www.hawtcelebs.com Open in urlscan Pro
2606:4700:3036::ac43:b893 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.hawtcelebs.com/
Effective URL:
https://www.hawtcelebs.com/
Submission: On September 27 via manual (September 27th 2021, 2:41:43 pm UTC) from US — Scanned from DE

Summary HTTP 573 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 95 IPs in 14 countries across 81 domains to perform 573 HTTP transactions. The main IP is 2606:4700:3036::ac43:b893, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hawtcelebs.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 4th 2021. Valid for: a year.

This is the only time www.hawtcelebs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	2606:4700:303... 2606:4700:3036::ac43:b893	13335 (CLOUDFLAR...) (CLOUDFLARENET)
48	2606:4700::68... 2606:4700::6810:8616	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
6	68.71.249.118 68.71.249.118	20093 (ZEROLAG) (ZEROLAG)
1	2606:4700:20:... 2606:4700:20::681a:507	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
18	2606:4700:20:... 2606:4700:20::681a:fee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
68	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
16	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
3	2600:9000:215... 2600:9000:2156:4000:5:c4ab:c3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2 2	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
12 12	185.64.189.216 185.64.189.216	62713 (AS-PUBMATIC) (AS-PUBMATIC)
101 121	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3 3	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 3	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	193.122.128.135 193.122.128.135	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 1	146.0.227.109 146.0.227.109	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
1 1	88.214.206.142 88.214.206.142	46636 (NATCOWEB) (NATCOWEB)
2	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
3	2600:9000:215... 2600:9000:2156:c400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 2	54.72.219.124 54.72.219.124	16509 (AMAZON-02) (AMAZON-02)
32	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
4 6	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	185.33.223.178 185.33.223.178	29990 (ASN-APPNEX) (ASN-APPNEX)
1	74.125.140.154 74.125.140.154	15169 (GOOGLE) (GOOGLE)
1	54.218.137.60 54.218.137.60	16509 (AMAZON-02) (AMAZON-02)
10	3.212.141.148 3.212.141.148	14618 (AMAZON-AES) (AMAZON-AES)
76	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
5	18.185.166.223 18.185.166.223	16509 (AMAZON-02) (AMAZON-02)
12	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	34.253.22.126 34.253.22.126	16509 (AMAZON-02) (AMAZON-02)
2 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 3	213.155.156.167 213.155.156.167	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
2 3	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 2	80.64.106.147 80.64.106.147	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
2 4	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	35.212.101.174 35.212.101.174	15169 (GOOGLE) (GOOGLE)
4 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
6 6	54.93.133.131 54.93.133.131	16509 (AMAZON-02) (AMAZON-02)
4 7	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
5	2.18.233.67 2.18.233.67	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	216.52.2.19 216.52.2.19	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2 3	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
2 4	3.126.175.244 3.126.175.244	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2 2	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4 6	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
1 3	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.86.137.110 185.86.137.110	201081 (SMARTADSE...) (SMARTADSERVER)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
4 4	3.127.92.82 3.127.92.82	16509 (AMAZON-02) (AMAZON-02)
2	18.194.125.59 18.194.125.59	16509 (AMAZON-02) (AMAZON-02)
1	217.79.188.11 217.79.188.11	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 3	193.232.148.158 193.232.148.158	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2 2	51.178.20.140 51.178.20.140	16276 (OVH) (OVH)
1	135.125.160.160 135.125.160.160	16276 (OVH) (OVH)
3 4	52.59.115.28 52.59.115.28	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.178.101 35.210.178.101	15169 (GOOGLE) (GOOGLE)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
5 5	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4 5	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
1 2	2600:9000:215... 2600:9000:2156:de00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
3	5.9.116.173 5.9.116.173	24940 (HETZNER-AS) (HETZNER-AS)
3	5.9.119.17 5.9.119.17	24940 (HETZNER-AS) (HETZNER-AS)
7	136.243.3.132 136.243.3.132	24940 (HETZNER-AS) (HETZNER-AS)
7	148.251.247.207 148.251.247.207	24940 (HETZNER-AS) (HETZNER-AS)
1 2	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
7	136.243.6.97 136.243.6.97	24940 (HETZNER-AS) (HETZNER-AS)
2 3	72.251.244.142 72.251.244.142	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 3	3.64.197.25 3.64.197.25	16509 (AMAZON-02) (AMAZON-02)
3 4	35.205.207.25 35.205.207.25	15169 (GOOGLE) (GOOGLE)
1	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 2	81.222.128.215 81.222.128.215	20597 (ELTEL-AS) (ELTEL-AS)
5	2600:9000:215... 2600:9000:2156:8400:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2.18.232.28 2.18.232.28	16625 (AKAMAI-AS) (AKAMAI-AS)
2	158.69.139.225 158.69.139.225	16276 (OVH) (OVH)
7	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	67.202.114.216 67.202.114.216	32748 (STEADFAST) (STEADFAST)
1	143.204.98.117 143.204.98.117	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c01::9d	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:aa00:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:e8a... 2600:1f18:e8a:cd02:882c:d916:bae1:7722	14618 (AMAZON-AES) (AMAZON-AES)
1	104.16.88.26 104.16.88.26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
14	70.42.32.95 70.42.32.95	13789 (INTERNAP-...) (INTERNAP-BLK3)
6	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
7	67.202.105.32 67.202.105.32	32748 (STEADFAST) (STEADFAST)
1	143.204.98.71 143.204.98.71	16509 (AMAZON-02) (AMAZON-02)
1	67.202.105.31 67.202.105.31	32748 (STEADFAST) (STEADFAST)
6	2606:4700:21:... 2606:4700:21::681b:cf5c	() ()
1	142.250.185.98 142.250.185.98	() ()
573	95

