee80b4c94050e40f3a692852cf0ca2fdb9612c83273

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:01:17 GMT
server: ESF
date: Mon, 27 Sep 2021 18:08:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Sep 2021 18:08:32 GMT

GET
H2 200 dynamic-style-1630002672.css
www.celebsecrets.com/wp-content/uploads/ 14 KB
3 KB 377ms
373ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/uploads/dynamic-style-1630002672.css

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

995fa6a1d3ca2df50d0052ce2147058a3f258dce731085cb7a22c71b1374d9cc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/dynamic-style-1630002672.css
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 2813
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 18:31:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "9c963c-3972-5ca7a924afcc2-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 snax-extra-light.min.css
www.celebsecrets.com/wp-content/themes/bimber/css/9.1.1/styles/news/ 24 KB
5 KB 379ms
376ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/themes/bimber/css/9.1.1/styles/news/snax-extra-light.min.css?ver=9.1.1

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

7247f875a22d220ec2dabb0e39ee42d46fcf43df2d7d92a3a7f9c469991a1c3a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/bimber/css/9.1.1/styles/news/snax-extra-light.min.css?ver=9.1.1
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 4440
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 18:31:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c09a2-5f22-5ca7a91bd9555-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mashshare-light.min.css
www.celebsecrets.com/wp-content/themes/bimber/css/9.1.1/styles/news/ 8 KB
2 KB 381ms
378ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/themes/bimber/css/9.1.1/styles/news/mashshare-light.min.css?ver=9.1.1

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

2e6b0a2cec3859dab46e9fd4e4ef15651195c3be5bc1e7ff472c803ddb508e95

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/bimber/css/9.1.1/styles/news/mashshare-light.min.css?ver=9.1.1
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 1816
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 18:31:03 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c0991-1f99-5ca7a91bc688d-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend-gtag.min.js Show response
www.celebsecrets.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 9 KB
3 KB 385ms
383ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=7.18.0

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

a98e42b2d4ab1ae36f3b270a0dff6ad2f158100833978ff0a549674a2543e78a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=7.18.0
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 2801
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Jul 2021 06:01:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "ce084d-23d2-5c7c422cb52f6-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.js Show response
www.celebsecrets.com/wp-includes/js/jquery/ 95 KB
33 KB 393ms
390ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-includes/js/jquery/jquery.js?ver=1.12.4

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/jquery/jquery.js?ver=1.12.4
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 33776
x-xss-protection: 1; mode=block
last-modified: Thu, 05 Sep 2019 01:33:18 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1443ba3-17a6a-591c44e62e47b-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.celebsecrets.com/wp-includes/js/jquery/ 10 KB
4 KB 382ms
380ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 4014
x-xss-protection: 1; mode=block
last-modified: Fri, 20 May 2016 06:11:28 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1443b9d-2748-5333ff613c400-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slot-slideup.js Show response
www.celebsecrets.com/wp-content/plugins/ad-ace/assets/js/ 2 KB
1 KB 386ms
384ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/ad-ace/assets/js/slot-slideup.js?ver=1.3.24

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

a7acfb3926865d68cafe8359320b0fa8959de6de7d2422ec43bd2a3736c40754

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/ad-ace/assets/js/slot-slideup.js?ver=1.3.24
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 687
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 00:32:00 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "9892c0-6cf-5c56408eff421-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 shoppable-images-front.js Show response
www.celebsecrets.com/wp-content/plugins/ad-ace/includes/shoppable-images/assets/js/ 2 KB
1 KB 382ms
380ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/ad-ace/includes/shoppable-images/assets/js/shoppable-images-front.js?ver=1.3.24

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

d355cf98aeecbb16480cc19e5f0afa9cf9b0a92526437d3e91a084a5ca78d400

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/ad-ace/includes/shoppable-images/assets/js/shoppable-images-front.js?ver=1.3.24
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 675
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 00:32:00 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c1897-700-5c56408eacbcf-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 coupons.js Show response
www.celebsecrets.com/wp-content/plugins/ad-ace/assets/js/ 2 KB
1 KB 391ms
389ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/ad-ace/assets/js/coupons.js?ver=1.3.24

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

1069a63dba084c49a2d8946bddfaed6f2701a02f718ece3e59c41a4e69479204

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/ad-ace/assets/js/coupons.js?ver=1.3.24
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 645
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 00:32:00 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "9892c3-615-5c56408f01749-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mashsb.min.js Show response
www.celebsecrets.com/wp-content/plugins/mashsharer/assets/js/ 16 KB
5 KB 389ms
387ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/mashsharer/assets/js/mashsb.min.js?ver=3.8.0

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

fa3c969639cf419ee66ff6ba52dbb8acd4dc86c4754b8e0f0ae8ef1c1e189fe0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/mashsharer/assets/js/mashsb.min.js?ver=3.8.0
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 4405
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 18:36:16 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c13c1-3f3b-5ca7aa46aa971-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 flatpickr.min.js Show response
www.celebsecrets.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/ 47 KB
14 KB 391ms
389ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=4.9.18

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

fe2ac5219992a3608a5c9e2bc4759fac8fb2189b88d7a674d395ff6c435da536

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/wp-user-avatar/assets/flatpickr/flatpickr.min.js?ver=4.9.18
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 13761
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 18:36:19 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c140f-bd86-5ca7aa498e18b-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 select2.min.js Show response
www.celebsecrets.com/wp-content/plugins/wp-user-avatar/assets/select2/ 69 KB
20 KB 440ms
439ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=4.9.18

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/wp-user-avatar/assets/select2/select2.min.js?ver=4.9.18
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 19904
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 18:36:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c14c5-114c3-5ca7aa49ff225-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 modernizr-custom.min.js Show response
www.celebsecrets.com/wp-content/themes/bimber/js/modernizr/ 7 KB
3 KB 393ms
391ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/themes/bimber/js/modernizr/modernizr-custom.min.js?ver=3.3.0

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

2e66ce2eadd79bca0080194f87dbf2f1d01bbf996241615de43d94dfc7eb1d0d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/bimber/js/modernizr/modernizr-custom.min.js?ver=3.3.0
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 3073
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 18:31:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c0f64-1b70-5ca7a921a8288-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 144ms
85ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

fefad7e7c34ba89f96e18c3cce587cc5b5e42de8190610e6947fda7aec19d527

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49943
x-xss-protection: 0
server: cafe
etag: 2151007261075651100
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 27 Sep 2021 18:08:33 GMT

GET
H2 200 header_TRANSPARENT.png
www.celebsecrets.com/wp-content/uploads/2019/02/07/ 72 KB
72 KB 386ms
381ms Image
image/png 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2019/02/07/header_TRANSPARENT.png

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

970ec28c858a30ab21ee316f9a6cf6f9de5287fc7821af8849538cc96871dec2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2019/02/07/header_TRANSPARENT.png
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 73424
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Feb 2019 05:01:23 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "d24756-11ed0-58146bbe1445d"
vary: User-Agent
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.celebsecrets.com/wp-includes/js/ 12 KB
5 KB 379ms
373ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-includes/js/wp-emoji-release.min.js?ver=4.9.18

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=4.9.18
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 4347
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Apr 2021 13:33:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1443c15-2ea7-5c002e8d4aafc-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 DSC_3118-110x110.jpg
www.celebsecrets.com/wp-content/uploads/2021/08/ 8 KB
9 KB 387ms
381ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2021/08/DSC_3118-110x110.jpg

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

826bdb0684625b9484e5ba8bdf7778b58c7cb4bd88c22b6e64ad5f5f08e0eb09

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/08/DSC_3118-110x110.jpg
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 8504
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 20:51:45 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "ce0f1b-2138-5ca7c88e99e3f"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IMG_2354-110x110.jpg
www.celebsecrets.com/wp-content/uploads/2021/01/21/ 4 KB
5 KB 383ms
378ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2021/01/21/IMG_2354-110x110.jpg

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

2d4d539ba58efe2a5d490c3c1cce7fb53c39791b20b14175cdd504f829d3c9a1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/01/21/IMG_2354-110x110.jpg
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 4423
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Jan 2021 02:13:33 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "9c312f-1147-5b95f9e56ead5"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IMG_0935-48x48.jpg
www.celebsecrets.com/wp-content/uploads/2021/02/07/ 4 KB
5 KB 383ms
378ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2021/02/07/IMG_0935-48x48.jpg

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

ff9aa2eb069ac7ff0f7062c6816a8d1ca93c9e5e70950f6490a723cd6f29c143

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/02/07/IMG_0935-48x48.jpg
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 4545
x-xss-protection: 1; mode=block
last-modified: Sun, 07 Feb 2021 04:52:08 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "9c4b7f-11c1-5bab7d0d0dbcb"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IMG_0640-110x110.jpg
www.celebsecrets.com/wp-content/uploads/2021/06/ 8 KB
8 KB 387ms
383ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2021/06/IMG_0640-110x110.jpg

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

4dca312cf1910fa8b86cf95e4adc8e04da01dc959716b223af285ad95995f49f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/06/IMG_0640-110x110.jpg
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 8213
x-xss-protection: 1; mode=block
last-modified: Thu, 10 Jun 2021 19:46:15 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "ca2df2-2015-5c46ea4e09e5f"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jBPJ9nN4-48x48.jpg
www.celebsecrets.com/wp-content/uploads/2020/04/15/ 1 KB
2 KB 389ms
385ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2020/04/15/jBPJ9nN4-48x48.jpg

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

3802d624909d1dd6225bf0f488a6c91bfb29ebef84e3e524fc378523655dda53

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2020/04/15/jBPJ9nN4-48x48.jpg
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 1419
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Apr 2020 20:20:06 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "a62443-58b-5a35a0ac6c4f1"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IMG_5003-110x110.jpg
www.celebsecrets.com/wp-content/uploads/2021/04/ 6 KB
6 KB 391ms
387ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2021/04/IMG_5003-110x110.jpg

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

9d00d763f4644a37531dfa2e061bc85a45253d14a2e22a4a3c3defb5359d233f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/04/IMG_5003-110x110.jpg
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 5716
x-xss-protection: 1; mode=block
last-modified: Fri, 16 Apr 2021 00:13:37 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "9c0411-1654-5c00bd9fc20de"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Kelly-Pro-110x110.jpg
www.celebsecrets.com/wp-content/uploads/2021/06/ 3 KB
3 KB 388ms
384ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2021/06/Kelly-Pro-110x110.jpg

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

8607c3d46d280069cdaa1a39378ff7d6d4d1ead587ec36e8a4e7e367a37488f8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/06/Kelly-Pro-110x110.jpg
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 2804
x-xss-protection: 1; mode=block
last-modified: Wed, 09 Jun 2021 23:55:38 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "ca2c37-af4-5c45e02ebd5a5"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IMG_8930-110x110.jpg
www.celebsecrets.com/wp-content/uploads/2021/08/ 8 KB
9 KB 388ms
384ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2021/08/IMG_8930-110x110.jpg

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

e86f318afe68ae1cbd7d2a3b00734e1d3fe53f6ff08b6bfea9af5006e4b35328

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/08/IMG_8930-110x110.jpg
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 8641
x-xss-protection: 1; mode=block
last-modified: Sat, 07 Aug 2021 19:28:58 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "ce269a-21c1-5c8fd29da742f"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 TV_TRANSPARENT-300x169.png
www.celebsecrets.com/wp-content/uploads/2017/06/28/ 9 KB
9 KB 392ms
388ms Image
image/png 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2017/06/28/TV_TRANSPARENT-300x169.png

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

414d9c3b0873f82c4c97a189041a79f6a1c7b08380600bbeedc77bf7498c1102

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2017/06/28/TV_TRANSPARENT-300x169.png
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 9188
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Dec 2018 19:03:36 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "fe371b-23e4-57cebf8bf5200"
vary: User-Agent
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 CelebSecretsCountry_Logo-300x136.png
www.celebsecrets.com/wp-content/uploads/2016/12/15/celebsecrets4u/ 18 KB
19 KB 392ms
389ms Image
image/png 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2016/12/15/celebsecrets4u/CelebSecretsCountry_Logo-300x136.png

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

212085b116ddda61ed07c2a2a931856749dd4746f7e582a7db8a66262e3906e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2016/12/15/celebsecrets4u/CelebSecretsCountry_Logo-300x136.png
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 18711
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Dec 2018 14:10:48 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1483c9e-4917-57ce7e19cea00"
vary: User-Agent
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 CelebSecretsCountry_Logo.png
celebsecretscountry.com/wp-content/uploads/2019/02/ 327 KB
330 KB 316ms
95ms Image
image/png 132.148.250.104
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://celebsecretscountry.com/wp-content/uploads/2019/02/CelebSecretsCountry_Logo.png
Requested by: Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 132.148.250.104 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: ip-132-148-250-104.ip.secureserver.net
Software: Apache /
Resource Hash: 5da38a65edff1b5eab44db11aacbff33ff837753b2c5b2519924a740b33d7b6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:33 GMT
last-modified: Thu, 07 Feb 2019 00:11:22 GMT
server: Apache
etag: "ae0c14-51d12-58142aeb9ece7"
vary: User-Agent
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 335122
expires: Wed, 27 Oct 2021 18:08:33 GMT

GET
H2 200 screen-basic.min.css
www.celebsecrets.com/wp-content/plugins/g1-socials/css/ 8 KB
2 KB 94ms
94ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/g1-socials/css/screen-basic.min.css?ver=1.2.27

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

003be4b32aad80509340d6c2a4769486788681e0af02c36987a6a3fab9522b7f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/g1-socials/css/screen-basic.min.css?ver=1.2.27
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 1877
x-xss-protection: 1; mode=block
last-modified: Wed, 14 Apr 2021 16:58:19 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c1f2e-1e7d-5bff1a7640d45-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 snapcode.min.css
www.celebsecrets.com/wp-content/plugins/g1-socials/css/ 718 B
672 B 94ms
94ms Stylesheet
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/g1-socials/css/snapcode.min.css?ver=1.2.27

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

001de631b72480e07e7246acc12f9552f023cef5159872d10b2eb036c7ed3fcc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/g1-socials/css/snapcode.min.css?ver=1.2.27
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 290
x-xss-protection: 1; mode=block
last-modified: Wed, 14 Apr 2021 16:58:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c1f60-2ce-5bff1a76666d6-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 youtube.js Show response
www.celebsecrets.com/wp-content/plugins/media-ace/includes/lazy-load/assets/js/ 2 KB
1 KB 101ms
93ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/media-ace/includes/lazy-load/assets/js/youtube.js?ver=1.4.12

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

8cc5d1bf80f7a4a5acc05ae067f695460f9f12614e8814c1856f49d4c4e7d883

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/media-ace/includes/lazy-load/assets/js/youtube.js?ver=1.4.12
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 743
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 00:32:04 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c20dc-7fd-5c5640922fe9b-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lazysizes.min.js Show response
www.celebsecrets.com/wp-content/plugins/media-ace/includes/lazy-load/assets/js/lazysizes/ 7 KB
4 KB 102ms
92ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/media-ace/includes/lazy-load/assets/js/lazysizes/lazysizes.min.js?ver=4.0

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

ff7f41fb46f8e9ecafe2c34d443535baec1dcf56cea4701d82e3e387fee68353

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/media-ace/includes/lazy-load/assets/js/lazysizes/lazysizes.min.js?ver=4.0
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 3351
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 00:32:04 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c20d7-1cd4-5c5640922c403-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ls.unveilhooks.min.js Show response
www.celebsecrets.com/wp-content/plugins/media-ace/includes/lazy-load/assets/js/lazysizes/plugins/unveilhooks/ 2 KB
1 KB 103ms
93ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/media-ace/includes/lazy-load/assets/js/lazysizes/plugins/unveilhooks/ls.unveilhooks.min.js?ver=5.2.0

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

80107f11f8fef70c5d2d2ff48293c1fddc0a7f904b00412d121d717bf454e14b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/media-ace/includes/lazy-load/assets/js/lazysizes/plugins/unveilhooks/ls.unveilhooks.min.js?ver=5.2.0
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 786
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 00:32:04 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c20db-671-5c5640922f2e3-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gallery.js Show response
www.celebsecrets.com/wp-content/plugins/media-ace/includes/gallery/js/ 12 KB
3 KB 102ms
93ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/media-ace/includes/gallery/js/gallery.js?ver=1.4.12

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

143955879d55a60dc7ecb3bedf93773f4559db893a1748a18ed7878a67ca2670

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/media-ace/includes/gallery/js/gallery.js?ver=1.4.12
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 2538
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 00:32:04 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c20a9-2ffb-5c5640920956a-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 collections.min.js Show response
www.celebsecrets.com/wp-content/plugins/snax/assets/js/ 9 KB
3 KB 372ms
362ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/snax/assets/js/collections.min.js?ver=1.89

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

5f0989a9002df46b705fb45e14d611df0d8ecc6f6ad2f6587bfe88c1adb0ed60

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/snax/assets/js/collections.min.js?ver=1.89
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 2732
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 00:32:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8e01d8-2582-5c56409a20650-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
www.celebsecrets.com/wp-content/plugins/snax/assets/js/jquery.magnific-popup/ 20 KB
8 KB 387ms
378ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/snax/assets/js/jquery.magnific-popup/jquery.magnific-popup.min.js?ver=1.1.0

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/snax/assets/js/jquery.magnific-popup/jquery.magnific-popup.min.js?ver=1.1.0
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 7346
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 00:32:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8e01e0-4ef8-5c56409a27b80-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.timeago.js Show response
www.celebsecrets.com/wp-content/plugins/snax/assets/js/jquery.timeago/ 7 KB
3 KB 370ms
362ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/snax/assets/js/jquery.timeago/jquery.timeago.js?ver=1.5.2

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

c8a2ce0ff737cb50745bcd2b534fa03c462d897895dadb9af2d46e37db45c2f2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/snax/assets/js/jquery.timeago/jquery.timeago.js?ver=1.5.2
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 2439
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 00:32:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8e0162-1c47-5c564099be3fe-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.timeago.en.js Show response
www.celebsecrets.com/wp-content/plugins/snax/assets/js/jquery.timeago/locales/ 455 B
633 B 374ms
365ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/snax/assets/js/jquery.timeago/locales/jquery.timeago.en.js

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

0284d42b43b431163138ad07c2e26fee046b82609761b503949c054fe67cf38a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/snax/assets/js/jquery.timeago/locales/jquery.timeago.en.js
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 241
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 00:32:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8e01d3-1c7-5c56409a1d388-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 front.js Show response
www.celebsecrets.com/wp-content/plugins/snax/assets/js/ 75 KB
14 KB 475ms
466ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/snax/assets/js/front.js?ver=1.89

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

9445f9db635bbc121f4f058b259498194f6d7d6bfa88afc21a7d98b379cb4893

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/snax/assets/js/front.js?ver=1.89
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 14415
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 00:32:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8e01e5-12d69-5c56409a2f0b0-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 front.js Show response
www.celebsecrets.com/wp-content/plugins/whats-your-reaction/js/ 11 KB
3 KB 380ms
371ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/whats-your-reaction/js/front.js?ver=1.3.17

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

4d1fd02bcde85db6ced117991aa0a62380bf0c81b3558bdb0d15e27352ac3f32

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/whats-your-reaction/js/front.js?ver=1.3.17
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 2837
x-xss-protection: 1; mode=block
last-modified: Wed, 23 Jun 2021 00:32:14 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8e03ac-2aec-5c56409bccdd2-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.js Show response
www.celebsecrets.com/wp-content/plugins/wp-user-avatar/assets/js/ 9 KB
3 KB 376ms
367ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=3.1.17

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

205988b80eeedc442aa4ba78fd4bda5b1b139415f3dc88043fc73adcd71cbae2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/plugins/wp-user-avatar/assets/js/frontend.min.js?ver=3.1.17
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 2284
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 18:36:20 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c14b9-236e-5ca7aa49ee885-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 stickyfill.min.js Show response
www.celebsecrets.com/wp-content/themes/bimber/js/stickyfill/ 6 KB
3 KB 378ms
370ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/themes/bimber/js/stickyfill/stickyfill.min.js?ver=2.0.3