27 2606:4700:3036::ac43:b893 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.hawtcelebs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2606:4700::6810:8616 (United States)

ASN13335 (CLOUDFLARENET, US)

live.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.demand.supply	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 68.71.249.118 (United States)

ASN20093 (ZEROLAG, US)

udmserve.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:507 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:20::681a:fee (United States)

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

68 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:4000:5:c4ab:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

bid.underdog.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.90 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 185.64.189.216 (United Kingdom) 12 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

121 142.250.185.130 (United States) 101 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.80 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.114 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.109 (Ascension Island) 1 redirects

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.206.142 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:c400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.219.124 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-219-124.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.234.21 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.223.178 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.140.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f154.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.218.137.60 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-218-137-60.us-west-2.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.212.141.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-141-148.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

76 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.185.166.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-166-223.eu-central-1.compute.amazonaws.com

red.vtracy.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.253.22.126 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-22-126.eu-west-1.compute.amazonaws.com

secure-gg.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.167 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-167.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.64.106.147 (Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr2.rutarget.ru

google-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.235.93 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.212.101.174 (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 174.101.212.35.bc.googleusercontent.com

cs.chocolateplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (Amsterdam, Netherlands) 4 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.93.133.131 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-133-131.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.126.56.137 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.233.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-67.deploy.static.akamaitechnologies.com

s79.mxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1288:110:c305::8000 (Dublin, Ireland) 2 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.19 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (United Kingdom) 2 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.126.175.244 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-175-244.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.114.159.118 (Germany) 2 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 76.223.111.131 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.234.233 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.110 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba2b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.127.92.82 (Frankfurt am Main, Germany) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-92-82.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.125.59 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-125-59.eu-central-1.compute.amazonaws.com

tags.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.79.188.11 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: imagesrv.adition.com

imagesrv.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.232.148.158 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp19.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.178.20.140 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu

c.eu1.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.125.160.160 (France)

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.59.115.28 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-115-28.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.178.101 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 101.178.210.35.bc.googleusercontent.com

a.volvelle.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.189.110 (United Kingdom) 5 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.2.236 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:de00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.9.116.173 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h373.meetrics.de

stat.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.9.119.17 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h361.meetrics.de

s79.research.de.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 136.243.3.132 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h224.meetrics.de

b26.s79.research.de.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 148.251.247.207 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h366.meetrics.de

b24.s79.research.de.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 136.243.6.97 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h243.meetrics.de

b199.s79.research.de.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.251.244.142 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.64.197.25 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-197-25.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.205.207.25 (Brussels, Belgium) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 25.207.205.35.bc.googleusercontent.com

ads.avads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.132 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 81.222.128.215 (Russian Federation) 1 redirects

ASN20597 (ELTEL-AS, RU)
PTR: ad15.adriver.ru

ssp.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2156:8400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.18.232.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 158.69.139.225 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip225.ip-158-69-139.net

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.114.216 (United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-117.fra50.r.cloudfront.net

ob.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c01::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:aa00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd02:882c:d916:bae1:7722 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.88.26 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 70.42.32.95 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-71.fra50.r.cloudfront.net

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.31 (United States)

ASN32748 (STEADFAST, US)
PTR: ip31.67-202-105.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:21::681b:cf5c (None, )

ASN- ()

px.vliplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (None, )

ASN- ()