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

77bf60e84e126d1609cc0a302c3953dc25ae054aaee3514d04a4726d4f2609fe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/bimber/js/stickyfill/stickyfill.min.js?ver=2.0.3
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 2250
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 18:31:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c0f00-1893-5ca7a92159c9e-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 placeholders.jquery.min.js Show response
www.celebsecrets.com/wp-content/themes/bimber/js/jquery.placeholder/ 5 KB
3 KB 378ms
370ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/themes/bimber/js/jquery.placeholder/placeholders.jquery.min.js?ver=4.0.1

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

aabc30ee10c2b23a718fe443f43b051563fa5c58aa4b48cb64155a424e451468

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/bimber/js/jquery.placeholder/placeholders.jquery.min.js?ver=4.0.1
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 2364
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 18:31:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c0f6d-1555-5ca7a921aff88-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 matchmedia.js Show response
www.celebsecrets.com/wp-content/themes/bimber/js/matchmedia/ 2 KB
1 KB 373ms
366ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/themes/bimber/js/matchmedia/matchmedia.js

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

76b8c213b84808d8f2986bfa38e79e3f2d1a94f065e517a143999b198abd8bd6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/bimber/js/matchmedia/matchmedia.js
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 709
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 18:31:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c0f56-6a4-5ca7a9219ee18-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 matchmedia.addlistener.js Show response
www.celebsecrets.com/wp-content/themes/bimber/js/matchmedia/ 3 KB
1 KB 376ms
369ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/themes/bimber/js/matchmedia/matchmedia.addlistener.js

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

4492a4f252febe84a00d7f8246e50e43475a11d7192a279aab3c189cd3721456

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/bimber/js/matchmedia/matchmedia.addlistener.js
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 973
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 18:31:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c0f55-b00-5ca7a9219de78-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 picturefill.min.js Show response
www.celebsecrets.com/wp-content/themes/bimber/js/picturefill/ 8 KB
4 KB 377ms
370ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/themes/bimber/js/picturefill/picturefill.min.js?ver=2.3.1

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

d603b6e5c404d28a9f1c12bb0b57d8c9967836a8f53cce046a2ab3fd1f3b2f52

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/bimber/js/picturefill/picturefill.min.js?ver=2.3.1
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 3246
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 18:31:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c0f5a-1e1b-5ca7a921a0970-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.waypoints.min.js Show response
www.celebsecrets.com/wp-content/themes/bimber/js/jquery.waypoints/ 9 KB
3 KB 381ms
374ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/themes/bimber/js/jquery.waypoints/jquery.waypoints.min.js?ver=4.0.0

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/bimber/js/jquery.waypoints/jquery.waypoints.min.js?ver=4.0.0
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 2698
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 18:31:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c0f04-2281-5ca7a9215d34e-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 enquire.min.js Show response
www.celebsecrets.com/wp-content/themes/bimber/js/enquire/ 2 KB
1 KB 376ms
369ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/themes/bimber/js/enquire/enquire.min.js?ver=2.1.2

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

324dbc3f38a9f0a20763e0c0d817aadea2b441e2b872b81c69f453857da67489

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/bimber/js/enquire/enquire.min.js?ver=2.1.2
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 1006
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 18:31:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c0f58-8ce-5ca7a9219f9d0-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 global.js Show response
www.celebsecrets.com/wp-content/themes/bimber/js/ 46 KB
11 KB 382ms
375ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/themes/bimber/js/global.js?ver=9.1.1

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

6fc1699d6979a18d2df312bf103f4e00f8b32dc52429a99e1fe8e4a6449afd7f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/bimber/js/global.js?ver=9.1.1
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 11066
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 18:31:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c0f4c-b80e-5ca7a92193a67-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 core.min.js Show response
www.celebsecrets.com/wp-includes/js/jquery/ui/ 4 KB
2 KB 375ms
368ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 1811
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Apr 2021 13:33:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1443bab-f59-5c002e8d01eea-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 widget.min.js Show response
www.celebsecrets.com/wp-includes/js/jquery/ui/ 7 KB
3 KB 383ms
377ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

99ada7e01817367027759ac452a1dd11eca7557272b8940d659c07adb6bc8cbe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/jquery/ui/widget.min.js?ver=1.11.4
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 2548
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Apr 2021 13:33:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1443bac-1ab0-5c002e8cf24ea-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 position.min.js Show response
www.celebsecrets.com/wp-includes/js/jquery/ui/ 6 KB
3 KB 384ms
377ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

dd5bb66bac9f2d27689f537a7beaf5630134204e7327c42c066f0b64717fb3d3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/jquery/ui/position.min.js?ver=1.11.4
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 2471
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Apr 2021 13:33:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1443bc2-1928-5c002e8d10d33-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 menu.min.js Show response
www.celebsecrets.com/wp-includes/js/jquery/ui/ 9 KB
3 KB 378ms
371ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-includes/js/jquery/ui/menu.min.js?ver=1.11.4

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

11dd7443e60c9756c636d4d9e270eeba4085691a86dc1d343af835e5cb354ed9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/jquery/ui/menu.min.js?ver=1.11.4
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 2805
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Apr 2021 13:33:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1443bb2-2547-5c002e8ce6d52-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-a11y.min.js Show response
www.celebsecrets.com/wp-includes/js/ 627 B
749 B 378ms
372ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-includes/js/wp-a11y.min.js?ver=4.9.18

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

528a582ea998425535a5dd162b3f7fbc3fe78098a4089a31fec260fbc6c3cc79

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/wp-a11y.min.js?ver=4.9.18
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 357
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Apr 2021 13:33:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1443c16-273-5c002e8d606a4-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 autocomplete.min.js Show response
www.celebsecrets.com/wp-includes/js/jquery/ui/ 8 KB
3 KB 375ms
368ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.11.4

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

67a93cb596cf7e65926cc6f37e356a5ba6249a3ac8dbce1b8e5fd16ae3967f92

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.11.4
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 2774
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Apr 2021 13:33:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1443bb6-2023-5c002e8cf8692-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ajax-search.js Show response
www.celebsecrets.com/wp-content/themes/bimber/js/ 2 KB
1 KB 378ms
372ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/themes/bimber/js/ajax-search.js?ver=9.1.1

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

1c045fd18778d6cb007565f471c7d6f442aef231cd65359b0fbcef666b432155

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/bimber/js/ajax-search.js?ver=9.1.1
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 688
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 18:31:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c0f48-816-5ca7a9218f417-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-embed.min.js Show response
www.celebsecrets.com/wp-includes/js/ 1 KB
1 KB 376ms
371ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-includes/js/wp-embed.min.js?ver=4.9.18

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=4.9.18
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 739
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Apr 2021 13:33:32 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1443b83-56f-5c002e8d6b66d-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 featured-entries.js Show response
www.celebsecrets.com/wp-content/themes/bimber/js/ 4 KB
1 KB 379ms
374ms Script
application/javascript 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/themes/bimber/js/featured-entries.js?ver=9.1.1

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

0d3f57a9a5b4f2c8411ab8e3e7e4c0f1ae3a63251e44d38de112b76f138a7c73

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/themes/bimber/js/featured-entries.js?ver=9.1.1
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 1081
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 18:31:09 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c0f69-e4b-5ca7a921ac4f0-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bimber.woff
www.celebsecrets.com/wp-content/themes/bimber/css/9.1.1/bimber/fonts/ 11 KB
12 KB 384ms
381ms Font
font/x-woff 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.celebsecrets.com/wp-content/themes/bimber/css/9.1.1/bimber/fonts/bimber.woff

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

693e2dd1818182a4c4d6af23d18118646a0aa250a9001c2e468555dcf653b982

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
origin: https://www.celebsecrets.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: font
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
:path: /wp-content/themes/bimber/css/9.1.1/bimber/fonts/bimber.woff
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: */*
cache-control: no-cache
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.celebsecrets.com/
Origin: https://www.celebsecrets.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 11697
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 18:31:00 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "8c06eb-2db0-5ca7a918daba4-gzip"
vary: Accept-Encoding,User-Agent
content-type: font/x-woff
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 53ms
18ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%2C700&subset=latin%2Clatin-ext&display=swap&ver=9.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f99.1e100.net

Software

sffe /

Resource Hash

13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.celebsecrets.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 06:41:30 GMT
x-content-type-options: nosniff
age: 127623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19868
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:31 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Sep 2022 06:41:30 GMT

GET
DATA 200
OK truncated
/ 62 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31d855e6b27133ef148ff82f9cef9d66bfc5fb4b8c102c32965764d8409254b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 422 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7eabc7f05a63848ca0cf3d821014400d89e413dd6d11de71620a36cb655f99b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 61ms
39ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%2C700&subset=latin%2Clatin-ext&display=swap&ver=9.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f99.1e100.net

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.celebsecrets.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 22:28:30 GMT
x-content-type-options: nosniff
age: 416403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Sep 2022 22:28:30 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 54ms
33ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C500%2C700&subset=latin%2Clatin-ext&display=swap&ver=9.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f99.1e100.net

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.celebsecrets.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 13:18:36 GMT
x-content-type-options: nosniff
age: 449397
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Sep 2022 13:18:36 GMT

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b5a5dc0ed2dd03de3f572bff9f526bfffdb3e0f4f92cf60e98841d2b268342f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41cd496c91f0a37d8450324cb9f6c87772a83d067593ff8aacc825a858c4b886

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52d63b62a17a6a373d35ff5c91b77341ebee18f0226cd79f486ef71db4fd5f37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6353a0800cf14f023652cf95ad6320baec63dea329f0d6e0270e95316828f2bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c313eafd49a7f12b4bb014b8b23a6675b9000c625344fcd99d8aa2f4abf7b746

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc720a7c47155bdfc4a56a77d11bf92eab61985116f5008344cf48f28e9c5eaf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d41cbe565ccd60b6d3307f5440be39e6d037630294973ab3b3df16bc8c6bb02f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 65 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f482573663502de097072d09230c9b37a9225648fbff6a2f97f2b862f059a235

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 63 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c96ecd870afb8f6077d9d16f43533b9c79429c976a48a249fba8a079544f5bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 dynamic-style-1630002672.css
www.celebsecrets.com/wp-content/uploads/ 14 KB
14 KB 94ms
93ms Image
text/css 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/dynamic-style-1630002672.css

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/wp-content/uploads/dynamic-style-1630002672.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/dynamic-style-1630002672.css
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/wp-content/uploads/dynamic-style-1630002672.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/wp-content/uploads/dynamic-style-1630002672.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 2813
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Aug 2021 18:31:12 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "9c963c-3972-5ca7a924afcc2-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Credit_AnnaClary-192x108.jpg
www.celebsecrets.com/wp-content/uploads/2021/09/ 32 KB
33 KB 98ms
96ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2021/09/Credit_AnnaClary-192x108.jpg

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

b3eed95d75a33ef44fec29a4e88039cfa8089a52372dff2ea51e5ca280c8d979

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/09/Credit_AnnaClary-192x108.jpg
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 33006
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Sep 2021 15:20:27 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1247333-80ee-5ccfba30b728d"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Pusher-Press-Photo-A-2021-Full-192x108.jpeg
www.celebsecrets.com/wp-content/uploads/2021/09/ 11 KB
12 KB 98ms
96ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2021/09/Pusher-Press-Photo-A-2021-Full-192x108.jpeg

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

25abf4a707821a0c281bd69fd0011b09f5e6b52e6da3b83a2ad415e36e979e21

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/09/Pusher-Press-Photo-A-2021-Full-192x108.jpeg
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:32 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 11408
x-xss-protection: 1; mode=block
last-modified: Thu, 23 Sep 2021 22:14:39 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1242705-2c90-5ccb0f4f4499f"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 159195_1582_47fa4b66-192x108.jpeg
www.celebsecrets.com/wp-content/uploads/2021/09/ 9 KB
9 KB 363ms
361ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2021/09/159195_1582_47fa4b66-192x108.jpeg

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

fe5044def3c01a57cf46d476bbb3eb0aa643feb483f5ec3ecf332a89b4ba39c4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/09/159195_1582_47fa4b66-192x108.jpeg
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:33 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 8845
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 11:20:14 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "124398e-228d-5ccbbee65fc06"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 AdeleEntertainmentPicturesMonthJuly2021sLPUDkqMG0Hx-192x108.jpg
www.celebsecrets.com/wp-content/uploads/2021/09/ 9 KB
9 KB 366ms
365ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2021/09/AdeleEntertainmentPicturesMonthJuly2021sLPUDkqMG0Hx-192x108.jpg

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

4f6b24cb347775f10a21a82a0d94b506895d8127de2164f95cbbb035860478a8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/09/AdeleEntertainmentPicturesMonthJuly2021sLPUDkqMG0Hx-192x108.jpg
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:33 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 8747
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Sep 2021 05:02:22 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1240837-222b-5cc8e6b6443e9"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Screen-Shot-2021-09-22-at-12.46.48-AM-192x108.png
www.celebsecrets.com/wp-content/uploads/2021/09/ 25 KB
25 KB 368ms
367ms Image
image/png 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2021/09/Screen-Shot-2021-09-22-at-12.46.48-AM-192x108.png

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

e19bea98d58ecb95000ac095a89d1ea52b6fc4edda824df5408915d40e1ae56b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/09/Screen-Shot-2021-09-22-at-12.46.48-AM-192x108.png
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:33 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 25679
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Sep 2021 04:47:34 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "124080b-644f-5cc8e3670c4a3"
vary: User-Agent
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1600x900-Q90_48e9dc2390969a3092aabff63350233e-192x108.jpg
www.celebsecrets.com/wp-content/uploads/2021/09/ 8 KB
8 KB 366ms
364ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2021/09/1600x900-Q90_48e9dc2390969a3092aabff63350233e-192x108.jpg

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

be84f29bbc2688431dfe88d8734df56354ec9cf37992bf191a5073300c6ec6dd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/09/1600x900-Q90_48e9dc2390969a3092aabff63350233e-192x108.jpg
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:33 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 8292
x-xss-protection: 1; mode=block
last-modified: Wed, 08 Sep 2021 19:20:14 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1243de5-2064-5cb80c58f40f0"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Mason-McNulty1-PC-Zachary-Smith-192x108.jpeg
www.celebsecrets.com/wp-content/uploads/2021/09/ 11 KB
11 KB 368ms
367ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2021/09/Mason-McNulty1-PC-Zachary-Smith-192x108.jpeg

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

0c604912b924b6b0295bde9c0996226c0c640f82454c776f44b67dbe4b35fe05

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/09/Mason-McNulty1-PC-Zachary-Smith-192x108.jpeg
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:33 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 11219
x-xss-protection: 1; mode=block
last-modified: Fri, 10 Sep 2021 17:42:51 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1244125-2bd3-5cba7a4f965bd"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IMG_8679-758x426.jpg
www.celebsecrets.com/wp-content/uploads/2021/09/ 39 KB
39 KB 375ms
374ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2021/09/IMG_8679-758x426.jpg

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

fca86a2e9f085d0a0a2badb97ee8e4571db1927cdb31ba2a5e446eb51099165e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/09/IMG_8679-758x426.jpg
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:33 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 39492
x-xss-protection: 1; mode=block
last-modified: Thu, 16 Sep 2021 20:38:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1247040-9a44-5cc22cc4848ab"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 image1-758x426.jpeg
www.celebsecrets.com/wp-content/uploads/2021/09/ 45 KB
46 KB 725ms
724ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2021/09/image1-758x426.jpeg

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

aa51b394829a00e1b07f5b11a0d4cde0e8dc69d7dbe539085b3af64387468678

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/09/image1-758x426.jpeg
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:33 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 46206
x-xss-protection: 1; mode=block
last-modified: Fri, 10 Sep 2021 19:17:21 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "12441f6-b47e-5cba8f6ecdaac"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 SofiaWylieLarrySapersteinPremiereDisneyXoemYM4gtlnx-758x426.jpg
www.celebsecrets.com/wp-content/uploads/2021/09/ 88 KB
88 KB 375ms
374ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2021/09/SofiaWylieLarrySapersteinPremiereDisneyXoemYM4gtlnx-758x426.jpg

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

72a480ee9a81da613b76e776e22967bd0601d4abd16ae60349995dc4f18af969

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/09/SofiaWylieLarrySapersteinPremiereDisneyXoemYM4gtlnx-758x426.jpg
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:33 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 89701
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Sep 2021 16:55:53 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "12467b4-15e65-5cbf7746556ee"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 88ms
26ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-90528847-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 4593
date: Mon, 27 Sep 2021 16:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 27 Sep 2021 18:52:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/ 255 KB
95 KB 54ms
53ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2966169182691792&plah=www.celebsecrets.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

064171cd3bcf1f06f0debdf14d0f4a25dfa4d03ee891cd62e125049d91f678eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96574
x-xss-protection: 0
server: cafe
etag: 16994804634730992675
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 27 Sep 2021 18:08:33 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/ Frame ECF9 10 KB
5 KB 70ms
20ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210922/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.celebsecrets.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 27 Sep 2021 05:23:04 GMT
expires: Mon, 11 Oct 2021 05:23:04 GMT
content-type: text/html; charset=UTF-8
etag: 14847953055219580247
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4613
x-xss-protection: 0
age: 45929
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 50ms
22ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 17:13:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 27 Sep 2021 18:13:08 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
660 B 79ms
29ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.celebsecrets.com&callback=_gfp_s_&client=ca-pub-2966169182691792

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2966169182691792&plah=www.celebsecrets.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

aa485d41490b910a2963214d7587ef15dd329a3e178f66c3edc02df9915fbb5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 194
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 89ms
33ms Script
application/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.celebsecrets.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 18:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 89ms
34ms Script
application/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.celebsecrets.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 18:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 16CF 155 KB
41 KB 647ms
616ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&adk=1812271804&adf=3025194257&lmt=1632766113&plat=3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fwww.celebsecrets.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113197&bpp=2&bdt=895&idt=135&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4915946576541&frm=20&pv=2&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=148

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

d13e5a6abe388913323268ca98d8625b064511329043b0d3a88ba18c960aef02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2966169182691792&output=html&adk=1812271804&adf=3025194257&lmt=1632766113&plat=3%3A32%2C4%3A32%2C9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&tp=site_kit&format=0x0&url=https%3A%2F%2Fwww.celebsecrets.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113197&bpp=2&bdt=895&idt=135&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4915946576541&frm=20&pv=2&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=148
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.celebsecrets.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 27 Sep 2021 18:08:33 GMT
server: cafe
content-length: 41491
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 27-Sep-2021 18:23:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 27 Sep 2021 18:08:33 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 149ms
69ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

3a7ad5974f3d165d1a83149795afe792e241b0e6a41078c6e14bcecc5449934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27652
x-xss-protection: 0
server: sffe
etag: "1632310961004595"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Mon, 27 Sep 2021 18:08:33 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DA33 79 KB
26 KB 644ms
627ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=214710841&adf=823446599&pi=t.ma~as.5893798001&w=1152&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1152x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113199&bpp=2&bdt=897&idt=151&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=224&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Qmn37XEFGl&p=https%3A//www.celebsecrets.com&dtd=159

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

0ccc97e780ac12cbe38cd53565334a02bb572df2ab34fff8ba2654a2782b0c04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=214710841&adf=823446599&pi=t.ma~as.5893798001&w=1152&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1152x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113199&bpp=2&bdt=897&idt=151&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=224&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Qmn37XEFGl&p=https%3A//www.celebsecrets.com&dtd=159
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.celebsecrets.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 27 Sep 2021 18:08:33 GMT
server: cafe
content-length: 26750
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 27-Sep-2021 18:23:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 27 Sep 2021 18:08:33 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9CCE 90 KB
27 KB 562ms
562ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=2311510092&adf=649567976&pi=t.ma~as.5893798001&w=758&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=758x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113201&bpp=1&bdt=899&idt=169&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=224&ady=1447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=kAcjP7q6JP&p=https%3A//www.celebsecrets.com&dtd=177