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
166	doubleclick.net 101 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net bid.g.doubleclick.net googleads4.g.doubleclick.net stats.g.doubleclick.net	433 KB
95	googlesyndication.com pagead2.googlesyndication.com a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com tpc.googlesyndication.com ade.googlesyndication.com	666 KB
76	2mdn.net s0.2mdn.net	2 MB
48	demand.supply live.demand.supply api.demand.supply	126 KB
27	hawtcelebs.com 1 redirects www.hawtcelebs.com	1 MB
25	pubmatic.com 23 redirects image8.pubmatic.com image2.pubmatic.com image4.pubmatic.com image6.pubmatic.com simage2.pubmatic.com	7 KB
24	de.com s79.research.de.com b26.s79.research.de.com b24.s79.research.de.com b199.s79.research.de.com	7 KB
22	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com images.outbrainimg.com	385 KB
18	vlitag.com services.vlitag.com tag.vlitag.com assets.vlitag.com stats.vlitag.com	916 KB
17	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com odb.outbrain.com mcdp-nydc1.outbrain.com mv.outbrain.com	204 KB
13	yahoo.com 6 redirects ads.yahoo.com ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	9 KB
13	adsafeprotected.com 1 redirects fw.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	105 KB
12	google.com adservice.google.com www.google.com	3 KB
9	tynt.com cdn.tynt.com ic.tynt.com de.tynt.com	8 KB
9	googletagservices.com www.googletagservices.com	324 KB
7	google-analytics.com www.google-analytics.com	40 KB
7	consensu.org quantcast.mgr.consensu.org test.quantcast.mgr.consensu.org audit-tcfv2.quantcast.mgr.consensu.org	177 KB
6	vliplatform.com px.vliplatform.com	2 KB
6	w55c.net 4 redirects pm.w55c.net tags.w55c.net	5 KB
6	adsrvr.org 4 redirects match.adsrvr.org	3 KB
6	advertising.com 6 redirects pixel.advertising.com	2 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com ssum-sec.casalemedia.com	4 KB
6	google.de adservice.google.de	2 KB
6	quantserve.com secure.quantserve.com pixel.quantserve.com cms.quantserve.com	19 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	70 KB
6	udmserve.net udmserve.net	8 KB
5	adform.net 4 redirects c1.adform.net	2 KB
5	mxcdn.net s79.mxcdn.net	285 KB
5	openx.net 4 redirects us-u.openx.net rtb.openx.net	2 KB
5	vtracy.de red.vtracy.de	18 KB
4	avads.net 3 redirects ads.avads.net	1 KB
4	bidswitch.net 3 redirects x.bidswitch.net	2 KB
4	sharethrough.com 2 redirects match.sharethrough.com	1 KB
4	spotxchange.com 4 redirects sync.search.spotxchange.com	3 KB
4	media.net 2 redirects cs.media.net	3 KB
4	travelaudience.com 2 redirects ads.travelaudience.com	1008 B
3	cheqzone.com ob.cheqzone.com obs.cheqzone.com	21 KB
3	360yield.com 2 redirects match.360yield.com	992 B
3	m6r.eu 2 redirects tracking.m6r.eu	2 KB
3	meetrics.net stat.meetrics.net	1 KB
3	3lift.com 2 redirects eb2.3lift.com	1 KB
3	dyntrk.com 2 redirects c.eu1.dyntrk.com gu.dyntrk.com	2 KB
3	adhigh.net 2 redirects px.adhigh.net	1 KB
3	stickyadstv.com 1 redirects ads.stickyadstv.com	2 KB
3	adition.com 2 redirects dsp.adfarm1.adition.com imagesrv.adition.com	1 KB
3	chocolateplatform.com 1 redirects cs.chocolateplatform.com	441 B
3	de17a.com 2 redirects d5p.de17a.com	856 B
3	quantcount.com rules.quantcount.com	2 KB
3	adnxs.com 3 redirects secure.adnxs.com ib.adnxs.com	3 KB
3	underdog.media bid.underdog.media	155 KB
3	googleapis.com fonts.googleapis.com imasdk.googleapis.com	121 KB
2	dtscout.com t.dtscout.com	3 KB
2	adriver.ru 1 redirects ssp.adriver.ru	539 B
2	linkedin.com 1 redirects px.ads.linkedin.com	771 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	rfihub.com 1 redirects a.rfihub.com	2 KB
2	smaato.net 1 redirects s.ad.smaato.net	678 B
2	volvelle.tech 2 redirects a.volvelle.tech	1 KB
2	dotomi.com dclk-match.dotomi.com	207 B
2	smartadserver.com rtb-csync.smartadserver.com	326 B
2	1rx.io 1 redirects sync.1rx.io	868 B
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	ctnsnet.com 1 redirects gcm.ctnsnet.com	792 B
2	rutarget.ru 1 redirects google-sync.rutarget.ru	977 B
2	teads.tv sync.teads.tv	344 B
2	lockerdome.com lockerdome.com	862 B
2	googletagmanager.com www.googletagmanager.com	77 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	google.se www.google.se	522 B
1	amung.us whos.amung.us	146 B
1	o2online.de portal.o2online.de	609 B
1	mathtag.com 1 redirects sync.mathtag.com	693 B
1	turn.com 1 redirects ad.turn.com	450 B
1	createjs.com code.createjs.com	63 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	581 B
1	sonobi.com sync.go.sonobi.com	474 B
1	imrworldwide.com secure-gg.imrworldwide.com	297 B
1	admanmedia.com 1 redirects cs.admanmedia.com	490 B
1	admixer.net 1 redirects inv-nets.admixer.net	472 B
1	technoratimedia.com sync.technoratimedia.com	297 B
1	waust.at waust.at	6 KB
573	81

	Domain	Requested by
121	cm.g.doubleclick.net	101 redirects googleads.g.doubleclick.net a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
76	s0.2mdn.net	www.hawtcelebs.com s0.2mdn.net a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
53	pagead2.googlesyndication.com	live.demand.supply a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com tpc.googlesyndication.com www.hawtcelebs.com fw.adsafeprotected.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com securepubads.g.doubleclick.net tag.vlitag.com pagead2.googlesyndication.com
41	live.demand.supply	www.hawtcelebs.com live.demand.supply
32	tpc.googlesyndication.com	a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.hawtcelebs.com s0.2mdn.net securepubads.g.doubleclick.net
27	www.hawtcelebs.com	1 redirects www.hawtcelebs.com tag.vlitag.com
16	securepubads.g.doubleclick.net	live.demand.supply securepubads.g.doubleclick.net a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com www.hawtcelebs.com
13	log.outbrainimg.com	widgets.outbrain.com
12	googleads4.g.doubleclick.net	www.hawtcelebs.com
12	image8.pubmatic.com	12 redirects
10	assets.vlitag.com	tag.vlitag.com
10	dt.adsafeprotected.com	a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
9	www.googletagservices.com	securepubads.g.doubleclick.net a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com www.hawtcelebs.com tag.vlitag.com
9	a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
9	widgets.outbrain.com	www.hawtcelebs.com widgets.outbrain.com
8	images.outbrainimg.com
7	ic.tynt.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
7	b199.s79.research.de.com	a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
7	b24.s79.research.de.com	a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
7	b26.s79.research.de.com	a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
7	ups.analytics.yahoo.com	4 redirects googleads.g.doubleclick.net
7	api.demand.supply	live.demand.supply
6	px.vliplatform.com
6	match.adsrvr.org	4 redirects a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
6	pixel.advertising.com	6 redirects
6	www.google.com	a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com www.hawtcelebs.com tpc.googlesyndication.com
6	adservice.google.com	securepubads.g.doubleclick.net
6	adservice.google.de	securepubads.g.doubleclick.net
6	udmserve.net	www.hawtcelebs.com live.demand.supply bid.underdog.media
5	quantcast.mgr.consensu.org	www.hawtcelebs.com quantcast.mgr.consensu.org
5	c1.adform.net	4 redirects www.hawtcelebs.com
5	simage2.pubmatic.com	5 redirects
5	s79.mxcdn.net	s0.2mdn.net s79.mxcdn.net
5	red.vtracy.de	s0.2mdn.net a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
4	tag.vlitag.com	services.vlitag.com tag.vlitag.com
4	ads.avads.net	3 redirects
4	x.bidswitch.net	3 redirects
4	pm.w55c.net	4 redirects
4	match.sharethrough.com	2 redirects a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
4	pr-bh.ybp.yahoo.com	2 redirects a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com www.hawtcelebs.com
4	sync.search.spotxchange.com	4 redirects
4	cs.media.net	2 redirects a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
4	ads.travelaudience.com	2 redirects a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	mv.outbrain.com	widgets.outbrain.com
3	odb.outbrain.com	widgets.outbrain.com
3	match.360yield.com	2 redirects
3	tracking.m6r.eu	2 redirects
3	s79.research.de.com	s79.mxcdn.net
3	stat.meetrics.net	s79.mxcdn.net
3	eb2.3lift.com	2 redirects a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
3	px.adhigh.net	2 redirects www.hawtcelebs.com
3	ads.stickyadstv.com	1 redirects googleads.g.doubleclick.net
3	www.gstatic.com	a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
3	cs.chocolateplatform.com	1 redirects a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
3	rtb.openx.net	2 redirects a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
3	d5p.de17a.com	2 redirects a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
3	pixel.quantserve.com	www.hawtcelebs.com
3	rules.quantcount.com	secure.quantserve.com
3	image4.pubmatic.com	1 redirects
3	image2.pubmatic.com	3 redirects
3	bid.underdog.media	udmserve.net bid.underdog.media
3	fonts.gstatic.com	fonts.googleapis.com
2	stats.vlitag.com
2	obs.cheqzone.com	ob.cheqzone.com
2	t.dtscout.com	waust.at t.dtscout.com
2	ssp.adriver.ru	1 redirects
2	px.ads.linkedin.com	1 redirects
2	a.rfihub.com	1 redirects www.hawtcelebs.com
2	s.ad.smaato.net	1 redirects a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
2	image6.pubmatic.com	2 redirects
2	a.volvelle.tech	2 redirects
2	c.eu1.dyntrk.com	2 redirects
2	tags.w55c.net	a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
2	dclk-match.dotomi.com	a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
2	rtb-csync.smartadserver.com	googleads.g.doubleclick.net
2	dsp.adfarm1.adition.com	2 redirects
2	sync.1rx.io	1 redirects a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
2	ap.lijit.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	gcm.ctnsnet.com	1 redirects a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
2	ads.yahoo.com	googleads.g.doubleclick.net
2	google-sync.rutarget.ru	1 redirects a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	2 redirects
2	fw.adsafeprotected.com	1 redirects a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
2	lockerdome.com	live.demand.supply
2	secure.adnxs.com	2 redirects
2	secure.quantserve.com	udmserve.net quantcast.mgr.consensu.org
2	www.googletagmanager.com	www.hawtcelebs.com tag.vlitag.com
2	services.vlitag.com	www.hawtcelebs.com services.vlitag.com
2	fonts.googleapis.com	www.hawtcelebs.com a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
1	ade.googlesyndication.com
1	mcdp-nydc1.outbrain.com	widgets.outbrain.com
1	de.tynt.com	cdn.tynt.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	cdn.jsdelivr.net	assets.vlitag.com
1	cdn.tynt.com	waust.at
1	www.google.se
1	test.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	imasdk.googleapis.com	tag.vlitag.com
1	ob.cheqzone.com	widgets.outbrain.com
1	whos.amung.us	waust.at
1	widget-pixels.outbrain.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	portal.o2online.de	www.hawtcelebs.com
1	cms.quantserve.com	a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
1	sync.mathtag.com	1 redirects
1	gu.dyntrk.com	a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
1	imagesrv.adition.com	a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
1	ad.turn.com	1 redirects
1	code.createjs.com	s0.2mdn.net
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.go.sonobi.com	a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
1	secure-gg.imrworldwide.com	a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
1	static.adsafeprotected.com	a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
1	bid.g.doubleclick.net	a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
1	ib.adnxs.com	1 redirects
1	cs.admanmedia.com	1 redirects
1	inv-nets.admixer.net	1 redirects
1	sync.technoratimedia.com	www.hawtcelebs.com
1	waust.at	www.hawtcelebs.com
573	127

This site contains links to these domains. Also see Links.

Domain
undefined
www.outbrain.com
neonail.de
www.fisherinvestments.com
www.freenet.de
www.americanexpress.com
de.investing.com
rfvtgb.xfreehub.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-04` - `2022-07-03`	a year	crt.sh
demand.supply Cloudflare Inc ECC CA-3	`2021-04-21` - `2022-04-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
udmserve.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-08-21`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
underdog.media DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-08-21`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.technoratimedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-17` - `2022-10-05`	a year	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2020-09-27` - `2021-10-29`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
vtracy.de Amazon	`2021-05-25` - `2022-06-23`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-02-01`	a year	crt.sh
teads.tv R3	`2021-08-23` - `2021-11-21`	3 months	crt.sh
ads.travelaudience.com R3	`2021-08-13` - `2021-11-11`	3 months	crt.sh
*.de17a.com Sectigo ECC Domain Validation Secure Server CA	`2020-11-25` - `2021-12-25`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.rutarget.ru Thawte RSA CA 2018	`2021-05-17` - `2022-06-17`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
chocolateplatform.com GTS CA 1D4	`2021-08-28` - `2021-11-26`	3 months	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-09-27` - `2021-11-17`	2 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-17` - `2022-02-09`	6 months	crt.sh
*.mxcdn.net DigiCert SHA2 Secure Server CA	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.ctnsnet.com DigiCert SHA2 Secure Server CA	`2020-10-16` - `2021-11-16`	a year	crt.sh
*.pbp.bf2.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-18` - `2021-11-17`	3 months	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.w55c.net Amazon	`2021-07-29` - `2022-08-27`	a year	crt.sh
*.adition.com AlphaSSL CA - SHA256 - G2	`2021-04-15` - `2022-05-17`	a year	crt.sh
ltmse.com R3	`2021-07-30` - `2021-10-28`	3 months	crt.sh
*.dyntrk.com R3	`2021-08-23` - `2021-11-21`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
meetrics.net R3	`2021-09-22` - `2021-12-21`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
m6r.eu R3	`2021-09-27` - `2021-12-26`	3 months	crt.sh
*.360yield.com Amazon	`2021-07-29` - `2022-08-27`	a year	crt.sh
*.avads.net Go Daddy Secure Certificate Authority - G2	`2021-02-10` - `2022-02-28`	a year	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-02-19`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-09-16` - `2022-03-16`	6 months	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
*.dtscout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-11-03` - `2021-11-03`	a year	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
*.cheqzone.com Amazon	`2021-02-21` - `2022-03-22`	a year	crt.sh
obs.cheqzone.com R3	`2021-08-13` - `2021-11-11`	3 months	crt.sh
*.google.se GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh

This page contains 45 frames:

Primary Page: https://www.hawtcelebs.com/
Frame ID: CD78F78455AF7F2A6811A3282881EFFC
Requests: 227 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html
Frame ID: 06961BA64CE4D910D82A28B2801F4EE1
Requests: 1 HTTP requests in this frame

Frame: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E26C6A159B98C07548A85EB67955407A
Requests: 1 HTTP requests in this frame

Frame: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: ED97BF0EE30074FCA2151B6AAF77D583
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXn2QIQnJvbAhiGsLOxATAB&v=APEucNWDMX30YoFQG9BEnkmcSiA2eliG9Lo_2nCFgP8Tl5OFlhAowKPaSYHtlWvOKUGeikPGixQ0UklCgqjMKXgefYnCyspB3ySMK1TRdy_RFME9wDiOiVG-zKEU0OCselMrKe2OmdBLxjrWu8zCUcrcHESpiJxeSvFiFtL5CHWTPci_Kjj-KYve95tBqj7AjS-WI4mtXSR8BL4WvNxf8izw10Aou7-ftw
Frame ID: 2B233C79016775066A9D4E1808262E80
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2FF5A1EB1D5B55E06492AC2782BF0BC0
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 11224A3B835447E313DF6A529DEB6D29
Requests: 1 HTTP requests in this frame