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

10efe442b2eea463c1357b3a02f2e4aafbbfd1bbbd1802ec6b4785e17c53a36b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=2311510092&adf=649567976&pi=t.ma~as.5893798001&w=758&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=758x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113201&bpp=1&bdt=899&idt=169&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=224&ady=1447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=kAcjP7q6JP&p=https%3A//www.celebsecrets.com&dtd=177
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.celebsecrets.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 27 Sep 2021 18:08:33 GMT
server: cafe
content-length: 27779
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 27-Sep-2021 18:23:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 27 Sep 2021 18:08:33 GMT
cache-control: private

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 27ms
27ms XHR
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=2093111435&t=pageview&_s=1&dl=https%3A%2F%2Fwww.celebsecrets.com%2F&ul=en-us&de=UTF-8&dt=Celeb%20Secrets%20%E2%80%93%20Celebrity%20News%2C%20Photos%2C%20Videos%20%26%20Exclusives&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=1092776890&gjid=1002403678&cid=1458027220.1632766113&tid=UA-90528847-1&_gid=1814434264.1632766113&_r=1&gtm=2ou9m0&did=dZGIzZG&z=1559150011

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.celebsecrets.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 18:08:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.celebsecrets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&aip=1&a=2093111435&t=pageview&_s=1&dl=https%3A%2F%2Fwww.celebsecrets.com%2F&ul=en-us&de=UTF-8&dt=Celeb%20Secrets%20%E2%80%93%20Celebrity%20News%2C%20Photos%2C%20Videos%20%26%20Exclusives&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACUIhBAAAAC~&jid=&gjid=&cid=1458027220.1632766113&tid=UA-90528847-1&_gid=1814434264.1632766113&gtm=2ou9m0&did=dZGIzZG%2CdZTNiMT&z=162115562

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 16:36:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 5551
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9F9B 87 KB
27 KB 889ms
888ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=653550653&adf=310528827&pi=t.ma~as.5893798001&w=364&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=364x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113204&bpp=1&bdt=902&idt=224&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1012&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GkSocNMbrI&p=https%3A//www.celebsecrets.com&dtd=228

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c1e10d3b19ef0b78a7d798122c0d9c232a7c4ac3662392462fc9ba9ec7edbe69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=653550653&adf=310528827&pi=t.ma~as.5893798001&w=364&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=364x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113204&bpp=1&bdt=902&idt=224&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1012&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GkSocNMbrI&p=https%3A//www.celebsecrets.com&dtd=228
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.celebsecrets.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 27 Sep 2021 18:08:34 GMT
server: cafe
content-length: 27739
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 27-Sep-2021 18:23:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 27 Sep 2021 18:08:34 GMT
cache-control: private

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 64ms
34ms Script
application/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.celebsecrets.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 18:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 79ms
32ms Script
application/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.celebsecrets.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 18:08:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E063 87 KB
29 KB 580ms
579ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=3492521732&adf=383669989&pi=t.ma~as.5893798001&w=1200&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113205&bpp=1&bdt=903&idt=236&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=200&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=bhb9W8zY8j&p=https%3A//www.celebsecrets.com&dtd=239

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

d029bb7532fc576ed89db23f343e422f817d63b9ef929584990064a9d874eba5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=3492521732&adf=383669989&pi=t.ma~as.5893798001&w=1200&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113205&bpp=1&bdt=903&idt=236&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=200&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=bhb9W8zY8j&p=https%3A//www.celebsecrets.com&dtd=239
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.celebsecrets.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 27 Sep 2021 18:08:34 GMT
server: cafe
content-length: 29452
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 27-Sep-2021 18:23:33 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 27 Sep 2021 18:08:34 GMT
cache-control: private

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
463 B 62ms
20ms XHR
text/plain 74.125.140.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-90528847-1&cid=1458027220.1632766113&jid=1092776890&gjid=1002403678&_gid=1814434264.1632766113&_u=aGBAAUIgAAAAAC~&z=1251226719

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.celebsecrets.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 27 Sep 2021 18:08:33 GMT
content-type: text/plain
access-control-allow-origin: https://www.celebsecrets.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Screen-Shot-2021-09-13-at-12.33.37-PM-758x426.png
www.celebsecrets.com/wp-content/uploads/2021/09/ 404 KB
405 KB 186ms
184ms Image
image/png 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2021/09/Screen-Shot-2021-09-13-at-12.33.37-PM-758x426.png

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

4e5e6569cad7dffb31f0d1730c6fb4fb9ea7cdb2d9618abc551b7cfdd21ac9f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/09/Screen-Shot-2021-09-13-at-12.33.37-PM-758x426.png
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860; _ga=GA1.2.1458027220.1632766113; _gid=GA1.2.1814434264.1632766113; _gat_gtag_UA_90528847_1=1; __gads=ID=33ac945950f396ce-220e4c6164c900a1:T=1632766113:RT=1632766113:S=ALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:33 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 413985
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Sep 2021 16:34:45 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1246731-65121-5cbe30af92d53"
vary: User-Agent
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1339940785-265x186.jpg
www.celebsecrets.com/wp-content/uploads/2021/09/ 18 KB
18 KB 99ms
97ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2021/09/1339940785-265x186.jpg

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

4b39d832e1c8c31132732dd0d297b6926850db2c4ef9bafee21bf5f40d0ea0ec

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/09/1339940785-265x186.jpg
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860; _ga=GA1.2.1458027220.1632766113; _gid=GA1.2.1814434264.1632766113; _gat_gtag_UA_90528847_1=1; __gads=ID=33ac945950f396ce-220e4c6164c900a1:T=1632766113:RT=1632766113:S=ALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:33 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 18066
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Sep 2021 02:22:55 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1244ed2-4692-5cbd724989ff9"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 photomix-image-4-265x186.png
www.celebsecrets.com/wp-content/uploads/2021/09/ 84 KB
84 KB 98ms
96ms Image
image/png 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2021/09/photomix-image-4-265x186.png

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

653085a623e124b2e93a067933bb39dadf98716c2d71ac5efd4ebc001bbec5af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/09/photomix-image-4-265x186.png
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860; _ga=GA1.2.1458027220.1632766113; _gid=GA1.2.1814434264.1632766113; _gat_gtag_UA_90528847_1=1; __gads=ID=33ac945950f396ce-220e4c6164c900a1:T=1632766113:RT=1632766113:S=ALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:33 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 85972
x-xss-protection: 1; mode=block
last-modified: Mon, 13 Sep 2021 03:38:31 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "1245fed-14fd4-5cbd832ef9702"
vary: User-Agent
content-type: image/png
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Credit_AnnaClary-364x156.jpg
www.celebsecrets.com/wp-content/uploads/2021/09/ 38 KB
38 KB 442ms
440ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2021/09/Credit_AnnaClary-364x156.jpg

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

71731ff4a0eedab848f041f72eb694346cac3d78cfc7170c7c449f2046a4c4c5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/09/Credit_AnnaClary-364x156.jpg
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860; _ga=GA1.2.1458027220.1632766113; _gid=GA1.2.1814434264.1632766113; _gat_gtag_UA_90528847_1=1; __gads=ID=33ac945950f396ce-220e4c6164c900a1:T=1632766113:RT=1632766113:S=ALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:33 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 38859
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Sep 2021 15:20:44 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "124734b-97cb-5ccfba40f90c6"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Pusher-Press-Photo-A-2021-Full-364x156.jpeg
www.celebsecrets.com/wp-content/uploads/2021/09/ 15 KB
15 KB 442ms
441ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2021/09/Pusher-Press-Photo-A-2021-Full-364x156.jpeg

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

63a44a22f18cbfe846a1deb234a81d80f15363bc79b1b5eb38ae93d64c84d05a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/09/Pusher-Press-Photo-A-2021-Full-364x156.jpeg
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860; _ga=GA1.2.1458027220.1632766113; _gid=GA1.2.1814434264.1632766113; _gat_gtag_UA_90528847_1=1; __gads=ID=33ac945950f396ce-220e4c6164c900a1:T=1632766113:RT=1632766113:S=ALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:33 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 15228
x-xss-protection: 1; mode=block
last-modified: Thu, 23 Sep 2021 22:14:54 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "124271d-3b7c-5ccb0f5d2a7ba"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 159195_1582_47fa4b66-364x156.jpeg
www.celebsecrets.com/wp-content/uploads/2021/09/ 18 KB
19 KB 442ms
441ms Image
image/jpeg 192.124.249.164
SUCURI-SEC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.celebsecrets.com/wp-content/uploads/2021/09/159195_1582_47fa4b66-364x156.jpeg

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.124.249.164 Menifee, United States, ASN30148 (SUCURI-SEC, US),

Reverse DNS

cloudproxy10164.sucuri.net

Software

nginx /

Resource Hash

53bbb293c75981334e5950eb05600ebf2d9eb72b2a7a62246a054cf84e82b216

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /wp-content/uploads/2021/09/159195_1582_47fa4b66-364x156.jpeg
pragma: no-cache
cookie: PHPSESSID=f2efdd0bf0893975fed69a6d63c8d860; _ga=GA1.2.1458027220.1632766113; _gid=GA1.2.1814434264.1632766113; _gat_gtag_UA_90528847_1=1; __gads=ID=33ac945950f396ce-220e4c6164c900a1:T=1632766113:RT=1632766113:S=ALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.celebsecrets.com
referer: https://www.celebsecrets.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:33 GMT
x-content-type-options: nosniff
x-sucuri-cache: MISS
content-length: 18855
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Sep 2021 11:20:24 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "12439a6-49a7-5ccbbeefc392e"
vary: User-Agent
content-type: image/jpeg
cache-control: max-age=315360000
x-sucuri-id: 15014
content-security-policy: upgrade-insecure-requests;
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 16269107437217949113
tpc.googlesyndication.com/simgad/ Frame 9CCE 39 KB
39 KB 96ms
40ms Image
image/jpeg 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16269107437217949113?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkhZcXL8hZo-QoIIToPuuv6IymCvw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=2311510092&adf=649567976&pi=t.ma~as.5893798001&w=758&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=758x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113201&bpp=1&bdt=899&idt=169&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=224&ady=1447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=kAcjP7q6JP&p=https%3A//www.celebsecrets.com&dtd=177

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

sffe /

Resource Hash

84a0fb8b9d196f9439f762fef0f5c0913e601b0fdcba75b6335fa451b0c7751f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 07:16:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 18 Nov 2020 23:39:36 GMT
server: sffe
age: 557516
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39556
x-xss-protection: 0
expires: Wed, 21 Sep 2022 07:16:38 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame 9CCE 18 KB
8 KB 77ms
20ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:03:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 18:03:29 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 9CCE 3 KB
1 KB 92ms
37ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 18:04:38 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 9CCE 67 B
195 B 93ms
39ms Image
image/png 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 17:58:30 GMT
x-content-type-options: nosniff
server: cafe
age: 604
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Tue, 28 Sep 2021 17:58:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9CCE 128 KB
39 KB 241ms
209ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Mon, 27 Sep 2021 18:08:34 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 9CCE 14 KB
6 KB 75ms
24ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 18:04:40 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 9CCE 27 KB
11 KB 110ms
59ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

cf60db8f01da2e8ea3dc9eec7a0206aa5e13969745fb6731bdab13bf2da82d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 17:31:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11114
x-xss-protection: 0
server: cafe
etag: 7602392314963332887
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 17:31:42 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9CCE 0
0 50ms
49ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CH_phoQhSYYOcGceqtwffm4CoBYGp3qZly_OPjJMOga2Mw8ccEAEg0a_QH2CV4pCCoAegAajWhfUDyAECqAMByAPJBKoEuwFP0LJeCODL3nBDbTbQDb1e2heh9HNmAAM_yypIcM-EGTwCpa5Iklg5h_0rwU9UL1Do_LbR9gNHRiG3xT2hqEAGSHljP0h5VRpRjPBGh8NG3plJ4hj8tmIK97sMqvSpZvHOL3wsg6nUaB1veeB6Z6iAOPf8bVmgmlANoWVaXAtaN5c_Wn8OdGZc6jpyoZlWuI19xkmE6vDs9proX0SYlQ1CSWtOSByyvjW2y4Bw89-ZhKKlV2yrlJev7EpZwAStn8CRkwOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHwKn6CqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwQQ8s0K0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTI5NjYxNjkxODI2OTE3OTIYAA&sigh=_gAJdzjwXqM&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=2311510092&adf=649567976&pi=t.ma~as.5893798001&w=758&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=758x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113201&bpp=1&bdt=899&idt=169&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=224&ady=1447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=kAcjP7q6JP&p=https%3A//www.celebsecrets.com&dtd=177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 27 Sep 2021 18:08:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 27 Sep 2021 18:08:33 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/ 145 KB
52 KB 48ms
47ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

09daf77f1dfe54bc12dd28501b03563ba333317f7bd7e49a79e36e0896c83032

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53024
x-xss-protection: 0
server: cafe
etag: 364165297743354399
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 27 Sep 2021 18:08:34 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 34ms
34ms Script
application/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.celebsecrets.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 18:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 33ms
32ms Script
application/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.celebsecrets.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 18:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 946B 27 KB
11 KB 677ms
677ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=250&adk=2194861970&adf=1061621326&pi=t.aa~a.3990590433~i.5~rp.4&w=304&fwrn=4&fwrnh=100&lmt=1632766114&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8181068076&tp=site_kit&psa=0&ad_type=text_image&format=304x250&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&pra=3&rh=253&rw=303&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766114038&bpp=2&bdt=1736&idt=2&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280%2C1200x280&nras=2&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1042&ady=3700&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=3&fsb=1&xpc=0ZJoy6TDw4&p=https%3A//www.celebsecrets.com&dtd=15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

89cc40742de2c6f54ccf37278aa196919ee14282defdbc23bda2eb2485f8d159

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2966169182691792&output=html&h=250&adk=2194861970&adf=1061621326&pi=t.aa~a.3990590433~i.5~rp.4&w=304&fwrn=4&fwrnh=100&lmt=1632766114&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8181068076&tp=site_kit&psa=0&ad_type=text_image&format=304x250&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&pra=3&rh=253&rw=303&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766114038&bpp=2&bdt=1736&idt=2&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280%2C1200x280&nras=2&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1042&ady=3700&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=3&fsb=1&xpc=0ZJoy6TDw4&p=https%3A//www.celebsecrets.com&dtd=15
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.celebsecrets.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlyWyG_kp0jDgIWq-_xAEj_3XqIIFuO6l9pXAzhldv7ryXx_iCYxQt4c0dCU1I; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 27 Sep 2021 18:08:34 GMT
server: cafe
content-length: 11053
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame DA33 3 KB
578 B 46ms
23ms Stylesheet
text/css 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=214710841&adf=823446599&pi=t.ma~as.5893798001&w=1152&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1152x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113199&bpp=2&bdt=897&idt=151&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=224&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Qmn37XEFGl&p=https%3A//www.celebsecrets.com&dtd=159

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f170.1e100.net

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 17:50:19 GMT
server: ESF
date: Mon, 27 Sep 2021 18:08:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Sep 2021 18:08:34 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 922E 143 B
163 B 23ms
23ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=2311510092&adf=649567976&pi=t.ma~as.5893798001&w=758&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=758x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113201&bpp=1&bdt=899&idt=169&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=224&ady=1447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=kAcjP7q6JP&p=https%3A//www.celebsecrets.com&dtd=177
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlyWyG_kp0jDgIWq-_xAEj_3XqIIFuO6l9pXAzhldv7ryXx_iCYxQt4c0dCU1I; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=2311510092&adf=649567976&pi=t.ma~as.5893798001&w=758&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=758x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113201&bpp=1&bdt=899&idt=169&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=224&ady=1447&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=kAcjP7q6JP&p=https%3A//www.celebsecrets.com&dtd=177

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 27 Sep 2021 18:00:15 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 499
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame DA33 1 KB
879 B 96ms
61ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=214710841&adf=823446599&pi=t.ma~as.5893798001&w=1152&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1152x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113199&bpp=2&bdt=897&idt=151&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=224&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Qmn37XEFGl&p=https%3A//www.celebsecrets.com&dtd=159

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 852
x-xss-protection: 0
server: cafe
etag: 14170629819630813772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 18:07:29 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame DA33 18 KB
7 KB 63ms
31ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=214710841&adf=823446599&pi=t.ma~as.5893798001&w=1152&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1152x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113199&bpp=2&bdt=897&idt=151&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=224&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Qmn37XEFGl&p=https%3A//www.celebsecrets.com&dtd=159

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:03:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 18:03:29 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame DA33 3 KB
1 KB 94ms
62ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=214710841&adf=823446599&pi=t.ma~as.5893798001&w=1152&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1152x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113199&bpp=2&bdt=897&idt=151&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=224&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Qmn37XEFGl&p=https%3A//www.celebsecrets.com&dtd=159

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 18:04:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DA33 128 KB
39 KB 96ms
95ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=214710841&adf=823446599&pi=t.ma~as.5893798001&w=1152&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1152x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113199&bpp=2&bdt=897&idt=151&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=224&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Qmn37XEFGl&p=https%3A//www.celebsecrets.com&dtd=159

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Mon, 27 Sep 2021 18:08:34 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame DA33 14 KB
6 KB 60ms
28ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=214710841&adf=823446599&pi=t.ma~as.5893798001&w=1152&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1152x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113199&bpp=2&bdt=897&idt=151&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=224&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Qmn37XEFGl&p=https%3A//www.celebsecrets.com&dtd=159

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 18:04:40 GMT

GET
H2 200 730400e8020df307e81d4efe9cf79fce.js Show response
www.gstatic.com/mysidia/ Frame DA33 27 KB
11 KB 76ms
26ms Script
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/730400e8020df307e81d4efe9cf79fce.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=214710841&adf=823446599&pi=t.ma~as.5893798001&w=1152&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1152x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113199&bpp=2&bdt=897&idt=151&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=224&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Qmn37XEFGl&p=https%3A//www.celebsecrets.com&dtd=159

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

e359ae3a06ae02c38ba2d09707dee364ab18c64164e7a739eae142294d8dd499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 09:18:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11108
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 05:09:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sun, 26 Dec 2021 09:18:35 GMT

GET
H2 200 b349715971fc02f992e4cc58b88ce41f.js Show response
www.gstatic.com/mysidia/ Frame E063 7 KB
3 KB 71ms
24ms Script
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b349715971fc02f992e4cc58b88ce41f.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=3492521732&adf=383669989&pi=t.ma~as.5893798001&w=1200&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113205&bpp=1&bdt=903&idt=236&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=200&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=bhb9W8zY8j&p=https%3A//www.celebsecrets.com&dtd=239

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

ac04af14591f59be711b015d623154f3cd61eab114e9ee33563a2b30d55202eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 14:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3166
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 09:11:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Fri, 24 Dec 2021 14:00:33 GMT

GET
H2 200 a1aae16d08f1cf4ca3f32f832dc900b8.js Show response
www.gstatic.com/mysidia/ Frame E063 8 KB
4 KB 69ms
23ms Script
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a1aae16d08f1cf4ca3f32f832dc900b8.js?tag=text/vanilla_cta_animation_title_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=3492521732&adf=383669989&pi=t.ma~as.5893798001&w=1200&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113205&bpp=1&bdt=903&idt=236&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=200&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=bhb9W8zY8j&p=https%3A//www.celebsecrets.com&dtd=239

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

5f3dca760a16a5bbc551921bccf65a5d73945f97616ea347cf09ffa50ca2b4cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 14:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3426
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 03:50:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Fri, 24 Dec 2021 14:00:33 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E063 3 KB
578 B 31ms
23ms Stylesheet
text/css 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=3492521732&adf=383669989&pi=t.ma~as.5893798001&w=1200&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113205&bpp=1&bdt=903&idt=236&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=200&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=bhb9W8zY8j&p=https%3A//www.celebsecrets.com&dtd=239

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f170.1e100.net

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 17:46:39 GMT
server: ESF
date: Mon, 27 Sep 2021 18:08:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Sep 2021 18:08:34 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/8201656663488784728/ Frame DA33 32 KB
32 KB 65ms
43ms Image
image/jpeg 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8201656663488784728/downsize_200k_v1?w=600&h=314

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=214710841&adf=823446599&pi=t.ma~as.5893798001&w=1152&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1152x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113199&bpp=2&bdt=897&idt=151&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=224&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Qmn37XEFGl&p=https%3A//www.celebsecrets.com&dtd=159