Frame: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0DF9331370CD90693310F02764866470
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiZ88K0ATAB&v=APEucNV73rK-G3AQDbs_4kqnaAvWx-jGly4xcmwaNIREu47BeQTIklOKSDNYdfAXqOW2bpIgQ4DXQr8bz6X1tFdmZUgbPYGWPQIO-L_qUEEodV8Uy6edxxbe6NMNwItO2B7jBb4_5VjdQT8e8rNIXc8eHmfKW_Yw2zMwoSuHeuD5eq0a316JdJY0uXB-3cICTSx0Sm0oMQei7csvgrDA4SLVK2LrG3lpZg
Frame ID: A50EB443E128F7DD4477585775362326
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CkxuaGmKLkPqcJFlZZmGeJ3D75BE_d1klBVuIP48VWSJNOGSt0XEEU5NPrBjzqyU6OZhcJa2wA3n2WmzTtEdquxyodmFOCmRCxG-YZFlJEsmgAPkQ7jLwYpGwVxpFtWP-MTc28KJ3hAkO1ZbKc9H2Dh5PahA&dbm_d=AKAmf-D9VlTYCQOmG1T4slbu98wpxA_wNXTMD5T-h-s7iytditSwxF-s3xZihyq8nV6m_3oLenJEhSkG9UGx9hx2szFD9mDBGgmq-lUoKZsVONmUlVvF3bVG0qRjL0ANutWZD33oT3VfhZVOeabZ8ojMMXblk9HFEYgqDrw4sg3QvLFJlF0KfCuLGXp509py-YpenEUkLSBM_mzXHs1Z_fyPXIDJC5sUmex8j7lgTj3pBnm_uv3QtqJ-p3Ymda6DI5FTfp3EBoVHw66-rk6UK-SqubmK13rVAYWKKp-gD9j1Jg-JCfFA2GXFCLT9lkQ74PBSxvjIw0SpmLkWNgT9NFYMLrZ3o1KooTOnNooTDkzeiehKqXd5L5NjslfJwpa4SsSAEucepqm_Nt_6jNyg31skIEj3VQV7SDFeEs6-znYe2wlFzMWNJDuzhWsE7NEEYsoKj1pU5l-B8n5_SUnBXlRaVgRi8FTzO6ajvK1kfv1Usc7jkryEC0X9UOYY6Clp91683dCisFyQFC4N965JQxuffIU5lm0bGFFB8ZperbWabgomPDjYKfZUrm07TEEc7_3a8AHjcu1vCkFzecqSwr1NQBil_ca6i00FvnysZ3oS0KLz5WvbsS9rnHpWuS7uqG-7AvtS-EzPtr_1rC4tXuF7uh66MoaBYI4Fc0tXH0_w6O4gEgSsikvzQNnnEUTVWw6hJdEI8RR9crGPgoLVH543MA_PUvkwKfqgLjF8i3m0eRizc80zIJ8fVSpr8W2mrrX5L70A43rx9oivqfL_CL71qi1CsbQeKBCYO6AvoamGedEloVW5j6ryszAfX4MaCHWkoVr7PkW4tKklOm7i1DKHp2UCoQEl8aJJaXCtHPWFLd2iz7icIIATOH3hr7ei3pWG8xegHhes4hMjIzLUt0yh3D3pbxeHBJ_6GUk0Ec7ZuWMD-WPnABgKeJbqnx6cfmbUhONyy8fcA6Shbu8pWh1J_FlW0R3Sbeh5z33vFgS6xeZytZXEaM2rverLXSdmT_NqHAitPZg6c4QROqCFdkKzhAwRdMaDWjX9cMMMhg5p7R7pDNzvZ_x5PdvFyj4X3IuV643BI2Ye1PSJoJLTywkfglrjwbIwhQlFTEd5RB5H63novX6ABqZFJxZFIYNBN4uWY7C52fnCuxUR7_VhMZ9z9u3_FrW1aqZgXcHJzlTtC3weqVBsI-6dodpgCToaPnW7VaDICswZ1XIzS4g1Di9AIGGWpOn-ez7duDuB71ELCfwzPMKItEVu0br6vkeC9viyibhxlGtgjpptW1XiOjQWmHUGZ-SYKiA0HOmNul46Wdf8E2ZGmAyixXWFSqp0qp5YQYp_yu95q9MmWpXEZwx-s4WC2ItMr7cx9REOY92b9CCrIyiObRyXWyBBpvpgdTKK5Ybc8ZMXR0IC1Uo_SdHlCHAUBQ3xQ4nwiKnIqssVwe-kcv5XEpmd8GNQus_0Wp42-YFrX_Z7Nu0v2DqR15jc2P8WEjUulRuXHOqvBvojj79TK8cSVT-KlFG7P5rm-NFPsha4ElGRTxsZ1YqHPh4SsSeHjDKoJ6vOEAFjh9CrDx6C3SegHgnp-GMqgC4NkQn4Q1CUyi3AspcL3mA6dOTjChwdEAeW3UExu0mPIyGuVOVOySKk7nidXhowMYVO4s7hPZTIEOH4y_LWu0WRBN4bATohlJTSsGNllSNlcjJ-hp9gwjkR5sKsRaKsWsj-QZV85bADFLcsWAR0GHpwB5sOx3b33_VgXozQwXD-gmqA0jylPsEuB_kiS1EcRsybi9u-nQ3QrgaL_LNWo_gHdS0WN1H0Qgq-9OfZXwWk0mmj_2OGkFUVz_yLisxCydtxk__9qEJSdJffEreGNwfr2xXlMagzxyzFDjsk2mdCPUTQYIqnxMTSNubfJTnKMTTYJeXut1ZbarF6GrvLjKygyjZfWcVw61j7WbI9Qbqb_OhJRTvF300L-5rwmF-FaM8icE0CFzgPumkn65U20NqZKv_Y6XNts986jDi53_zFXC5_bBMCvraK0YTwlVTzFyxIzes5hhENURwIlCBwxoAZ5WQIwPjaHVbWVBNJFH-vpSEVA62be8ET8408Q3TQvKj1a9_doVeABybT0XwPESkLA2_ifha5kwvPLKD2MUwA59yzudG624gBZf0OH9GTbpCskMVYXRo-YljmtgKrkrITNO349kexpCq6eUEDRFt29T-F5W4COmv44kc8Fl9EQCB9CMv-taoJS2K4pLHEk--Q7L0w3MA3AiE8eDdXHuO0N6ktcGEgKCbJACpXEauF86jMFg9SoxKcLZ9EmU5k3WqDEGhT_38y5_lOn6Sz86_wgAMMNa0VYW1MI99GNcsTJN0flWp-FE6LNxuZ7lULojdSrdYQCCxlXapCwhgmCScbR_5F_h2z0eQTeyQzxcOMT9sfKNSVTHr36ZW73s4kyLzxYuG2FS9ZD5hLxJ61mcZPSsmvf30xvsonXitfoFQHDGcjdTf1LZNZtOVLA_MQvgJYBp0H0SKbBzMVH3R3k7Ky2t4lm0eF9kCKli_Uh161YVqZWGg42wU5tVpc0uv4dfRafTA1-GNUucxxSJ6tv7H5vECjMBSKaSjGXJhNACKr6uklbWNg-h9RGCWAeO8U8EedWqy4rn2gdvhby7GfKiSS4zK6ACVM4kFaRNJnVuviDC3qemSmM89jhIP3JL3FByYN2x08KIvtvAGHAysBhYi5NzpHrnlfj9cFr1XVOIPFuTxgF-bPki7HVvrre2In0kGFhQaZosbtaLYLQ-2cRhw0lEoK3n86uH6-8rTcjnGDp00U0PBaws_zdl8pKO7KaaHrzW1NpbSyFgYP1DsS1yksAPAVKSb5heJrSAaywzdca0spz1PBvPljLXXqpZ5cA-Pj_9dLWgzBCC1CCiT58aKrVrk_xWsWyfgLLYAFH0QP3TuCEKrR-tOphxStoYigJkJTU1pEvWB9rMDVzElFmcDOi9weFL6V0J5MQJLEjzPibyuHHkdqwdGQhX85UHNp0otAxxAKXZapUmL9heaX7__nEVBtfVRb3ADk4SD68Z9v1Fw41yMz3_RUkLeLeAg_BXF_ifD_qslR0X9nWP3dkFifHuwV0oCHFIjnwH0&cid=CAASEuRoN1Vkf3zRgo24YWZzQ82_Mw&rfl=2%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Frame ID: 63E125302BD9D364A50E3454485B6312
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 95E7871624E2D3CC431559567A9F0930
Requests: 9 HTTP requests in this frame

Frame: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9A3F1F5F89C028A17A6D1FBA770844DD
Requests: 15 HTTP requests in this frame

Frame: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4847179324651825A420B165A9AF08B5
Requests: 11 HTTP requests in this frame