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

sffe /

Resource Hash

146989fe165916dfc4aa19c99fc9d29f6675a72c61f985b914eb668febcbb827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 09:16:14 GMT
x-content-type-options: nosniff
age: 550340
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32671
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 05:17:01 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Sep 2022 09:16:14 GMT

GET
DATA 200
OK truncated
/ Frame DA33 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DA33 0
0 35ms
34ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=ColYGoQhSYeOLGcjFtweY8aXgDprF_Ppki-jzk6MO6cfMmJMOEAEg0a_QH2CV4pCCoAegAazyuL8ByAEJqQLK3yaFJDQNPqgDAcgDywSqBMMBT9DLfl9vq5Tfoh7OfqqdBCLjQZg-gOuXXhjmQOyIXGXE0v9PfPuX9qRI27b_rQvZl_PdOYT3ipWJPmSYWIhR1w3eNz0ke8SIdWyAaUJElCvuvNXuQZ2YJqY21ONOUVV6ExIrQNVZRImSw-1s1AzQkSIUY6TzelmdSJwBoc_FZUsFbko6_FE_MYmyuW9w7ngi36xjPkBFkHk8VBMzTU1cGntKm3TtKjNrWrCBiT67f7T2z2b5XjZOe_v_Syr-SGRQQnBHwATqsuq33QOSBQQIBBgBkgUECAUYBKAGLoAHvI3HwAKoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcA8gcEEMbBDtIICQiA4YAQEAEYH4AKAcgLAbgTiCfYEwyIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMjk2NjE2OTE4MjY5MTc5MhgA&sigh=ifcbUhw_7-Q&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=214710841&adf=823446599&pi=t.ma~as.5893798001&w=1152&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1152x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113199&bpp=2&bdt=897&idt=151&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=224&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Qmn37XEFGl&p=https%3A//www.celebsecrets.com&dtd=159

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=214710841&adf=823446599&pi=t.ma~as.5893798001&w=1152&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1152x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113199&bpp=2&bdt=897&idt=151&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=224&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Qmn37XEFGl&p=https%3A//www.celebsecrets.com&dtd=159
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 27 Sep 2021 18:08:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame E063 1 KB
879 B 26ms
23ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=3492521732&adf=383669989&pi=t.ma~as.5893798001&w=1200&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113205&bpp=1&bdt=903&idt=236&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=200&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=bhb9W8zY8j&p=https%3A//www.celebsecrets.com&dtd=239

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 852
x-xss-protection: 0
server: cafe
etag: 14170629819630813772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 18:07:29 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame E063 18 KB
7 KB 41ms
35ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=3492521732&adf=383669989&pi=t.ma~as.5893798001&w=1200&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113205&bpp=1&bdt=903&idt=236&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=200&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=bhb9W8zY8j&p=https%3A//www.celebsecrets.com&dtd=239

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:03:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 18:03:29 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame E063 3 KB
1 KB 25ms
23ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=3492521732&adf=383669989&pi=t.ma~as.5893798001&w=1200&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113205&bpp=1&bdt=903&idt=236&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=200&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=bhb9W8zY8j&p=https%3A//www.celebsecrets.com&dtd=239

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 18:04:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E063 128 KB
39 KB 55ms
55ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=3492521732&adf=383669989&pi=t.ma~as.5893798001&w=1200&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113205&bpp=1&bdt=903&idt=236&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=200&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=bhb9W8zY8j&p=https%3A//www.celebsecrets.com&dtd=239

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Mon, 27 Sep 2021 18:08:34 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame E063 14 KB
6 KB 29ms
24ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=3492521732&adf=383669989&pi=t.ma~as.5893798001&w=1200&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113205&bpp=1&bdt=903&idt=236&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=200&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=bhb9W8zY8j&p=https%3A//www.celebsecrets.com&dtd=239

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 18:04:40 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E063 0
0 27ms
25ms Image
text/html 172.217.18.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTAkzq0IdRrgbUKx08oDXH4ky4Tizym8zQfGqhZB20qtPSdl88BG8JTgCg1Jx7GFZ6JATK7LHHq3t3Qv1jSZFcqVJdSdQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=3492521732&adf=383669989&pi=t.ma~as.5893798001&w=1200&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113205&bpp=1&bdt=903&idt=236&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=200&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=bhb9W8zY8j&p=https%3A//www.celebsecrets.com&dtd=239
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s42-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 730400e8020df307e81d4efe9cf79fce.js Show response
www.gstatic.com/mysidia/ Frame E063 27 KB
11 KB 36ms
21ms Script
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/730400e8020df307e81d4efe9cf79fce.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=3492521732&adf=383669989&pi=t.ma~as.5893798001&w=1200&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113205&bpp=1&bdt=903&idt=236&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=200&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=bhb9W8zY8j&p=https%3A//www.celebsecrets.com&dtd=239

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

e359ae3a06ae02c38ba2d09707dee364ab18c64164e7a739eae142294d8dd499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 09:18:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11108
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 05:09:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sun, 26 Dec 2021 09:18:35 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/ Frame 60AD 10 KB
5 KB 23ms
23ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.celebsecrets.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlyWyG_kp0jDgIWq-_xAEj_3XqIIFuO6l9pXAzhldv7ryXx_iCYxQt4c0dCU1I; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 27 Sep 2021 06:24:23 GMT
expires: Mon, 11 Oct 2021 06:24:23 GMT
content-type: text/html; charset=UTF-8
etag: 14847953055219580247
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4613
x-xss-protection: 0
age: 42251
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 922E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

56ms
56ms

Document
text/html

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlyWyG_kp0jDgIWq-_xAEj_3XqIIFuO6l9pXAzhldv7ryXx_iCYxQt4c0dCU1I; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 27 Sep 2021 18:08:34 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 27-Sep-2021 19:08:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 27 Sep 2021 18:08:34 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 27 Sep 2021 18:08:34 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css2
fonts.googleapis.com/ Frame 60AD 4 KB
633 B 24ms
23ms Stylesheet
text/css 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f170.1e100.net

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 17:50:13 GMT
server: ESF
date: Mon, 27 Sep 2021 18:08:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Sep 2021 18:08:34 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 60AD 205 B
229 B 55ms
27ms Image
image/png 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 16:55:14 GMT
x-content-type-options: nosniff
age: 90800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 26 Sep 2022 16:55:14 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 60AD 604 B
628 B 53ms
26ms Image
image/png 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:21:47 GMT
x-content-type-options: nosniff
age: 13607
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 27 Sep 2022 14:21:47 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/ Frame 60AD 17 KB
8 KB 24ms
23ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

e02fb5c325499a5c9c1bf74dc6fc6af5117263af30e0f58e28d9d6a6a2b8803f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 17:38:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1793
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7680
x-xss-protection: 0
server: cafe
etag: 7151105853351230339
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 17:38:41 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E063 0
0 36ms
35ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CukGdoQhSYf6wHZLvtwfyl7PgA7C6jLtjgPDik9QN2tkeEAEg0a_QH2CV4pCCoAegAb7rk_0CyAEBqQJAqxODWp-zPqgDAcgDywSqBLcBT9BawMy_ii9soDZiu9JEzqUquTYO06xB72Wvb9hx9PqCLj_415L2RbPbqg-OZgLfL-eX0tNm8Qv9YygsLSNvXNA19KzBx2aYpResSZmc0G_XlogBxmVEKn8hz9VUsLCjJdyyH2ln6cBADJmLX-5TQqXCzFff41op1ggilXsWW5kQKPzvy6rqFZdGvpdy3XjsHDMpo7sGcfcfXJdao-x1MahvmeyQFy8U8aMhxJM1m9KTwrbHr0D6wATq6NmbzAOSBQQIBBgBkgUECAUYBIAHqpTsggGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcEEMurINIICQiI4YAQEAEYH4AKAcgLAdgTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi0yOTY2MTY5MTgyNjkxNzkyGAA&sigh=geFTC9GJmKo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=3492521732&adf=383669989&pi=t.ma~as.5893798001&w=1200&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113205&bpp=1&bdt=903&idt=236&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=200&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=bhb9W8zY8j&p=https%3A//www.celebsecrets.com&dtd=239

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=3492521732&adf=383669989&pi=t.ma~as.5893798001&w=1200&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113205&bpp=1&bdt=903&idt=236&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=200&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=bhb9W8zY8j&p=https%3A//www.celebsecrets.com&dtd=239
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 27 Sep 2021 18:08:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 333D 143 B
163 B 23ms
23ms Document
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=3492521732&adf=383669989&pi=t.ma~as.5893798001&w=1200&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113205&bpp=1&bdt=903&idt=236&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=200&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=bhb9W8zY8j&p=https%3A//www.celebsecrets.com&dtd=239

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=3492521732&adf=383669989&pi=t.ma~as.5893798001&w=1200&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113205&bpp=1&bdt=903&idt=236&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=200&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=bhb9W8zY8j&p=https%3A//www.celebsecrets.com&dtd=239
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlyWyG_kp0jDgIWq-_xAEj_3XqIIFuO6l9pXAzhldv7ryXx_iCYxQt4c0dCU1I; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=3492521732&adf=383669989&pi=t.ma~as.5893798001&w=1200&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113205&bpp=1&bdt=903&idt=236&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=200&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=bhb9W8zY8j&p=https%3A//www.celebsecrets.com&dtd=239

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 27 Sep 2021 18:00:15 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 499
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame E063 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91fd58b7e15d5808f999267ba2a35ae5f15abef08599c5a5e81ba0556dbe4d90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DA33 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90b15a4a150ee5942857834541af9b639d6f8a97b4f7de269bccd6e775b869ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9CCE 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38e3f5eb44d5ed42b39cae8af2e0710e9290b042bfcffd9c5cf2e3c751e0e20b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame DA33 21 KB
21 KB 35ms
14ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f99.1e100.net

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 08:44:05 GMT
x-content-type-options: nosniff
age: 552269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Sep 2022 08:44:05 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame DA33 21 KB
21 KB 38ms
18ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f99.1e100.net

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 04:08:17 GMT
x-content-type-options: nosniff
age: 568817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Sep 2022 04:08:17 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3081 3 KB
578 B 24ms
24ms Stylesheet
text/css 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f170.1e100.net

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 17:48:55 GMT
server: ESF
date: Mon, 27 Sep 2021 18:08:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Sep 2021 18:08:34 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 3081 1 KB
879 B 23ms
23ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 852
x-xss-protection: 0
server: cafe
etag: 14170629819630813772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 18:07:29 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame 3081 18 KB
7 KB 23ms
23ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:03:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 18:03:29 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 3081 3 KB
1 KB 24ms
23ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 18:04:38 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 3081 14 KB
6 KB 24ms
24ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 18:04:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3081 128 KB
39 KB 36ms
36ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Mon, 27 Sep 2021 18:08:34 GMT

GET
H3 200 730400e8020df307e81d4efe9cf79fce.js Show response
www.gstatic.com/mysidia/ Frame 3081 27 KB
11 KB 21ms
20ms Script
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/730400e8020df307e81d4efe9cf79fce.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

e359ae3a06ae02c38ba2d09707dee364ab18c64164e7a739eae142294d8dd499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 09:18:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11108
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 05:09:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sun, 26 Dec 2021 09:18:35 GMT

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame E063 21 KB
21 KB 14ms
13ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f99.1e100.net

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 08:44:05 GMT
x-content-type-options: nosniff
age: 552269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Sep 2022 08:44:05 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame E063 21 KB
21 KB 14ms
14ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f99.1e100.net

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 04:08:17 GMT
x-content-type-options: nosniff
age: 568817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Sep 2022 04:08:17 GMT

GET
H3 200 9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js Show response
pagead2.googlesyndication.com/bg/ Frame 9F16 35 KB
13 KB 27ms
26ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=214710841&adf=823446599&pi=t.ma~as.5893798001&w=1152&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1152x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113199&bpp=2&bdt=897&idt=151&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=224&ady=168&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Qmn37XEFGl&p=https%3A//www.celebsecrets.com&dtd=159

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

f620daddd53fb4512146e99669a96a6c44cd3791c822e43e5a3efb5da95fd772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 17:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 27 Sep 2022 17:10:29 GMT

GET
H3 200 9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js Show response
pagead2.googlesyndication.com/bg/ Frame 2966 35 KB
13 KB 26ms
26ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

f620daddd53fb4512146e99669a96a6c44cd3791c822e43e5a3efb5da95fd772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 17:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 27 Sep 2022 17:10:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9F9B 2 KB
531 B 23ms
22ms Stylesheet
text/css 216.58.212.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=653550653&adf=310528827&pi=t.ma~as.5893798001&w=364&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=364x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113204&bpp=1&bdt=902&idt=224&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1012&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GkSocNMbrI&p=https%3A//www.celebsecrets.com&dtd=228

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.170 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f170.1e100.net

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 17:47:33 GMT
server: ESF
date: Mon, 27 Sep 2021 18:08:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Sep 2021 18:08:34 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 333D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

56ms
56ms

Document
text/html

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=3492521732&adf=383669989&pi=t.ma~as.5893798001&w=1200&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113205&bpp=1&bdt=903&idt=236&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=200&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=bhb9W8zY8j&p=https%3A//www.celebsecrets.com&dtd=239

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlyWyG_kp0jDgIWq-_xAEj_3XqIIFuO6l9pXAzhldv7ryXx_iCYxQt4c0dCU1I; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 27 Sep 2021 18:08:34 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 27-Sep-2021 19:08:34 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 27 Sep 2021 18:08:34 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 27 Sep 2021 18:08:34 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E7F 35 KB
13 KB 27ms
27ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=3492521732&adf=383669989&pi=t.ma~as.5893798001&w=1200&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=1200x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113205&bpp=1&bdt=903&idt=236&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=200&ady=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeEbr%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=8&uci=a!8&fsb=1&xpc=bhb9W8zY8j&p=https%3A//www.celebsecrets.com&dtd=239

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

f620daddd53fb4512146e99669a96a6c44cd3791c822e43e5a3efb5da95fd772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 17:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 27 Sep 2022 17:10:29 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 9F9B 1 KB
879 B 23ms
22ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=653550653&adf=310528827&pi=t.ma~as.5893798001&w=364&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=364x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113204&bpp=1&bdt=902&idt=224&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1012&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GkSocNMbrI&p=https%3A//www.celebsecrets.com&dtd=228

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:07:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 852
x-xss-protection: 0
server: cafe
etag: 14170629819630813772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 18:07:29 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame 9F9B 18 KB
7 KB 24ms
24ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=653550653&adf=310528827&pi=t.ma~as.5893798001&w=364&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=364x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113204&bpp=1&bdt=902&idt=224&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1012&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GkSocNMbrI&p=https%3A//www.celebsecrets.com&dtd=228

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:03:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 18:03:29 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 9F9B 3 KB
1 KB 25ms
24ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=653550653&adf=310528827&pi=t.ma~as.5893798001&w=364&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=364x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113204&bpp=1&bdt=902&idt=224&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1012&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GkSocNMbrI&p=https%3A//www.celebsecrets.com&dtd=228

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 18:04:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9F9B 128 KB
39 KB 38ms
38ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=653550653&adf=310528827&pi=t.ma~as.5893798001&w=364&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=364x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113204&bpp=1&bdt=902&idt=224&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1012&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GkSocNMbrI&p=https%3A//www.celebsecrets.com&dtd=228

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Mon, 27 Sep 2021 18:08:34 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 9F9B 14 KB
6 KB 25ms
24ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=653550653&adf=310528827&pi=t.ma~as.5893798001&w=364&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=364x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113204&bpp=1&bdt=902&idt=224&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1012&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GkSocNMbrI&p=https%3A//www.celebsecrets.com&dtd=228

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 18:04:40 GMT

GET
H3 200 730400e8020df307e81d4efe9cf79fce.js Show response
www.gstatic.com/mysidia/ Frame 9F9B 27 KB
11 KB 21ms
20ms Script
text/javascript 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/730400e8020df307e81d4efe9cf79fce.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=653550653&adf=310528827&pi=t.ma~as.5893798001&w=364&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=364x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113204&bpp=1&bdt=902&idt=224&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1012&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GkSocNMbrI&p=https%3A//www.celebsecrets.com&dtd=228

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

e359ae3a06ae02c38ba2d09707dee364ab18c64164e7a739eae142294d8dd499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 09:18:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31799
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11108
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 05:09:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sun, 26 Dec 2021 09:18:35 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 9F9B 41 KB
42 KB 89ms
17ms Image
image/jpeg 216.58.212.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcT5D_RbupNqoCaaxGq4FTBEH4OCOG2hoclDdYJoN-FqWPjF4-Db-I7vrlwsUg&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=653550653&adf=310528827&pi=t.ma~as.5893798001&w=364&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=364x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113204&bpp=1&bdt=902&idt=224&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1012&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GkSocNMbrI&p=https%3A//www.celebsecrets.com&dtd=228

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.142 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f14.1e100.net

Software

sffe /

Resource Hash

7906fa4d7874e0f1ffceeb5747aef240749d1951953896e7c4e4f564146d0bdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 22:36:59 GMT
x-content-type-options: nosniff
age: 156695
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42012
x-xss-protection: 0
last-modified: Wed, 24 Jun 2020 22:07:02 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 25 Sep 2022 22:36:59 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 9F9B 13 KB
13 KB 98ms
23ms Image
image/jpeg 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTg2cFWaSxbrOoDI_CfHO-ZGVz-Y3kbHBW12xf-d7yyE-ogmVE&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=653550653&adf=310528827&pi=t.ma~as.5893798001&w=364&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=364x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113204&bpp=1&bdt=902&idt=224&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1012&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GkSocNMbrI&p=https%3A//www.celebsecrets.com&dtd=228

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

sffe /

Resource Hash

1b815cabad83e366472732f19b390c8ca70d2e17380af36fdb745f87ef507a35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 05:48:40 GMT
x-content-type-options: nosniff
age: 389994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12947
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 02:20:51 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 23 Sep 2022 05:48:40 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 9F9B 12 KB
12 KB 103ms
28ms Image
image/jpeg 142.250.185.206
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRk5NFrBQNr1B0EEFMxBUB8gW0UgcUjIyAmvc3xGpRZN2zOYep1V0dsRIO80F4&usqp=CAI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=653550653&adf=310528827&pi=t.ma~as.5893798001&w=364&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=364x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113204&bpp=1&bdt=902&idt=224&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1012&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GkSocNMbrI&p=https%3A//www.celebsecrets.com&dtd=228

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f14.1e100.net

Software

sffe /

Resource Hash

bb68626ee6d6ca75177819f98414cc9414578c617740319ba1bb41ea6ff6f2f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 22:14:00 GMT
x-content-type-options: nosniff
last-modified: Sat, 08 May 2021 01:54:56 GMT
server: sffe
age: 71674
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11999
x-xss-protection: 0
expires: Mon, 26 Sep 2022 22:14:00 GMT

GET
H3

200

16070581098593856202
tpc.googlesyndication.com/simgad/ Frame 9F9B
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_n_ytjgEQvAUYvAUyCMNw1969VdNC
https://tpc.googlesyndication.com/simgad/16070581098593856202

38 KB
38 KB

24ms
24ms

Image
image/jpeg

142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16070581098593856202

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=653550653&adf=310528827&pi=t.ma~as.5893798001&w=364&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=364x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113204&bpp=1&bdt=902&idt=224&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1012&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GkSocNMbrI&p=https%3A//www.celebsecrets.com&dtd=228

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

sffe /

Resource Hash

4afe80fe34b9730e2b0efe996bfecc0a3ad4e3c035f3b922252cda89086273b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 08:47:27 GMT
x-content-type-options: nosniff
age: 552067
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39170
x-xss-protection: 0
last-modified: Mon, 06 Sep 2021 09:23:01 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Sep 2022 08:47:27 GMT

Redirect headers

timing-allow-origin: *
date: Sun, 26 Sep 2021 20:08:47 GMT
x-content-type-options: nosniff
server: cafe
age: 79187
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/16070581098593856202
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 26 Oct 2021 20:08:47 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9F9B 0
0 35ms
34ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJ5qeoQhSYbrEHMvztwem6oaoDpnCteBkpKCQ-qYO2tkeEAEg0a_QH2CV4pCCoAegAZHwvZ8DyAEJqQIcdBhPFh6FPqgDAcgDywSqBLYBT9C4-L0gMzV71xCS2-XPGV_xqW0XARoXHoMxiS4r-6W2KwOSTD0xuHKQKtUbt3GhGmD2dCAajHI33BkMy0gcfsn4JeqqXNmRvXPE3YNhEjgXaiQs_JhXQwchTItbatJ7YwWXA-rbBGyzEPa7t6yfte2ji6dB0kdz8Xr1gmaAta_e0KKr7qRyY5yg2PmeejhGtfjYQIMipg2rNAsmtFxTIRqdlErXNDD6T0SNkZiiD6daNRwQKEXABPOh-cPZA5IFBAgEGAGSBQQIBRgEoAYugAe3jcNgqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhvYBwDyBwQQ27wD0ggJCIDhgBAQARgfgAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTI5NjYxNjkxODI2OTE3OTIYAA&sigh=U9ej2Tx43U4&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=653550653&adf=310528827&pi=t.ma~as.5893798001&w=364&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=364x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113204&bpp=1&bdt=902&idt=224&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1012&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GkSocNMbrI&p=https%3A//www.celebsecrets.com&dtd=228

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=653550653&adf=310528827&pi=t.ma~as.5893798001&w=364&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=364x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113204&bpp=1&bdt=902&idt=224&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1012&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GkSocNMbrI&p=https%3A//www.celebsecrets.com&dtd=228
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 27 Sep 2021 18:08:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js Show response
pagead2.googlesyndication.com/bg/ Frame E3B1 35 KB
13 KB 26ms
25ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

f620daddd53fb4512146e99669a96a6c44cd3791c822e43e5a3efb5da95fd772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 17:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 27 Sep 2022 17:10:29 GMT

GET
DATA 200
OK truncated
/ Frame 9F9B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc627845c642a51f9d4120607fdbd14ab13777acee704ce91433be238b661c05

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 9F9B 20 KB
20 KB 14ms
14ms Font
font/woff2 172.217.23.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f99.1e100.net

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 15:49:32 GMT
x-content-type-options: nosniff
age: 94742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Sep 2022 15:49:32 GMT

GET
H3 200 9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js Show response
pagead2.googlesyndication.com/bg/ Frame D7B9 35 KB
13 KB 26ms
26ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=280&slotname=5893798001&adk=653550653&adf=310528827&pi=t.ma~as.5893798001&w=364&fwrn=4&fwrnh=100&lmt=1632766113&rafmt=1&tp=site_kit&psa=0&format=364x280&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766113204&bpp=1&bdt=902&idt=224&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1152x280%2C758x280&nras=1&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1012&ady=2331&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=GkSocNMbrI&p=https%3A//www.celebsecrets.com&dtd=228

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

f620daddd53fb4512146e99669a96a6c44cd3791c822e43e5a3efb5da95fd772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 17:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 27 Sep 2022 17:10:29 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6758 0
0 36ms
36ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Co--VoghSYevKBYOAwuIPlNKSwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTY2MTY5MTgyNjkxNzkyoAHCrujdA8gBCakCQKsTg1qfsz6oAwGqBLABT9DqxS1GWAMCIe9TDenoWAs9nxHny1mZSbpi9tGICV7a-OzaglKj_zysjRuUpnV0Yxan_htKZfI1CP0SLjR2hSspfTaj4WeDOzb8NnRA3LM8KIr6oEath-7ybBbdfz7_RRpcQFMqln8uFYJ857S_WfN115igZjtczxsvTGb2-yLntEwkxedqvJ8x2vJSCz3AjguK3k_xFYnPXBe3mp6uAFBl4vLDcTtIZjSPEYJ6fyWABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjk2NjE2OTE4MjY5MTc5MhgA&sigh=nJsbWF1pJew

Requested by

Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=250&adk=2194861970&adf=1061621326&pi=t.aa~a.3990590433~i.5~rp.4&w=304&fwrn=4&fwrnh=100&lmt=1632766114&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8181068076&tp=site_kit&psa=0&ad_type=text_image&format=304x250&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&pra=3&rh=253&rw=303&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766114038&bpp=2&bdt=1736&idt=2&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280%2C1200x280&nras=2&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1042&ady=3700&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=3&fsb=1&xpc=0ZJoy6TDw4&p=https%3A//www.celebsecrets.com&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 27 Sep 2021 18:08:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 6758 0
0 93ms
28ms Fetch
image/gif 34.95.89.54
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k2x6n0mq77e3r1fwkf4e2zx5qqgpk40tgptgz1deh7qkme7we5v1rmkn5rzny7v1j846c8jje5m91v24xh2ewnm88nzrazmnv5ngjk45aymvdegcnbr7pdfmhwfngm3gayhzstkj14rc11yjkp8npppkd6ds4pfvm6vx8x358gyjv6173f1y83ss0wmnepphfb8jezmcycvqksgaad9vc8cngbvyq8xc91dzws6fqxch105czkfz16810mh0r7a0acs724bgf4me98hjg853nrq1xm0dft2zxfd9fzzcexrafxzqk1g88n4mej86h7sxgbkcp0yb7efnqdp3zkv1s9ymxc8pt75ae61cgwehp7a9qaz8b4thj71q7d4feam0gpaa25nsm&b=YVIIogABZWsGUIADAASpFDjxycGOpUKL8cmSeA
Requested by: Host: www.celebsecrets.com
URL: https://www.celebsecrets.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.89.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 54.89.95.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 27 Sep 2021 18:08:34 GMT
via: 1.1 google
alt-svc: clear
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 2EC5 2 KB
2 KB 90ms
38ms Document
text/html 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1h4ya18s1kfdnfd9ram3a8ddxmyw0x1ec6hwezrha1k1yywxx0ed6ac3wv12kwj8pepdezkevzrhgqcycg5m64q3p4jr19yxhw80p8dembmhp655fp6ry3k4ntrve7rftsdw6br47cbkp6qc6fh59zbv689j5hph3yt2dt5nwb95gfg8se3dj9t24xydaftx7j86b1cshmqjfr47rt7fvvvke3hw48pf01w6y53e3yvydbr2zfth13zxzfbvetd16xx9d9p16sgshbnsgwp6pbpn0apxt4wkvj2hspyvdwpeqmjsz0ar62n98axsps3b6kgmbryp31q6fkmnqny82r4yzwtrwekmrz7t8pmagrdg3e5dt8ywtgg8y0hcf2ea8zefhzdzd33a7831ha28pwvm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPlUEoghSYevKBYOAwuIPlNKSwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTY2MTY5MTgyNjkxNzkyoAHCrujdA8gBCakCQKsTg1qfsz6oAwGqBLMBT9DqxS1GWAMCIe9TDenoWAs9nxHny1mZSbpi9tGICV7a-OzaglKj_zysjRuUpnV0Yxan_htKZfI1CP0SLjR2hSspfTaj4WeDOzb8NnRA3LM8KIr6oEath-7ybBbdfz7_RRpcQFMqln8uFYJ857S_WfN115igZjtczxsvTGb2-yLntEwkxedqvJ8x2vJSCz3AjguK3k_xFYnPXBe3mp7sAl33NSdEMfPPLqJVWBCIRjGmn1yABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3CWrztQ8Dca7b-UNFaJhkE7mzIgg%26client%3Dca-pub-2966169182691792%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=250&adk=2194861970&adf=1061621326&pi=t.aa~a.3990590433~i.5~rp.4&w=304&fwrn=4&fwrnh=100&lmt=1632766114&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8181068076&tp=site_kit&psa=0&ad_type=text_image&format=304x250&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&pra=3&rh=253&rw=303&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766114038&bpp=2&bdt=1736&idt=2&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280%2C1200x280&nras=2&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1042&ady=3700&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=3&fsb=1&xpc=0ZJoy6TDw4&p=https%3A//www.celebsecrets.com&dtd=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef7505c0676bc854b983e940316b2281866fd9d6a56c40c042b7254051afddb0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/dr?ed=1h4ya18s1kfdnfd9ram3a8ddxmyw0x1ec6hwezrha1k1yywxx0ed6ac3wv12kwj8pepdezkevzrhgqcycg5m64q3p4jr19yxhw80p8dembmhp655fp6ry3k4ntrve7rftsdw6br47cbkp6qc6fh59zbv689j5hph3yt2dt5nwb95gfg8se3dj9t24xydaftx7j86b1cshmqjfr47rt7fvvvke3hw48pf01w6y53e3yvydbr2zfth13zxzfbvetd16xx9d9p16sgshbnsgwp6pbpn0apxt4wkvj2hspyvdwpeqmjsz0ar62n98axsps3b6kgmbryp31q6fkmnqny82r4yzwtrwekmrz7t8pmagrdg3e5dt8ywtgg8y0hcf2ea8zefhzdzd33a7831ha28pwvm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPlUEoghSYevKBYOAwuIPlNKSwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTY2MTY5MTgyNjkxNzkyoAHCrujdA8gBCakCQKsTg1qfsz6oAwGqBLMBT9DqxS1GWAMCIe9TDenoWAs9nxHny1mZSbpi9tGICV7a-OzaglKj_zysjRuUpnV0Yxan_htKZfI1CP0SLjR2hSspfTaj4WeDOzb8NnRA3LM8KIr6oEath-7ybBbdfz7_RRpcQFMqln8uFYJ857S_WfN115igZjtczxsvTGb2-yLntEwkxedqvJ8x2vJSCz3AjguK3k_xFYnPXBe3mp7sAl33NSdEMfPPLqJVWBCIRjGmn1yABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3CWrztQ8Dca7b-UNFaJhkE7mzIgg%26client%3Dca-pub-2966169182691792%26adurl%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Mon, 27 Sep 2021 18:08:34 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6956ad999edb3b61-CDG
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 6758 3 KB
1 KB 23ms
23ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:04:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 18:04:38 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4888 1 KB
749 B 26ms
25ms Document
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 26 Sep 2021 21:06:15 GMT
expires: Mon, 27 Sep 2021 21:06:15 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 75739
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 6758 14 KB
6 KB 23ms
23ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:04:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 18:04:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6758 128 KB
39 KB 43ms
42ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Mon, 27 Sep 2021 18:08:34 GMT

GET
DATA 200
OK truncated
/ Frame 6758 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6c3f63ff168e10c2356f15fd5fb56294c57d8ca204b8e21c08f1383f43643cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 4888 35 B
463 B 26ms
8ms Image
image/gif 91.228.74.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFlzp2bIG4b8o3COZjMiFlw&google_cver=1&google_push=AYg5qPLsbuJ0WrHwkoPW8bxPau5vWL7re1q6YpZB0dHBMcaOG9-iYXtSQtV_4YN2Lzh7Xz678kYdClzq4V2TD52JJSq0bhodcTDP

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 18:08:34 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4888
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLEwi0FmtrF_NVDdgOG6qhEGbabU8nsnjv6Fnk...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVZJSW9nQUFCTVo1bW1vNA&google_push=AYg5qPLEwi0FmtrF_NVDdgOG6qhEGbabU8nsnjv6FnkIgstqHnLDKrZ8udt_GOowUhe-vo6XWScz6FXmCEWOZlb0ks7NTRq1m__W

170 B
188 B

35ms
35ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVZJSW9nQUFCTVo1bW1vNA&google_push=AYg5qPLEwi0FmtrF_NVDdgOG6qhEGbabU8nsnjv6FnkIgstqHnLDKrZ8udt_GOowUhe-vo6XWScz6FXmCEWOZlb0ks7NTRq1m__W

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 18:08:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVZJSW9nQUFCTVo1bW1vNA&google_push=AYg5qPLEwi0FmtrF_NVDdgOG6qhEGbabU8nsnjv6FnkIgstqHnLDKrZ8udt_GOowUhe-vo6XWScz6FXmCEWOZlb0ks7NTRq1m__W
Date: Mon, 27 Sep 2021 18:08:34 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4888
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEG2Rb1aajd7vZJmMk1pQgwk&google_cver=1&google_push=AYg5qPIfcaeTkwOgovspylVzoAqR39MdSmwWx5fYr5nuBpeD-U5b63o8OpryYgqXQ8r7KyZfT505HYIOSfDbn000xf5S5xwAhKH-
https://rtb.openx.net/sync/dds?google_gid=CAESEG2Rb1aajd7vZJmMk1pQgwk&google_cver=1&google_push=AYg5qPIfcaeTkwOgovspylVzoAqR39MdSmwWx5fYr5nuBpeD-U5b63o8OpryYgqXQ8r7KyZfT505HYIOSfDbn000xf5S5xwAhKH-&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIfcaeTkwOgovspylVzoAqR39MdSmwWx5fYr5nuBpeD-U5b63o8OpryYgqXQ8r7KyZfT505HYIOSfDbn000xf5S5xwAhKH-&google_hm=6z3hJX8Yzi4JF0n4rCv5kw==

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIfcaeTkwOgovspylVzoAqR39MdSmwWx5fYr5nuBpeD-U5b63o8OpryYgqXQ8r7KyZfT505HYIOSfDbn000xf5S5xwAhKH-&google_hm=6z3hJX8Yzi4JF0n4rCv5kw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 18:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 18:08:34 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIfcaeTkwOgovspylVzoAqR39MdSmwWx5fYr5nuBpeD-U5b63o8OpryYgqXQ8r7KyZfT505HYIOSfDbn000xf5S5xwAhKH-&google_hm=6z3hJX8Yzi4JF0n4rCv5kw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: q1110nc4l9k9kmvi7ao78t2sf54b8rb0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4888
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P6aV2GJ9Ttmd-1RpyMyk3A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

38ms
37ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P6aV2GJ9Ttmd-1RpyMyk3A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKunsnqw52u3Pz_6BvqrL10GaFKDURFFGsZzTN9Mu3r9fxdL2HAMpJ4RHovcrD5u2k-AfYsjYP06l6Uso6t-Kh_f5qBeSMr

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 18:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P6aV2GJ9Ttmd-1RpyMyk3A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKunsnqw52u3Pz_6BvqrL10GaFKDURFFGsZzTN9Mu3r9fxdL2HAMpJ4RHovcrD5u2k-AfYsjYP06l6Uso6t-Kh_f5qBeSMr
date: Mon, 27 Sep 2021 18:08:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4888
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOx7yQRBogF_TfGYxb6I-Ac&google_cver=1&google_push=AYg5qPLyE1MOYEJvfsN2VSzZTWtcOR1CVWKaRj1BeKABZlw8kDOiJ57w7TPCHA-SaAAzYkah03g...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1UyWVNEQjUtMVAtMkU1Vw==&google_push=AYg5qPLyE1MOYEJvfsN2VSzZTWtcOR1CVWKaRj1BeKABZlw8kDOiJ57w7TPCHA-SaAAzYkah03gLfEVyzeTVZJdP93A2CON7Dl2X

170 B
298 B

31ms
30ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1UyWVNEQjUtMVAtMkU1Vw==&google_push=AYg5qPLyE1MOYEJvfsN2VSzZTWtcOR1CVWKaRj1BeKABZlw8kDOiJ57w7TPCHA-SaAAzYkah03gLfEVyzeTVZJdP93A2CON7Dl2X

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 18:08:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1UyWVNEQjUtMVAtMkU1Vw==&google_push=AYg5qPLyE1MOYEJvfsN2VSzZTWtcOR1CVWKaRj1BeKABZlw8kDOiJ57w7TPCHA-SaAAzYkah03gLfEVyzeTVZJdP93A2CON7Dl2X
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 4888
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xK...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xK...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 4888 43 B
296 B 315ms
22ms Image
image/gif 18.169.113.1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHBctG3JDvj7Ebiw15Q2pnk&google_cver=1&google_push=AYg5qPKoxPZKbVuOopNEBOP4gaLtGIcl0al4uy5bTDS_83xer4T8gUp_oYkF5KhXjhETryILgwgiJ_bht5dWxNYPHxTYJeIqbuo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2966169182691792&output=html&h=250&adk=2194861970&adf=1061621326&pi=t.aa~a.3990590433~i.5~rp.4&w=304&fwrn=4&fwrnh=100&lmt=1632766114&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=8181068076&tp=site_kit&psa=0&ad_type=text_image&format=304x250&url=https%3A%2F%2Fwww.celebsecrets.com%2F&flash=0&fwr=0&pra=3&rh=253&rw=303&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1632766114038&bpp=2&bdt=1736&idt=2&shv=r20210922&mjsv=m202109210101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D33ac945950f396ce-220e4c6164c900a1%3AT%3D1632766113%3ART%3D1632766113%3AS%3DALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ&prev_fmts=0x0%2C1152x280%2C758x280%2C364x280%2C1200x280&nras=2&correlator=4915946576541&frm=20&pv=1&ga_vid=1458027220.1632766113&ga_sid=1632766113&ga_hid=2093111435&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=1042&ady=3700&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062858%2C31062931&oid=3&pvsid=3877939088511344&pem=683&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=3&fsb=1&xpc=0ZJoy6TDw4&p=https%3A//www.celebsecrets.com&dtd=15
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.169.113.1 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-169-113-1.eu-west-2.compute.amazonaws.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 18:08:35 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 4888 0
78 B 54ms
28ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L51J3wGTvAB2LJZh6MTHQOpl0615toEEDj7LR58JMWoCM5sVV9TI28w7ofHy8-xNmv1iZF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame 2EC5 64 KB
8 KB 55ms
33ms Stylesheet
text/css 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h4ya18s1kfdnfd9ram3a8ddxmyw0x1ec6hwezrha1k1yywxx0ed6ac3wv12kwj8pepdezkevzrhgqcycg5m64q3p4jr19yxhw80p8dembmhp655fp6ry3k4ntrve7rftsdw6br47cbkp6qc6fh59zbv689j5hph3yt2dt5nwb95gfg8se3dj9t24xydaftx7j86b1cshmqjfr47rt7fvvvke3hw48pf01w6y53e3yvydbr2zfth13zxzfbvetd16xx9d9p16sgshbnsgwp6pbpn0apxt4wkvj2hspyvdwpeqmjsz0ar62n98axsps3b6kgmbryp31q6fkmnqny82r4yzwtrwekmrz7t8pmagrdg3e5dt8ywtgg8y0hcf2ea8zefhzdzd33a7831ha28pwvm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPlUEoghSYevKBYOAwuIPlNKSwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTY2MTY5MTgyNjkxNzkyoAHCrujdA8gBCakCQKsTg1qfsz6oAwGqBLMBT9DqxS1GWAMCIe9TDenoWAs9nxHny1mZSbpi9tGICV7a-OzaglKj_zysjRuUpnV0Yxan_htKZfI1CP0SLjR2hSspfTaj4WeDOzb8NnRA3LM8KIr6oEath-7ybBbdfz7_RRpcQFMqln8uFYJ857S_WfN115igZjtczxsvTGb2-yLntEwkxedqvJ8x2vJSCz3AjguK3k_xFYnPXBe3mp7sAl33NSdEMfPPLqJVWBCIRjGmn1yABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3CWrztQ8Dca7b-UNFaJhkE7mzIgg%26client%3Dca-pub-2966169182691792%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h4ya18s1kfdnfd9ram3a8ddxmyw0x1ec6hwezrha1k1yywxx0ed6ac3wv12kwj8pepdezkevzrhgqcycg5m64q3p4jr19yxhw80p8dembmhp655fp6ry3k4ntrve7rftsdw6br47cbkp6qc6fh59zbv689j5hph3yt2dt5nwb95gfg8se3dj9t24xydaftx7j86b1cshmqjfr47rt7fvvvke3hw48pf01w6y53e3yvydbr2zfth13zxzfbvetd16xx9d9p16sgshbnsgwp6pbpn0apxt4wkvj2hspyvdwpeqmjsz0ar62n98axsps3b6kgmbryp31q6fkmnqny82r4yzwtrwekmrz7t8pmagrdg3e5dt8ywtgg8y0hcf2ea8zefhzdzd33a7831ha28pwvm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPlUEoghSYevKBYOAwuIPlNKSwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTY2MTY5MTgyNjkxNzkyoAHCrujdA8gBCakCQKsTg1qfsz6oAwGqBLMBT9DqxS1GWAMCIe9TDenoWAs9nxHny1mZSbpi9tGICV7a-OzaglKj_zysjRuUpnV0Yxan_htKZfI1CP0SLjR2hSspfTaj4WeDOzb8NnRA3LM8KIr6oEath-7ybBbdfz7_RRpcQFMqln8uFYJ857S_WfN115igZjtczxsvTGb2-yLntEwkxedqvJ8x2vJSCz3AjguK3k_xFYnPXBe3mp7sAl33NSdEMfPPLqJVWBCIRjGmn1yABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3CWrztQ8Dca7b-UNFaJhkE7mzIgg%26client%3Dca-pub-2966169182691792%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:34 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 365593
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 23 Sep 2021 12:35:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6956ad9a3f3232b6-CDG
cf-bgj: minify

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame 2EC5 36 KB
13 KB 41ms
24ms Script
application/javascript 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h4ya18s1kfdnfd9ram3a8ddxmyw0x1ec6hwezrha1k1yywxx0ed6ac3wv12kwj8pepdezkevzrhgqcycg5m64q3p4jr19yxhw80p8dembmhp655fp6ry3k4ntrve7rftsdw6br47cbkp6qc6fh59zbv689j5hph3yt2dt5nwb95gfg8se3dj9t24xydaftx7j86b1cshmqjfr47rt7fvvvke3hw48pf01w6y53e3yvydbr2zfth13zxzfbvetd16xx9d9p16sgshbnsgwp6pbpn0apxt4wkvj2hspyvdwpeqmjsz0ar62n98axsps3b6kgmbryp31q6fkmnqny82r4yzwtrwekmrz7t8pmagrdg3e5dt8ywtgg8y0hcf2ea8zefhzdzd33a7831ha28pwvm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPlUEoghSYevKBYOAwuIPlNKSwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTY2MTY5MTgyNjkxNzkyoAHCrujdA8gBCakCQKsTg1qfsz6oAwGqBLMBT9DqxS1GWAMCIe9TDenoWAs9nxHny1mZSbpi9tGICV7a-OzaglKj_zysjRuUpnV0Yxan_htKZfI1CP0SLjR2hSspfTaj4WeDOzb8NnRA3LM8KIr6oEath-7ybBbdfz7_RRpcQFMqln8uFYJ857S_WfN115igZjtczxsvTGb2-yLntEwkxedqvJ8x2vJSCz3AjguK3k_xFYnPXBe3mp7sAl33NSdEMfPPLqJVWBCIRjGmn1yABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3CWrztQ8Dca7b-UNFaJhkE7mzIgg%26client%3Dca-pub-2966169182691792%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g==
date: Mon, 27 Sep 2021 18:08:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 43840
x-guploader-uploadid: ADPycdtjZftq2bshtYadq6e_jHQE67ZteTgs6GJFLNOINr_q60glM76TqlXitEzEZynXK42aqNDdSvBVkc-dOSbv0M6vWXE1NQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 08 Sep 2021 05:18:43 GMT
server: cloudflare
etag: W/"ec72e2aaa94729151c48af127b00dce2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mnp0wXpm7mWWtLClrOBkoZIlyWIFBobs7Iutj3IXyNV%2FXK3IbFUi5Opw2Fqfsp49XCWSJcIWIsVy0HukiZZbEK%2Bty0XdJDgC8Pp9lsQ8HpCn%2Fse8Z5LMIQI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1631078323262956
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11933
cf-ray: 6956ad9a3fe03b61-CDG
expires: Mon, 27 Sep 2021 05:57:54 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 2EC5 3 KB
4 KB 101ms
38ms Image
image/png 104.26.6.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Mon, 27 Sep 2021 18:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9523733
x-guploader-uploadid: ABg5-UxmNygtG4eLBLdChKemjYzM246w-Wnf4rddTmUKKtis62i0l3iUADbPUUVxSuBx3DY2PYPQaCxpA_umJeWESN83dN-SaQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UC13PbAuvsZpwuRG3e7RRdIGfalQcecWoP6KtxJbUfeoZN7I4iTUzlnIylyj%2Fy20R%2BJqsmVHVzSvN7S2RleHWNOtqaFw5dsmxVks4Z3mLHOjj0XFLr9ZgPJs6OWX0UHBxAa2XDLm"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6956ad9ae8d5e66c-LHR
expires: Thu, 09 Jun 2022 12:39:42 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 3D1D 2 KB
2 KB 25ms
25ms Document
text/html 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /frame.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 27 Sep 2021 18:08:34 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ABg5-UxzFw8IhmM-tV5fvpZGoDpwX__wdg2ZwU0Hqu5fuPTbP_QdGbi1lZwDCbPvQEEX76ePRL4CDptz_MbS-0D8PY6F3lk1xQ
expires: Mon, 27 Sep 2021 19:08:34 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
cache-control: public, max-age=3600
age: 1262531
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dV0HcIx3wEgWCsmv%2B1XRsCKtNyDoSTwV16Y9wHMSOgJJKBGNNUeX2no0SNlUFRjRGGrnIfX8MYs21IwQpqnMAsA1Kg4YF9Rf0oGGMHTv9ork8oBnp345XuE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6956ad9a8f8f32b6-CDG
content-encoding: br

POST
H3 200 rs Show response
ad4m.at/ Frame 2EC5 1 KB
2 KB 41ms
40ms XHR
text/plain 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: baccf27e844d05cc2630d9b73dd4d2406c58d6768a432f7b6da391a4a53131d6

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6956ad9b3eb065dd-LHR
date: Mon, 27 Sep 2021 18:08:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IK0gsCHkywXLivlm26HRyRKiIlPv2r%2FPwx5K4Kaf%2BCVhVbfsgPuw5YcfUw%2FxOsGKndyM6XvZxp0DOvmgYMobIhLWBOCVAlZiSr3ToxiSN9IqDsnINsOxOB4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-2049

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 69ms
44ms Preflight
text/plain 104.26.11.209
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Server: 104.26.11.209 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 27 Sep 2021 18:08:35 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-2049
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2HpFuq%2FRU9F3cK9eqDklxJ1WYBjEMffltxH9YpTjIaWJQkLYw%2FfA5SjhEg0%2F%2BDiDyGz6J446KRLK2QzIdy%2F%2F1IPUlZSQaDB%2Br3V0QZHGz0xgQqrMFtd%2FlYg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6956ad9afe4665dd-LHR

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 67ms
36ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210922&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

94acd37f51660f15c113d65bcb2dcd7b5859901de51a368f57869c305757ce29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 18:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8523
x-xss-protection: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame AD3A 6 KB
4 KB 45ms
44ms Document
text/html 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=w3oNY75lPv7hWTtkHYAt0RAD3aqQOOKU&g=52b8c06757afbade14d4b2278ee5582f%2F10677092497270297395&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632766115091&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h9j3f2e3x7201zch20hs4tzk27hsysr0nvq79tqw8m2ss1dag1n8s54vtqbt5z5krjzty8ccv6xzgr2vqet9wg5n7j543re0j8wcxfgqpy5c91kgrqym4ce4dyjcterc2vekpb79dzkxz6syn28y3yaw86q595nm80nzy1cda4z2r66d5t7pvm99ahh1ppv43xvne0yghv3zs3p43sadmebt7knpx9n1qpbc8hgjjg7m6rkw2ak82ah057g323hc4e16cx7k039w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCPlUEoghSYevKBYOAwuIPlNKSwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTY2MTY5MTgyNjkxNzkyoAHCrujdA8gBCakCQKsTg1qfsz6oAwGqBLMBT9DqxS1GWAMCIe9TDenoWAs9nxHny1mZSbpi9tGICV7a-OzaglKj_zysjRuUpnV0Yxan_htKZfI1CP0SLjR2hSspfTaj4WeDOzb8NnRA3LM8KIr6oEath-7ybBbdfz7_RRpcQFMqln8uFYJ857S_WfN115igZjtczxsvTGb2-yLntEwkxedqvJ8x2vJSCz3AjguK3k_xFYnPXBe3mp7sAl33NSdEMfPPLqJVWBCIRjGmn1yABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3CWrztQ8Dca7b-UNFaJhkE7mzIgg%252526client%25253Dca-pub-2966169182691792%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b2c833a45e7ef24310ec4c850dd885d43abc1faea3a002dc04f04420cdaa4ad

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: as.ad4m.at
:scheme: https
:path: /ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=w3oNY75lPv7hWTtkHYAt0RAD3aqQOOKU&g=52b8c06757afbade14d4b2278ee5582f%2F10677092497270297395&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632766115091&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h9j3f2e3x7201zch20hs4tzk27hsysr0nvq79tqw8m2ss1dag1n8s54vtqbt5z5krjzty8ccv6xzgr2vqet9wg5n7j543re0j8wcxfgqpy5c91kgrqym4ce4dyjcterc2vekpb79dzkxz6syn28y3yaw86q595nm80nzy1cda4z2r66d5t7pvm99ahh1ppv43xvne0yghv3zs3p43sadmebt7knpx9n1qpbc8hgjjg7m6rkw2ak82ah057g323hc4e16cx7k039w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCPlUEoghSYevKBYOAwuIPlNKSwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTY2MTY5MTgyNjkxNzkyoAHCrujdA8gBCakCQKsTg1qfsz6oAwGqBLMBT9DqxS1GWAMCIe9TDenoWAs9nxHny1mZSbpi9tGICV7a-OzaglKj_zysjRuUpnV0Yxan_htKZfI1CP0SLjR2hSspfTaj4WeDOzb8NnRA3LM8KIr6oEath-7ybBbdfz7_RRpcQFMqln8uFYJ857S_WfN115igZjtczxsvTGb2-yLntEwkxedqvJ8x2vJSCz3AjguK3k_xFYnPXBe3mp7sAl33NSdEMfPPLqJVWBCIRjGmn1yABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3CWrztQ8Dca7b-UNFaJhkE7mzIgg%252526client%25253Dca-pub-2966169182691792%252526adurl%25253D&y=1&z=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://as.ad4m.at/ad/dr?ed=1h4ya18s1kfdnfd9ram3a8ddxmyw0x1ec6hwezrha1k1yywxx0ed6ac3wv12kwj8pepdezkevzrhgqcycg5m64q3p4jr19yxhw80p8dembmhp655fp6ry3k4ntrve7rftsdw6br47cbkp6qc6fh59zbv689j5hph3yt2dt5nwb95gfg8se3dj9t24xydaftx7j86b1cshmqjfr47rt7fvvvke3hw48pf01w6y53e3yvydbr2zfth13zxzfbvetd16xx9d9p16sgshbnsgwp6pbpn0apxt4wkvj2hspyvdwpeqmjsz0ar62n98axsps3b6kgmbryp31q6fkmnqny82r4yzwtrwekmrz7t8pmagrdg3e5dt8ywtgg8y0hcf2ea8zefhzdzd33a7831ha28pwvm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPlUEoghSYevKBYOAwuIPlNKSwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTY2MTY5MTgyNjkxNzkyoAHCrujdA8gBCakCQKsTg1qfsz6oAwGqBLMBT9DqxS1GWAMCIe9TDenoWAs9nxHny1mZSbpi9tGICV7a-OzaglKj_zysjRuUpnV0Yxan_htKZfI1CP0SLjR2hSspfTaj4WeDOzb8NnRA3LM8KIr6oEath-7ybBbdfz7_RRpcQFMqln8uFYJ857S_WfN115igZjtczxsvTGb2-yLntEwkxedqvJ8x2vJSCz3AjguK3k_xFYnPXBe3mp7sAl33NSdEMfPPLqJVWBCIRjGmn1yABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3CWrztQ8Dca7b-UNFaJhkE7mzIgg%26client%3Dca-pub-2966169182691792%26adurl%3D
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h4ya18s1kfdnfd9ram3a8ddxmyw0x1ec6hwezrha1k1yywxx0ed6ac3wv12kwj8pepdezkevzrhgqcycg5m64q3p4jr19yxhw80p8dembmhp655fp6ry3k4ntrve7rftsdw6br47cbkp6qc6fh59zbv689j5hph3yt2dt5nwb95gfg8se3dj9t24xydaftx7j86b1cshmqjfr47rt7fvvvke3hw48pf01w6y53e3yvydbr2zfth13zxzfbvetd16xx9d9p16sgshbnsgwp6pbpn0apxt4wkvj2hspyvdwpeqmjsz0ar62n98axsps3b6kgmbryp31q6fkmnqny82r4yzwtrwekmrz7t8pmagrdg3e5dt8ywtgg8y0hcf2ea8zefhzdzd33a7831ha28pwvm&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPlUEoghSYevKBYOAwuIPlNKSwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTY2MTY5MTgyNjkxNzkyoAHCrujdA8gBCakCQKsTg1qfsz6oAwGqBLMBT9DqxS1GWAMCIe9TDenoWAs9nxHny1mZSbpi9tGICV7a-OzaglKj_zysjRuUpnV0Yxan_htKZfI1CP0SLjR2hSspfTaj4WeDOzb8NnRA3LM8KIr6oEath-7ybBbdfz7_RRpcQFMqln8uFYJ857S_WfN115igZjtczxsvTGb2-yLntEwkxedqvJ8x2vJSCz3AjguK3k_xFYnPXBe3mp7sAl33NSdEMfPPLqJVWBCIRjGmn1yABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3CWrztQ8Dca7b-UNFaJhkE7mzIgg%26client%3Dca-pub-2966169182691792%26adurl%3D

Response headers

date: Mon, 27 Sep 2021 18:08:35 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6956ad9b78d632b6-CDG
content-encoding: br

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 42ms
42ms Script
text/javascript 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 27 Sep 2021 18:08:35 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.10/one-ad/ Frame AD3A 64 KB
8 KB 27ms
26ms Stylesheet
text/css 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.10/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=w3oNY75lPv7hWTtkHYAt0RAD3aqQOOKU&g=52b8c06757afbade14d4b2278ee5582f%2F10677092497270297395&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632766115091&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h9j3f2e3x7201zch20hs4tzk27hsysr0nvq79tqw8m2ss1dag1n8s54vtqbt5z5krjzty8ccv6xzgr2vqet9wg5n7j543re0j8wcxfgqpy5c91kgrqym4ce4dyjcterc2vekpb79dzkxz6syn28y3yaw86q595nm80nzy1cda4z2r66d5t7pvm99ahh1ppv43xvne0yghv3zs3p43sadmebt7knpx9n1qpbc8hgjjg7m6rkw2ak82ah057g323hc4e16cx7k039w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCPlUEoghSYevKBYOAwuIPlNKSwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTY2MTY5MTgyNjkxNzkyoAHCrujdA8gBCakCQKsTg1qfsz6oAwGqBLMBT9DqxS1GWAMCIe9TDenoWAs9nxHny1mZSbpi9tGICV7a-OzaglKj_zysjRuUpnV0Yxan_htKZfI1CP0SLjR2hSspfTaj4WeDOzb8NnRA3LM8KIr6oEath-7ybBbdfz7_RRpcQFMqln8uFYJ857S_WfN115igZjtczxsvTGb2-yLntEwkxedqvJ8x2vJSCz3AjguK3k_xFYnPXBe3mp7sAl33NSdEMfPPLqJVWBCIRjGmn1yABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3CWrztQ8Dca7b-UNFaJhkE7mzIgg%252526client%25253Dca-pub-2966169182691792%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=w3oNY75lPv7hWTtkHYAt0RAD3aqQOOKU&g=52b8c06757afbade14d4b2278ee5582f%2F10677092497270297395&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632766115091&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h9j3f2e3x7201zch20hs4tzk27hsysr0nvq79tqw8m2ss1dag1n8s54vtqbt5z5krjzty8ccv6xzgr2vqet9wg5n7j543re0j8wcxfgqpy5c91kgrqym4ce4dyjcterc2vekpb79dzkxz6syn28y3yaw86q595nm80nzy1cda4z2r66d5t7pvm99ahh1ppv43xvne0yghv3zs3p43sadmebt7knpx9n1qpbc8hgjjg7m6rkw2ak82ah057g323hc4e16cx7k039w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCPlUEoghSYevKBYOAwuIPlNKSwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTY2MTY5MTgyNjkxNzkyoAHCrujdA8gBCakCQKsTg1qfsz6oAwGqBLMBT9DqxS1GWAMCIe9TDenoWAs9nxHny1mZSbpi9tGICV7a-OzaglKj_zysjRuUpnV0Yxan_htKZfI1CP0SLjR2hSspfTaj4WeDOzb8NnRA3LM8KIr6oEath-7ybBbdfz7_RRpcQFMqln8uFYJ857S_WfN115igZjtczxsvTGb2-yLntEwkxedqvJ8x2vJSCz3AjguK3k_xFYnPXBe3mp7sAl33NSdEMfPPLqJVWBCIRjGmn1yABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3CWrztQ8Dca7b-UNFaJhkE7mzIgg%252526client%25253Dca-pub-2966169182691792%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:35 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 365594
cf-polished: origSize=65497
surrogate-control: no-store
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Thu, 23 Sep 2021 12:35:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6956ad9bd95632b6-CDG
cf-bgj: minify

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame AD3A 18 KB
19 KB 61ms
42ms Image
image/webp 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=w3oNY75lPv7hWTtkHYAt0RAD3aqQOOKU&g=52b8c06757afbade14d4b2278ee5582f%2F10677092497270297395&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632766115091&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h9j3f2e3x7201zch20hs4tzk27hsysr0nvq79tqw8m2ss1dag1n8s54vtqbt5z5krjzty8ccv6xzgr2vqet9wg5n7j543re0j8wcxfgqpy5c91kgrqym4ce4dyjcterc2vekpb79dzkxz6syn28y3yaw86q595nm80nzy1cda4z2r66d5t7pvm99ahh1ppv43xvne0yghv3zs3p43sadmebt7knpx9n1qpbc8hgjjg7m6rkw2ak82ah057g323hc4e16cx7k039w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCPlUEoghSYevKBYOAwuIPlNKSwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTY2MTY5MTgyNjkxNzkyoAHCrujdA8gBCakCQKsTg1qfsz6oAwGqBLMBT9DqxS1GWAMCIe9TDenoWAs9nxHny1mZSbpi9tGICV7a-OzaglKj_zysjRuUpnV0Yxan_htKZfI1CP0SLjR2hSspfTaj4WeDOzb8NnRA3LM8KIr6oEath-7ybBbdfz7_RRpcQFMqln8uFYJ857S_WfN115igZjtczxsvTGb2-yLntEwkxedqvJ8x2vJSCz3AjguK3k_xFYnPXBe3mp7sAl33NSdEMfPPLqJVWBCIRjGmn1yABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3CWrztQ8Dca7b-UNFaJhkE7mzIgg%252526client%25253Dca-pub-2966169182691792%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Mon, 27 Sep 2021 18:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 344198
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycduE6I676Z2WEeHTte1LeClW_W_cXhJm7WnFGyq6rrAdPcI5DM7lRiJkpWAyOsZmjJMoswIsoM-rs4RuUCVJn0g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jaBJrFi9wso3MWKT8UVqmV0EDW6Un6Esv3eyTGZLTP8PPSdlFr%2FmTuoF%2B4M8Tm%2F6Yh5y7uVfsYH%2FaViQKjWkz8ce8jqo8k7EyTUob%2BTv3S4R1U4idG15rg8Hz%2BMt5Vp"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Tue, 28 Sep 2021 18:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 6956ad9bfaec3b61-CDG
cf-bgj: imgq:85,h2pri

GET
H2 200 A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
assets.ad4m.at/product_image/ Frame AD3A 2 KB
2 KB 60ms
42ms Image
image/webp 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=w3oNY75lPv7hWTtkHYAt0RAD3aqQOOKU&g=52b8c06757afbade14d4b2278ee5582f%2F10677092497270297395&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632766115091&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h9j3f2e3x7201zch20hs4tzk27hsysr0nvq79tqw8m2ss1dag1n8s54vtqbt5z5krjzty8ccv6xzgr2vqet9wg5n7j543re0j8wcxfgqpy5c91kgrqym4ce4dyjcterc2vekpb79dzkxz6syn28y3yaw86q595nm80nzy1cda4z2r66d5t7pvm99ahh1ppv43xvne0yghv3zs3p43sadmebt7knpx9n1qpbc8hgjjg7m6rkw2ak82ah057g323hc4e16cx7k039w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCPlUEoghSYevKBYOAwuIPlNKSwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTY2MTY5MTgyNjkxNzkyoAHCrujdA8gBCakCQKsTg1qfsz6oAwGqBLMBT9DqxS1GWAMCIe9TDenoWAs9nxHny1mZSbpi9tGICV7a-OzaglKj_zysjRuUpnV0Yxan_htKZfI1CP0SLjR2hSspfTaj4WeDOzb8NnRA3LM8KIr6oEath-7ybBbdfz7_RRpcQFMqln8uFYJ857S_WfN115igZjtczxsvTGb2-yLntEwkxedqvJ8x2vJSCz3AjguK3k_xFYnPXBe3mp7sAl33NSdEMfPPLqJVWBCIRjGmn1yABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3CWrztQ8Dca7b-UNFaJhkE7mzIgg%252526client%25253Dca-pub-2966169182691792%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA==
date: Mon, 27 Sep 2021 18:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 340608
cf-polished: origFmt=png, origSize=4031
x-guploader-uploadid: ADPycdvutdgLfV61LXlpGcoNY9_oqp4jrlq_98rGzz1-qik_E1ONGddClIUXp3O6A1VKE1aNMiURPF5vMbymMwX3wpM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1598
last-modified: Wed, 20 Jan 2021 17:03:56 GMT
server: cloudflare
etag: "7a3a98fe673db7b2502bd5c6d1316e2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LiVAP5OceJiPTC9%2FMyjJLoYbmIouOPcu7rbjfSlcfipaZabJGSgDUmzbpz4Qjzy%2F7PdwbPDzjRIvvsJJm4TSZ3IcSnMAIEDUOLImtwJAFdPJI08eUgcweRf727VYKPpV"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1611162235947637
content-type: image/webp
expires: Tue, 28 Sep 2021 18:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 4031
accept-ranges: bytes
cf-ray: 6956ad9bfaed3b61-CDG
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame AD3A 43 B
702 B 73ms
40ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneide7RC3fVfxBVcjHZHet1teW3sjTQTx8Joneid__asuidw3oNY75lPv7hWTtkHYAt0RAD3aqQOOKUasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 18:08:35 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
assets.ad4m.at/logo/ Frame AD3A 38 KB
39 KB 59ms
42ms Image
image/webp 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=w3oNY75lPv7hWTtkHYAt0RAD3aqQOOKU&g=52b8c06757afbade14d4b2278ee5582f%2F10677092497270297395&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632766115091&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h9j3f2e3x7201zch20hs4tzk27hsysr0nvq79tqw8m2ss1dag1n8s54vtqbt5z5krjzty8ccv6xzgr2vqet9wg5n7j543re0j8wcxfgqpy5c91kgrqym4ce4dyjcterc2vekpb79dzkxz6syn28y3yaw86q595nm80nzy1cda4z2r66d5t7pvm99ahh1ppv43xvne0yghv3zs3p43sadmebt7knpx9n1qpbc8hgjjg7m6rkw2ak82ah057g323hc4e16cx7k039w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCPlUEoghSYevKBYOAwuIPlNKSwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTY2MTY5MTgyNjkxNzkyoAHCrujdA8gBCakCQKsTg1qfsz6oAwGqBLMBT9DqxS1GWAMCIe9TDenoWAs9nxHny1mZSbpi9tGICV7a-OzaglKj_zysjRuUpnV0Yxan_htKZfI1CP0SLjR2hSspfTaj4WeDOzb8NnRA3LM8KIr6oEath-7ybBbdfz7_RRpcQFMqln8uFYJ857S_WfN115igZjtczxsvTGb2-yLntEwkxedqvJ8x2vJSCz3AjguK3k_xFYnPXBe3mp7sAl33NSdEMfPPLqJVWBCIRjGmn1yABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3CWrztQ8Dca7b-UNFaJhkE7mzIgg%252526client%25253Dca-pub-2966169182691792%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ==
date: Mon, 27 Sep 2021 18:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 348091
cf-polished: origFmt=png, origSize=44613
x-guploader-uploadid: ADPycdubsv_JoGneQRmIlRQ6-WmmDoeNWXTfxOJsKcJJxGZqaN_cd8GqQ-8UZCGgSD7KXf5oZBYHz3uvB6n_EA14f1s
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 39202
last-modified: Wed, 22 Jan 2020 13:11:41 GMT
server: cloudflare
etag: "c2a4f822e5a831f3b5cab39c8bcae61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5hc%2B12JEhjMBQTPBF7Q1DlT5IymV36RHzeJD8tkkq%2BlO2BhTIpMcrvdaxFZqgG86NRB%2BlV1daH1zHGUJTi6aTPfvl%2Bfj2JwykbMd40qnhJ1V0Ov9awwoBultppsNRhna"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698701189315
content-type: image/webp
expires: Tue, 28 Sep 2021 18:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 44613
accept-ranges: bytes
cf-ray: 6956ad9bfaee3b61-CDG
cf-bgj: imgq:85,h2pri

GET
H2 200 69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
assets.ad4m.at/ Frame AD3A 113 KB
113 KB 46ms
28ms Image
image/webp 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=w3oNY75lPv7hWTtkHYAt0RAD3aqQOOKU&g=52b8c06757afbade14d4b2278ee5582f%2F10677092497270297395&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632766115091&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h9j3f2e3x7201zch20hs4tzk27hsysr0nvq79tqw8m2ss1dag1n8s54vtqbt5z5krjzty8ccv6xzgr2vqet9wg5n7j543re0j8wcxfgqpy5c91kgrqym4ce4dyjcterc2vekpb79dzkxz6syn28y3yaw86q595nm80nzy1cda4z2r66d5t7pvm99ahh1ppv43xvne0yghv3zs3p43sadmebt7knpx9n1qpbc8hgjjg7m6rkw2ak82ah057g323hc4e16cx7k039w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCPlUEoghSYevKBYOAwuIPlNKSwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTY2MTY5MTgyNjkxNzkyoAHCrujdA8gBCakCQKsTg1qfsz6oAwGqBLMBT9DqxS1GWAMCIe9TDenoWAs9nxHny1mZSbpi9tGICV7a-OzaglKj_zysjRuUpnV0Yxan_htKZfI1CP0SLjR2hSspfTaj4WeDOzb8NnRA3LM8KIr6oEath-7ybBbdfz7_RRpcQFMqln8uFYJ857S_WfN115igZjtczxsvTGb2-yLntEwkxedqvJ8x2vJSCz3AjguK3k_xFYnPXBe3mp7sAl33NSdEMfPPLqJVWBCIRjGmn1yABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3CWrztQ8Dca7b-UNFaJhkE7mzIgg%252526client%25253Dca-pub-2966169182691792%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA==
date: Mon, 27 Sep 2021 18:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 345593
cf-polished: origFmt=png, origSize=136328
x-guploader-uploadid: ADPycdvs-QZH_PK4KiXG5YUBdsj1433KZc4LSWHLicKdelkZg5KTdE5Uajio0x1QbrYhxA_oWwsqimFdmuXybtV7A5k
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 115268
last-modified: Tue, 29 Oct 2019 09:42:57 GMT
server: cloudflare
etag: "0357ac79cb3ff45b9d567eab80c7e34c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BtC92cX5QewgtVduiHO5tbp3xgQzCdquYV3%2Bm6Bg9kY1SAAniZxFT3G2DG0o1LPmvef0dmvHGf5BIuy35TQcoKEiiPTfle41ugX9DCaeIDASPhGn7fPnZeFTFiaqZH9%2F"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1572342177666668
content-type: image/webp
expires: Tue, 28 Sep 2021 18:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 136328
accept-ranges: bytes
cf-ray: 6956ad9bfaea3b61-CDG
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame AD3A 43 B
705 B 71ms
39ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneide7RC3fVfYpcjHZHet1tbrzUjTQTx8Joneid__asuidw3oNY75lPv7hWTtkHYAt0RAD3aqQOOKUasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 18:08:35 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame AD3A 8 KB
9 KB 58ms
41ms Image
image/webp 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=w3oNY75lPv7hWTtkHYAt0RAD3aqQOOKU&g=52b8c06757afbade14d4b2278ee5582f%2F10677092497270297395&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632766115091&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h9j3f2e3x7201zch20hs4tzk27hsysr0nvq79tqw8m2ss1dag1n8s54vtqbt5z5krjzty8ccv6xzgr2vqet9wg5n7j543re0j8wcxfgqpy5c91kgrqym4ce4dyjcterc2vekpb79dzkxz6syn28y3yaw86q595nm80nzy1cda4z2r66d5t7pvm99ahh1ppv43xvne0yghv3zs3p43sadmebt7knpx9n1qpbc8hgjjg7m6rkw2ak82ah057g323hc4e16cx7k039w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCPlUEoghSYevKBYOAwuIPlNKSwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTY2MTY5MTgyNjkxNzkyoAHCrujdA8gBCakCQKsTg1qfsz6oAwGqBLMBT9DqxS1GWAMCIe9TDenoWAs9nxHny1mZSbpi9tGICV7a-OzaglKj_zysjRuUpnV0Yxan_htKZfI1CP0SLjR2hSspfTaj4WeDOzb8NnRA3LM8KIr6oEath-7ybBbdfz7_RRpcQFMqln8uFYJ857S_WfN115igZjtczxsvTGb2-yLntEwkxedqvJ8x2vJSCz3AjguK3k_xFYnPXBe3mp7sAl33NSdEMfPPLqJVWBCIRjGmn1yABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3CWrztQ8Dca7b-UNFaJhkE7mzIgg%252526client%25253Dca-pub-2966169182691792%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-goog-hash: crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date: Mon, 27 Sep 2021 18:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 347718
cf-polished: qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid: ADPycdv-hUOcUKmo1yKgxVDU_qqhzh1oUKXYDVtNu8kGtRXLgR2MiCGULgU66nto0AWD_9SBauNir2aR2Yf_GxMIs7A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8354
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vw6OBwO%2BXLRgelDMWv7EMjR76RieQDSFshu6O3q2c38rHYBWRE6A7s5jFFBEL0Z4mY8r7qk4KTMAHy8WYn%2FXUzI35kerKJrZvqrh38JcTBCJh42yYX14nFKufPEkVEnj"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698787150900
content-type: image/webp
expires: Tue, 28 Sep 2021 18:08:35 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 16723
accept-ranges: bytes
cf-ray: 6956ad9bfaef3b61-CDG
cf-bgj: imgq:85,h2pri

GET
H2 200 F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
assets.ad4m.at/ Frame AD3A 35 KB
35 KB 40ms
23ms Image
image/webp 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=w3oNY75lPv7hWTtkHYAt0RAD3aqQOOKU&g=52b8c06757afbade14d4b2278ee5582f%2F10677092497270297395&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632766115091&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h9j3f2e3x7201zch20hs4tzk27hsysr0nvq79tqw8m2ss1dag1n8s54vtqbt5z5krjzty8ccv6xzgr2vqet9wg5n7j543re0j8wcxfgqpy5c91kgrqym4ce4dyjcterc2vekpb79dzkxz6syn28y3yaw86q595nm80nzy1cda4z2r66d5t7pvm99ahh1ppv43xvne0yghv3zs3p43sadmebt7knpx9n1qpbc8hgjjg7m6rkw2ak82ah057g323hc4e16cx7k039w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCPlUEoghSYevKBYOAwuIPlNKSwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTY2MTY5MTgyNjkxNzkyoAHCrujdA8gBCakCQKsTg1qfsz6oAwGqBLMBT9DqxS1GWAMCIe9TDenoWAs9nxHny1mZSbpi9tGICV7a-OzaglKj_zysjRuUpnV0Yxan_htKZfI1CP0SLjR2hSspfTaj4WeDOzb8NnRA3LM8KIr6oEath-7ybBbdfz7_RRpcQFMqln8uFYJ857S_WfN115igZjtczxsvTGb2-yLntEwkxedqvJ8x2vJSCz3AjguK3k_xFYnPXBe3mp7sAl33NSdEMfPPLqJVWBCIRjGmn1yABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3CWrztQ8Dca7b-UNFaJhkE7mzIgg%252526client%25253Dca-pub-2966169182691792%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 18:08:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 349366
cf-polished: qual=85, origFmt=jpeg, origSize=40264
x-guploader-uploadid: ADPycdtAQPy3_tl9K2Cy7JoCWJ8wb8rZeCIUhgcHMxir8lSM8_y_3ELv-g0yULBc8WN9Ow58pwoDoLyEdMclrOawmZk
x-goog-storage-class: MULTI_REGIONAL
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3De7%2BIDVG%2BTqO2lYRDi06grThAmkleTUnzY85PweWHeq05hc3LhTid8JaQOQia%2FJ8NOmA8591c6oi8%2B0dHCn%2FpE7b8eq2qJAOEgsmDwZ8fiAarBtzypecG0id1Pyp6c6"}],"group":"cf-nel","max_age":604800}
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35504
cf-ray: 6956ad9bfaf03b61-CDG
expires: Tue, 28 Sep 2021 18:08:35 GMT
last-modified: Wed, 19 Feb 2020 17:37:15 GMT
server: cloudflare
etag: "9eb405de815dd9d9e1f1e47322ddf6dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=DWwdxw==, md5=nrQF3oFd2dnh8eRzIt323A==
x-goog-generation: 1582133835673152
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length
cache-control: public, max-age=86400
x-goog-stored-content-length: 40264
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame AD3A
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=COLKtOLfn_MCFTRY5QodODQD4w;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidw3oNY75lPv7hWTtkHYAt0RAD3aqQOOKUasuid__dc_reach_suite02wkz&gdpr_cons...
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1632766115_ee975d60-1fbd-11ec-a1d8-692d067fb68d

0
518 B

35ms
11ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1632766115_ee975d60-1fbd-11ec-a1d8-692d067fb68d
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=w3oNY75lPv7hWTtkHYAt0RAD3aqQOOKU&g=52b8c06757afbade14d4b2278ee5582f%2F10677092497270297395&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1632766115091&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h9j3f2e3x7201zch20hs4tzk27hsysr0nvq79tqw8m2ss1dag1n8s54vtqbt5z5krjzty8ccv6xzgr2vqet9wg5n7j543re0j8wcxfgqpy5c91kgrqym4ce4dyjcterc2vekpb79dzkxz6syn28y3yaw86q595nm80nzy1cda4z2r66d5t7pvm99ahh1ppv43xvne0yghv3zs3p43sadmebt7knpx9n1qpbc8hgjjg7m6rkw2ak82ah057g323hc4e16cx7k039w%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCPlUEoghSYevKBYOAwuIPlNKSwAaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0yOTY2MTY5MTgyNjkxNzkyoAHCrujdA8gBCakCQKsTg1qfsz6oAwGqBLMBT9DqxS1GWAMCIe9TDenoWAs9nxHny1mZSbpi9tGICV7a-OzaglKj_zysjRuUpnV0Yxan_htKZfI1CP0SLjR2hSspfTaj4WeDOzb8NnRA3LM8KIr6oEath-7ybBbdfz7_RRpcQFMqln8uFYJ857S_WfN115igZjtczxsvTGb2-yLntEwkxedqvJ8x2vJSCz3AjguK3k_xFYnPXBe3mp7sAl33NSdEMfPPLqJVWBCIRjGmn1yABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3CWrztQ8Dca7b-UNFaJhkE7mzIgg%252526client%25253Dca-pub-2966169182691792%252526adurl%25253D&y=1&z=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 18:08:35 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Mon, 27 Sep 2021 18:08:35 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1632766115_ee975d60-1fbd-11ec-a1d8-692d067fb68d
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F8E1 12 KB
5 KB 24ms
23ms Document
text/html 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.celebsecrets.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 27 Sep 2021 17:24:01 GMT
expires: Tue, 27 Sep 2022 17:24:01 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2674
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 01B6 783 B
534 B 25ms
24ms Document
text/html 172.217.18.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f4.1e100.net

Software

GSE /

Resource Hash

dbf38a836003d1151d24563c91856e2cab6802c292938eae99fc247f2a40f4b1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uLiFoFlW4pF+X58ZPNFdsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.celebsecrets.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 27 Sep 2021 18:08:35 GMT
date: Mon, 27 Sep 2021 18:08:35 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-uLiFoFlW4pF+X58ZPNFdsQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 01B6 0
0 68ms
66ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210922&jk=3877939088511344&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js Show response
pagead2.googlesyndication.com/bg/ Frame F8E1 35 KB
13 KB 27ms
26ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/9iDa3dU_tFEhRumWaalqbETNN5HIIuQ-Wj77Xalf13I.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

f620daddd53fb4512146e99669a96a6c44cd3791c822e43e5a3efb5da95fd772

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 17:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 27 Sep 2022 17:10:29 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DA33 42 B
64 B 33ms
32ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssDl-77V9LacqIx4ee53DMkX27w1yaH_XQN0nx2CezvWbeVrSxQ-nnG0hm6Sn223JcslaSUsLMu3vdPzBTzOfVlRIE23YTDndsy_dpXdwD5Ig4Lj2RCUQ&sai=AMfl-YTLR8U5yH31VJcC_ZyoGU8nD79C61v4IKH_QwlZ9vyE_emc_UgPN01g3kzKhgrPh8aJNmbSw4w7jWt3&sig=Cg0ArKJSzAY8gIcP-w8dEAE&id=lidar2&mcvt=1008&p=217,224,497,1376&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20210922&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=214710841&rs=2&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1632766113359&rpt=989&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 18:08:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 70ms
70ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210922&jk=3877939088511344&bg=!vr2lvfnNAAZNQyuQTUM7ACkAdvg8WsQCvEnkpTrtCOd0n7t_L2l7zCbCwLPxGPQougtRE8KBthredwIAAABuUgAAAAtoAQeZAtMy3pjNSv0RrMX75Pkn35CLRgx0XzcCytuZO8pNFtqLtzB_S5NdfU772wSb4CcHLe12q5QT2fOf4tPEkKAnF0GKbOFCVIbe6b_0vDZ3C0uH979Erhc951V0Sh0ao5g93j73IYAYDEUgLrE4jp-lFmB-44_XynpFAL29e9SBq50YAJwI2q4TLLgHfdaj4iUO-aXPdzesHBMAEKY6vIxQsKC_D-RGn4NmLi-xzcTHPj7cwz9Euxf1UOAQEJkyiUo6Hvnj5lqBx9K1hl5lGBT0nlCwy1S4eIfx-Okrhs87oYTZg44DcLFTxa7LsRLz6ScGhafiXM3u7DQq4yFhpI84Mo8OvQuTtECBGyUgAQ0T4YFkOcNJvisUqHe3gGaDae6-NPTr9M9Q5dchknpJxZ2Met-K431GVMU9VJmSKg2MKGwfNzTqdV6zH6VjznWCkH5-e7lnu2OrT2CCuN4KVF3GielnwAiKyrF0Tbxoxmjxkgg5qfTrmubVdNBdnv5Z8eRRbGiFAg_jEQjh_TBcVoJKuULm3wfqMsC-nyJDGiIc-UXAlDhdaIASSwKasVM1qSurMQRD1vzfXZyMqqqoBQKF169AM55Udi5yHmp-jgWD1aLn9d3EC7PjNDeS5ChwWzMPPjJQA5qa6T_kmIJAHXOXT_dfI2paojQGy24ikeZGn-4_Cu_6JKEoIrMKQVJS_0h3XRutZexDqSSXnXe85Xn0IcbBv7FQVdqdNx3Pvm9guq7JJzobRBcFbu5vK_TYtjoUVlPHM7595cnPJWRZVF2jCrWvcbOfem2OPidClSvkyUVYitKAieDvYEXlXrxw084vxFUE8lJPZy1sUwlr9Khu0Qd_5oGOssn-mnjmAuEsT6iMjYbYO1-Ga4coRKDSusoY72XCNJZErLGT2Q_sEwoPop-BfH70dWnc-G-332svPvUe0_ooO6Bn79QvhJ1vsrtlaFevSoQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.celebsecrets.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E063 42 B
64 B 33ms
33ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsulW45790BDTU_YH7g9YpP9VUB6JMzAePtPcTo1IiAEbTBhd87tkfCpoBaaplKOQ-kCJCY9yjQqhejDhJ_HxC_KOyQRbM49S_rMzzVl9YIuJg9b9YSVNA&sai=AMfl-YSvU2SI7BW9Kxq2p3jih8PMDWZpaoxFA12wfCPv7EtSXC9eLussoawB-ffhCRpjF6XDtrllMhZo86r4VnBubxsvWfqotTU2h884IyyenhTv_cG2xRXHD2tkHfZCSUg&sig=Cg0ArKJSzLEQTtd2KNl5EAE&id=lidar2&mcvt=1000&p=920,200,1200,1400&mtos=710,1000,1000,1000,1000&tos=710,290,0,0,0&v=20210922&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3492521732&rs=2&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1632766113445&rpt=943&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 18:08:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xKYgMTQAmRtpCALYcQMM-MSXzvY2nUIhO4BsXEIphnOtAuLmH7UCxqPdAJsBKijbL

Verdicts & Comments Add Verdict or Comment

110 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.celebsecrets.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: f2efdd0bf0893975fed69a6d63c8d860
.celebsecrets.com/	1970-01-20 15:03:58	Name: _ga Value: GA1.2.1458027220.1632766113
.celebsecrets.com/	1970-01-19 21:34:12	Name: _gid Value: GA1.2.1814434264.1632766113
.celebsecrets.com/	1970-01-19 21:32:46	Name: _gat_gtag_UA_90528847_1 Value: 1
.celebsecrets.com/	1970-01-20 06:54:22	Name: __gads Value: ID=33ac945950f396ce-220e4c6164c900a1:T=1632766113:RT=1632766113:S=ALNI_MY11nZ83ebLfcm5utgTVALEUIHizQ
.doubleclick.net/	1970-01-20 06:54:22	Name: IDE Value: AHWqTUlyWyG_kp0jDgIWq-_xAEj_3XqIIFuO6l9pXAzhldv7ryXx_iCYxQt4c0dCU1I
.doubleclick.net/	1970-01-19 21:32:47	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-19 21:32:49	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-19 23:42:22	Name: d Value: EBABCQGsJIEA
.quantserve.com/	1970-01-20 07:03:00	Name: mc Value: 615208a2-dd8d2-3d7a5-c5bb5
.pubmatic.com/	1970-01-19 21:34:12	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 06:18:22	Name: CMID Value: YVIIouzMSncL1U4HErndbwAA
.casalemedia.com/	1970-01-19 23:42:22	Name: CMPS Value: 3232
.openx.net/	1970-01-20 06:18:22	Name: i Value: e7c75440-7f19-48f7-b5b5-cda71b15f0d4\|1632766114
.pubmatic.com/	1970-01-19 23:42:22	Name: KADUSERCOOKIE Value: 3FA695D8-627D-4ED9-9DFB-5469C8CCA4DC
.casalemedia.com/	1970-01-19 23:42:22	Name: CMPRO Value: 1142
.casalemedia.com/	1970-01-19 21:34:12	Name: CMST Value: YVIIomFSCKIA
.innovid.com/	1970-01-19 23:42:22	Name: uuid Value: d3b2c2e1-62fc-46be-9352-509e593e5a7a-20210927 14:08:35
.awin1.com/	1970-01-19 21:35:38	Name: awpv11830 Value: 412871\|1632766115\|ee7f8fa0-1fbd-11ec-a1d8-692d067fb68d
.awin1.com/	1970-01-19 21:42:50	Name: awpv14098 Value: 412871\|1632766115\|ee7fb6b0-1fbd-11ec-a1d8-692d067fb68d
.awin1.com/	1970-01-19 21:42:50	Name: awpv11938 Value: 412871\|1632766115\|ee975d60-1fbd-11ec-a1d8-692d067fb68d
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.congstar.de/	1970-01-19 21:42:58	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1632766115_ee975d60-1fbd-11ec-a1d8-692d067fb68d%22%2C%22sp%22%3A%22awin%22%7D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVIIouzMSncL1U4HErndbwAABHYAAAIB&google_gid=CAESED-lmbMd2Hni1FZ3k6tS5w0&google_cver=1&google_push=AYg5qPIjsaZLux68RIEH3hy-57uC25E7KH6xKYgMTQAmRtpCALYcQMM-MSXzvY2nUIhO4BsXEIphnOtAuLmH7UCxqPdAJsBKijbL Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
adservice.google.com
adservice.google.de
ag.innovid.com
as.ad4m.at
assets.ad4m.at
banner.congstar.de
celebsecrets.com
celebsecretscountry.com
cm.g.doubleclick.net
cms.quantserve.com
encrypted-tbn0.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
prod-rtb.ad4mat.net
rtb.openx.net
static-de.ad4mat.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.awin1.com
www.celebsecrets.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
cm.g.doubleclick.net
104.111.239.217
104.26.11.209
104.26.6.27
132.148.250.104
142.250.184.194
142.250.184.232
142.250.185.130
142.250.185.162
142.250.185.193
142.250.185.206
142.250.186.102
142.250.186.34
142.250.186.66
142.250.186.67
142.250.186.78
142.250.186.98
148.251.139.77
172.217.18.100
172.217.23.99
172.67.74.129
18.169.113.1
185.64.190.78
192.124.249.164
216.58.212.142
216.58.212.170
34.95.89.54
35.186.253.211
52.18.11.109
69.173.144.165
74.125.140.154
91.228.74.134
001de631b72480e07e7246acc12f9552f023cef5159872d10b2eb036c7ed3fcc
003be4b32aad80509340d6c2a4769486788681e0af02c36987a6a3fab9522b7f
00501810e93307a8882a74d864e7547fd1458deea539361dc1124ac133799a4b
0284d42b43b431163138ad07c2e26fee046b82609761b503949c054fe67cf38a
044efea78208376302aad3808aaabdf3c2f7bdd80ba9d55c9e0e4d3baa7a3908
064171cd3bcf1f06f0debdf14d0f4a25dfa4d03ee891cd62e125049d91f678eb
09daf77f1dfe54bc12dd28501b03563ba333317f7bd7e49a79e36e0896c83032
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c604912b924b6b0295bde9c0996226c0c640f82454c776f44b67dbe4b35fe05
0ccc97e780ac12cbe38cd53565334a02bb572df2ab34fff8ba2654a2782b0c04
0d3f57a9a5b4f2c8411ab8e3e7e4c0f1ae3a63251e44d38de112b76f138a7c73
1069a63dba084c49a2d8946bddfaed6f2701a02f718ece3e59c41a4e69479204
10aedcc6862cd5551fe93a26d7212b71332c401fd05352388c6976bad2e1de94
10efe442b2eea463c1357b3a02f2e4aafbbfd1bbbd1802ec6b4785e17c53a36b
11dd7443e60c9756c636d4d9e270eeba4085691a86dc1d343af835e5cb354ed9
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
143955879d55a60dc7ecb3bedf93773f4559db893a1748a18ed7878a67ca2670
146989fe165916dfc4aa19c99fc9d29f6675a72c61f985b914eb668febcbb827
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b815cabad83e366472732f19b390c8ca70d2e17380af36fdb745f87ef507a35
1c045fd18778d6cb007565f471c7d6f442aef231cd65359b0fbcef666b432155
205988b80eeedc442aa4ba78fd4bda5b1b139415f3dc88043fc73adcd71cbae2
212085b116ddda61ed07c2a2a931856749dd4746f7e582a7db8a66262e3906e9
25abf4a707821a0c281bd69fd0011b09f5e6b52e6da3b83a2ad415e36e979e21
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2b2c833a45e7ef24310ec4c850dd885d43abc1faea3a002dc04f04420cdaa4ad
2d4d539ba58efe2a5d490c3c1cce7fb53c39791b20b14175cdd504f829d3c9a1
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e66ce2eadd79bca0080194f87dbf2f1d01bbf996241615de43d94dfc7eb1d0d
2e6b0a2cec3859dab46e9fd4e4ef15651195c3be5bc1e7ff472c803ddb508e95
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
30cd961db82d46c3ac5c6a4abb291fcdc9e1bd4ded973363d2c8dad8039bf3df
31d855e6b27133ef148ff82f9cef9d66bfc5fb4b8c102c32965764d8409254b9
324dbc3f38a9f0a20763e0c0d817aadea2b441e2b872b81c69f453857da67489
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
3802d624909d1dd6225bf0f488a6c91bfb29ebef84e3e524fc378523655dda53
38e3f5eb44d5ed42b39cae8af2e0710e9290b042bfcffd9c5cf2e3c751e0e20b
3a7ad5974f3d165d1a83149795afe792e241b0e6a41078c6e14bcecc5449934e
3b5a5dc0ed2dd03de3f572bff9f526bfffdb3e0f4f92cf60e98841d2b268342f
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
414d9c3b0873f82c4c97a189041a79f6a1c7b08380600bbeedc77bf7498c1102
41cd496c91f0a37d8450324cb9f6c87772a83d067593ff8aacc825a858c4b886
4492a4f252febe84a00d7f8246e50e43475a11d7192a279aab3c189cd3721456
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4afe80fe34b9730e2b0efe996bfecc0a3ad4e3c035f3b922252cda89086273b0
4b39d832e1c8c31132732dd0d297b6926850db2c4ef9bafee21bf5f40d0ea0ec
4d1fd02bcde85db6ced117991aa0a62380bf0c81b3558bdb0d15e27352ac3f32
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dca312cf1910fa8b86cf95e4adc8e04da01dc959716b223af285ad95995f49f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5e6569cad7dffb31f0d1730c6fb4fb9ea7cdb2d9618abc551b7cfdd21ac9f9
4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353
4f6b24cb347775f10a21a82a0d94b506895d8127de2164f95cbbb035860478a8
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
528a582ea998425535a5dd162b3f7fbc3fe78098a4089a31fec260fbc6c3cc79
52d63b62a17a6a373d35ff5c91b77341ebee18f0226cd79f486ef71db4fd5f37
53bbb293c75981334e5950eb05600ebf2d9eb72b2a7a62246a054cf84e82b216
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5da38a65edff1b5eab44db11aacbff33ff837753b2c5b2519924a740b33d7b6c
5f0989a9002df46b705fb45e14d611df0d8ecc6f6ad2f6587bfe88c1adb0ed60
5f3dca760a16a5bbc551921bccf65a5d73945f97616ea347cf09ffa50ca2b4cb
5fee992fe9fe9fb5bebd96f8a7a0bc978f755703a818fccff9d78d3ba2d7dc6c
611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44
6353a0800cf14f023652cf95ad6320baec63dea329f0d6e0270e95316828f2bc
63a44a22f18cbfe846a1deb234a81d80f15363bc79b1b5eb38ae93d64c84d05a
647a6b36f3fd1f21bae171270111096b4613c23a47e6621628a51bae9c82b0b7
65125c9094777f67a9ff4142953b40709a43718de763e7fd23e63fa18d53fa79
653085a623e124b2e93a067933bb39dadf98716c2d71ac5efd4ebc001bbec5af
661e00570c65c29528d9ce6ee19e5e9939986716c293def67b07f8b6a191b018
67a93cb596cf7e65926cc6f37e356a5ba6249a3ac8dbce1b8e5fd16ae3967f92
693e2dd1818182a4c4d6af23d18118646a0aa250a9001c2e468555dcf653b982
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6fc1699d6979a18d2df312bf103f4e00f8b32dc52429a99e1fe8e4a6449afd7f
71731ff4a0eedab848f041f72eb694346cac3d78cfc7170c7c449f2046a4c4c5
7247f875a22d220ec2dabb0e39ee42d46fcf43df2d7d92a3a7f9c469991a1c3a
72916f7bbe1f58074ed2c8307708f415ea14c84c1db4ed0ad1e203ff05b0c903
72a480ee9a81da613b76e776e22967bd0601d4abd16ae60349995dc4f18af969
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
76b8c213b84808d8f2986bfa38e79e3f2d1a94f065e517a143999b198abd8bd6
77bf60e84e126d1609cc0a302c3953dc25ae054aaee3514d04a4726d4f2609fe
7906fa4d7874e0f1ffceeb5747aef240749d1951953896e7c4e4f564146d0bdc
79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d
79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23
80107f11f8fef70c5d2d2ff48293c1fddc0a7f904b00412d121d717bf454e14b
826bdb0684625b9484e5ba8bdf7778b58c7cb4bd88c22b6e64ad5f5f08e0eb09
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84a0fb8b9d196f9439f762fef0f5c0913e601b0fdcba75b6335fa451b0c7751f
85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa
8607c3d46d280069cdaa1a39378ff7d6d4d1ead587ec36e8a4e7e367a37488f8
89cc40742de2c6f54ccf37278aa196919ee14282defdbc23bda2eb2485f8d159
8adc377a6a5c1d3a9ab10793c57b6dc6fdfcff0de61f52dda905da037d1c1e7c
8b3313ac4bf98c0f8bab5b27cb0e7909351cd7f5d62c68bfad25c0b04cc9c99b
8bd0ece453523856db6704ce9e88360cd63332528e1fe83cc60731e21109f6f1
8cc5d1bf80f7a4a5acc05ae067f695460f9f12614e8814c1856f49d4c4e7d883
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
90b15a4a150ee5942857834541af9b639d6f8a97b4f7de269bccd6e775b869ae
916079cc6df11c53017bb1357534c9d0c19583159b1c5645dabf6070b84adcc2
91f8456df712188504db6297b5a7e05225cf9466910e68c754a138ba79060546
91fd58b7e15d5808f999267ba2a35ae5f15abef08599c5a5e81ba0556dbe4d90
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9445f9db635bbc121f4f058b259498194f6d7d6bfa88afc21a7d98b379cb4893
94acd37f51660f15c113d65bcb2dcd7b5859901de51a368f57869c305757ce29
970ec28c858a30ab21ee316f9a6cf6f9de5287fc7821af8849538cc96871dec2
995fa6a1d3ca2df50d0052ce2147058a3f258dce731085cb7a22c71b1374d9cc
99ada7e01817367027759ac452a1dd11eca7557272b8940d659c07adb6bc8cbe
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35
9c96ecd870afb8f6077d9d16f43533b9c79429c976a48a249fba8a079544f5bb
9d00d763f4644a37531dfa2e061bc85a45253d14a2e22a4a3c3defb5359d233f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a7acfb3926865d68cafe8359320b0fa8959de6de7d2422ec43bd2a3736c40754
a7eb4dfaeb3a5b3370523b353c14853d801722a62325eb88ef60b3fd08f016f4
a98e42b2d4ab1ae36f3b270a0dff6ad2f158100833978ff0a549674a2543e78a
aa485d41490b910a2963214d7587ef15dd329a3e178f66c3edc02df9915fbb5d
aa51b394829a00e1b07f5b11a0d4cde0e8dc69d7dbe539085b3af64387468678
aabc30ee10c2b23a718fe443f43b051563fa5c58aa4b48cb64155a424e451468
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac04af14591f59be711b015d623154f3cd61eab114e9ee33563a2b30d55202eb
b3eed95d75a33ef44fec29a4e88039cfa8089a52372dff2ea51e5ca280c8d979
b6c3f63ff168e10c2356f15fd5fb56294c57d8ca204b8e21c08f1383f43643cf
baccf27e844d05cc2630d9b73dd4d2406c58d6768a432f7b6da391a4a53131d6
bb68626ee6d6ca75177819f98414cc9414578c617740319ba1bb41ea6ff6f2f4
bc627845c642a51f9d4120607fdbd14ab13777acee704ce91433be238b661c05
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
be782e7a599f69742b110ad7060bb33567b4cf4c0a2178a0691529bdecd0bae5
be84f29bbc2688431dfe88d8734df56354ec9cf37992bf191a5073300c6ec6dd
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c1e10d3b19ef0b78a7d798122c0d9c232a7c4ac3662392462fc9ba9ec7edbe69
c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809
c313eafd49a7f12b4bb014b8b23a6675b9000c625344fcd99d8aa2f4abf7b746
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c577726c3a9a76b040889f2e86bdc61ede513e9fd58569e7d669771b4bdb3a06
c8a2ce0ff737cb50745bcd2b534fa03c462d897895dadb9af2d46e37db45c2f2
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
cf60db8f01da2e8ea3dc9eec7a0206aa5e13969745fb6731bdab13bf2da82d14
d029bb7532fc576ed89db23f343e422f817d63b9ef929584990064a9d874eba5
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d13e5a6abe388913323268ca98d8625b064511329043b0d3a88ba18c960aef02
d355cf98aeecbb16480cc19e5f0afa9cf9b0a92526437d3e91a084a5ca78d400
d41cbe565ccd60b6d3307f5440be39e6d037630294973ab3b3df16bc8c6bb02f
d603b6e5c404d28a9f1c12bb0b57d8c9967836a8f53cce046a2ab3fd1f3b2f52
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
d9c65db554d57f17a964bee80b4c94050e40f3a692852cf0ca2fdb9612c83273
dbf38a836003d1151d24563c91856e2cab6802c292938eae99fc247f2a40f4b1
dc720a7c47155bdfc4a56a77d11bf92eab61985116f5008344cf48f28e9c5eaf
dd5bb66bac9f2d27689f537a7beaf5630134204e7327c42c066f0b64717fb3d3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e02fb5c325499a5c9c1bf74dc6fc6af5117263af30e0f58e28d9d6a6a2b8803f
e19bea98d58ecb95000ac095a89d1ea52b6fc4edda824df5408915d40e1ae56b
e359ae3a06ae02c38ba2d09707dee364ab18c64164e7a739eae142294d8dd499
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7eabc7f05a63848ca0cf3d821014400d89e413dd6d11de71620a36cb655f99b
e86f318afe68ae1cbd7d2a3b00734e1d3fe53f6ff08b6bfea9af5006e4b35328
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7505c0676bc854b983e940316b2281866fd9d6a56c40c042b7254051afddb0
f482573663502de097072d09230c9b37a9225648fbff6a2f97f2b862f059a235
f620daddd53fb4512146e99669a96a6c44cd3791c822e43e5a3efb5da95fd772
fa3c969639cf419ee66ff6ba52dbb8acd4dc86c4754b8e0f0ae8ef1c1e189fe0
fca86a2e9f085d0a0a2badb97ee8e4571db1927cdb31ba2a5e446eb51099165e
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe2ac5219992a3608a5c9e2bc4759fac8fb2189b88d7a674d395ff6c435da536
fe5044def3c01a57cf46d476bbb3eb0aa643feb483f5ec3ecf332a89b4ba39c4
fefad7e7c34ba89f96e18c3cce587cc5b5e42de8190610e6947fda7aec19d527
ff7f41fb46f8e9ecafe2c34d443535baec1dcf56cea4701d82e3e387fee68353
ff9aa2eb069ac7ff0f7062c6816a8d1ca93c9e5e70950f6490a723cd6f29c143
ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75

www.celebsecrets.com Open in urlscan Pro 192.124.249.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

224 Requests

100 %HTTPS

0 %IPv6

22 Domains

34 Subdomains

27 IPs

4 Countries

3256 kBTransfer

6079 kBSize

23 Cookies

20 Outgoing links

Page URL History

Redirected requests

224 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.celebsecrets.com Open in urlscan Pro
192.124.249.164 Public Scan

Screenshot
Live screenshot

Full Image

224
Requests

100 %
HTTPS

0 %
IPv6

22
Domains

34
Subdomains

27
IPs

4
Countries

3256 kB
Transfer

6079 kB
Size

23
Cookies

224 HTTP transactions
17 data transactions