Frame: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DBB0527BA706683FC1E6F22313BA59C3
Requests: 11 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/index.html?e=69&leftOffset=0&topOffset=0&c=uo8oqxoif9&t=1&renderingType=2
Frame ID: FFDF7C33F41B64F6F267B4BA0CB2CA7A
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQg-LRwAIYz_KTswEwAQ&v=APEucNWUr0Or2QvYswAOFpUKo2cDdvOutx79ak-Qa7YbNmEHE98eifMFOpqGVzcu3GFzmwBS7Bz6pTy_cD2btNulqGP_s-4ZKEQ8_Siyc_HFk8shY4OhsymtDlyeEnguh2QSeiIDQRb5YGTm4jeK7UBLTB2qZqf86IDRbhx6czSSwuqXF8HaO1YTP-QLlMZN4GsaRtQdkl5bvfvCa0xcBkOhLG7cQ-ejhg
Frame ID: 1631A03EC3F84C98B42F2AAF20B0D730
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhimlbazATAB&v=APEucNU9g8IoI8s4GOYGCH2DcxUcSrPMu3guH-2LFLV58H3qpufeXRDkSx7QteO5jNs6K09JShiugoDzDFQTC24epAsNilyalqKKmk2exq1uDau5kP_titvy5C2gPAkuC6no7Zf3CAravS87DOKB7z1tx7zePKcD7CDBKJPfQmspv6TUlUENbEFOEW1MKTtIlbbsHp7poWA_WrEAlo2sRXxeLKpzdKmV5g
Frame ID: 8C161175CA17FC4D465ECAAFBBCCF930
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxThCIEh-1Us0vlXvbqzvamJPOjIvBGgYZ84mqG24-xgD-9kGv5KGYb2Usp-GHk3XKlR3lM8-eRub5r2mYK7ZRisUdpcfnstCcwxSTvrHtox4aQY_TU3SMI5Q-Id8wey2caHgrqLHCQLiUAFU_CQwaeI-bHA&dbm_d=AKAmf-Dl9rGdYf90qlwDTMkgPXqEIT6D3yggdXb8q-jgSXjIo8latDjnSnInhEr1C-vIabcAD23PF4ryw0ItTFWt_dG9VwqaHw0LjdA0_Q-HzQnX5wHXa5gfbGUg-80Xcjl_cd3hjxGxm06NKzSveXVkb0QzTsvJB-Ol79kAgZS7ZDPucBlozPoQ_mZHPQhs39lmn8NeG9l0DwD2cEFi5qezuXnfHGK0S5jC65T2SDxauemfa8gWqg2KITzRHvfU2oTtejbcKfhy-PQUMmV1x2dFGYbxRvhn9VUm9LVn3Pblz_t_c4h5-rRLmm9D4nZuDaZhmYJYY3cee6dzW7BGp3EcIbWqKUGCCWtSCn2PmGREudxFslYSf0rBt9OI_BIaIAziVm-ual1KnbH1Ax1-OBjNRGve7FNLADCRsvz-nPTeRjEkzSAu7qXClLzrc49ecAtEk3anjGUbdp6cOm8t3L4HdRI4gXTdX_01zhukUCLF107G2VIlZmeD0Nmw8kqEQCFr1PRcEQkze0vW8NPJPJsLyYS_BXGF4x_Et8O0meq7mwEVP3n3URYnEea8WtpDVctvSboTMnDN5eiVV21SSOW3nAVZCF2g0y0uFG49GldOAf_ItpoiejLwZBhbbqSTfnZz5bNjCyCkP3FB-MwKtydMeqwMP3DaTS8WjqwVzLxU4y17svdDJslgkoRyeIdXO1JlQQf22inSMzyGS4z97EJYcHYwWVb8q01k_Eb6cBjL8zIGgd0NVYQak5mkfplY_uaVfn98ItZQqF1a6pBAsMp5rUTbdmrHAfyVDe02EOSuj_nc2OaGeglTog2Y0hqTtm9owfOdhVey8Jq9uUbOt28AH-_XUP1GEPJoIF4R8SqsiJWwxovvTzXlf9igVngQCj-LSSD4M8KJmo77OtnzycOc0alqNPpAwLNSrOCKVLPPl5WJjUzGAdX2Ng0BoY5V8Goy4YOWAXEEgtgcfPRA06UKANQ4Rp-wlbG-76l4-St0u9yd6PXFLEOWGDu7PETaM49_IfxEo_fBaf1O-cCAITswdbhMpqYEP45wZeSGHaxXM09OBQVMIY8vmSat5JtfzpUucQRTnabRCsp5ijDE3sNDKh_xtxCeO1nD5241uUm4g9KbFsatMYXd-TzlsEggw4QtVxPfqh6sBimikFS0sR-RGBbXm9W3OSclensHYrqkF7yzoA-6j1QSXewLaGkUvBAPRSuqZBaHiQEF65H9UBzvEGSKMvhp0vXT_GUKcDJ2MJow6VXsa03KcuKozu5T4YQRsH9m-56vT5fUvTM1vbsu4fry0IuzMFTucrb2tSwSWQMN7pCsefMr4ars_dxkiSd4dMdrY11e1RQVH5C77Hd3s0ryt0YsNoaifelcNUfd2nzXt1BcDsODLRet2cA9lgrdNG7pOPP53DsvlxRENMunbB8oPlErcp69a_eaBDMC7R40Q5eKrrrOjICzJQXT7VqC7mKbLv9C7H6zb3viwMkV3wnV1v41fb_5vpXH15t1OgFzpMBZJiQdTlxCqlefq2kMziWG_z-NyerhKieg5mEWrU0t5q0NW4fEAluHbALcxJTwbmr9QQkjVwPSzUrz4XjeHAxtVoz9zqrKp1Ib6Cfk59tyMZfs3c2kHTmB4kpvmztVPBfcENbe0VhWKbtTvTmDX5rq_2WSsqLcYgyt-xoo2rWGVa1z9h0YbZrz-jxqcpQ7xsk6UGY0FJKkGg-CbRlcsIhKucufJcaF4FDtNakxrzSEyAaFIZAHsxc-RVda31pktZ5YTlvepgDIdQEj8wQ5xE4sxxxpjq1fwNy2aDGubvEKLQ9kqmYRdaJ4-yB50UJLE3G_xLaFnaktCBUAeuzJnfD6Xld1OXrD65sDN-Dg3Pkdec5zyu1Ah84GcuYk-qq60014OjJmkRWAeb5Zas7xFoOV5-nqfidtbwDIeU5Rrvf-7bIO0kZ9xprxZnrJgAaXoG3NN2czu7MbWMUZR8LqnnNpOiBah1dcL0dwUenEALMC1sOao3W41tG5yVBQQSUGb178bVNsdwfW2hb6p4MvV9Fk_R4HvX6aKVItdcprcLcI0oyUSBne5_bnuluCD3Yd7llWioH-GRyO_AhauzOBE44Vzo_gIo5E7iZkoxgrbxwFdnNNx0-OOfNyjZliEKJg64Y4HpimoDAqrgigsTmZvGQi7ct6C_2CzSBmX16Z0M71Wdjk6Sit1-hx6QSN5VhVE5P2Tbn1MoYJy0WctraZNeyaIUpn4E0YNsu3ytDAiwsT1ky8yVqV98veEWG93yIQPBzCRIHdxugH-O3jgzu7aLAfhua3guF8eClWIw3B3ozi4VZS3mKTHDMVU8GSR6mXtD-rKc8zN3kl-w9N9dotortTM9Xw4pqtUPWQ9s0b7FhbWFk2zCyHlSm63Klh6YksfbVwAExxI8TiQLEec11AmsAFx3p0qfV4qfbVqtfRt6YMoXgbOwp6DadTI6H6mjI530ZE8AF9CvFn5ppBmIer3xCOfCAduT8Vzkm2dawMbzLpGUcyhrPRDhEQf1JB7vk9Z17XAs0shQbbkSszN7zyohzX3e5Ke2k9mGjNPbvfWKGOmQ2-k-4xgnKEodBkHAidNYPj7xDYG8JLSDv4XLHBtiRQNPQPvY3EA0BSd0jpIkk5BDD6C3-bq-cVi6k0f_VfCGMoSQlksrbHfCnXVw4U9oXeDpeqfmWPH4-9xN0dEIqbkLCU6Sw8qAx4TXH9YM87WAmrGV_-vxek9JSQJJiiGP-1T5kknGNrp_utecuCDlnRYc_Y7sIONnhxc9f7V552sZATBWYb18qiBfeViET7XKB1oY4Cdv3s3nztUCxcLMC93WrkZqz4OTF-minuWMj6fox4CNPpbXIWz_WZbxv5KCYb706XKHejqgedgUK1D17Vz-ATKhFY8Jlvh3Ffe193vPd2VKkiyEvhHUyPWPY7gBCejoqriptXb720rWyND1I4zeq-z5micaKmmMTqcklsCzja2OAYHNMnOntVzOdDdwer0l2bKJ0ji0uHuwCgP2QQ5xPkTG3yf3IzovHxplJ8pA6XdmY&cid=CAASEuRoj0qcEf8CsyuwUPRJuNlvkg&rfl=2%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Frame ID: 909FEF5A164F9C7C176E7EC65E893877
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiah6SzATAB&v=APEucNWpThLXGBiqmEfeRwEUmeclsXRzReCxXxmKCkYz_gIohBEpJKqYFz7uT7kU3rjx9EiHoTp0E8iNOT2NTTMtvPP9dJCDj3DrB8U-BRiHhs86dSuwLScZPfu-0krpjoolnzk34bEwMzv-JM0BqDDO3rqo2JCCuSU6IpEwj1LCGviz2GNrLJ3oFH0c8fluqOwxJFOMNh8w78n74oAuhleRW3AlxuQReQ
Frame ID: 8751F33E24F68CD963F5D26AE62AA122
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AgnfNCk2TAinVSnsGpn08pKW8zT0htmwRSccw2aKykWwrZBWD3P9x7c7ZWDZKb_lA3KGeDI27P0E1LBVBjjDkogTKDqGsW-QaGvruzOs88HYdbEMD14Ot64ulmsKpJDV_1_B46Lm_X8fKw57H-ktSi6xJmFQ&dbm_d=AKAmf-CiEBC_pWMSGZXZxVogwVe4do42hVnauudplGzUOwF3rKgLotwNY_Y3Ko6gG7m7oCc3q-kOi1cxzXRar_LhltdHje6WrdNct2U92OuU21UeSvAxttHyMp5xXpNz7IQgGNCO4xE3IbCwgDHv9nB7p7b2kjUboLfy4pxXPfEuIEPoUjwu0kGZ2WkczYhfOmGnkuefUkQ19Jg0lZFFmrz4CmB3pVjV6zRHnfrrTN6LRb_8IOUC-POtHdyiU5XNHrVrlc6z61XBM98Ri-7GfPXBQfvcLOtauxh6Tp2ukL2EzGtjdmGRU5guLSAKp5tlZUk2rSo0wr3k53k6iMoc37DDFwlWamwyNQIguPDHzK_5Jg4GVmr2CZOFL8w5GvRNu--IRscSsR0G0j4CwfolDuGRVti_po2Tsg5UCZaAsJ_z1Ue7o8nsa3BHZsz4QEnLZ8qcHpYJ7_quZmT4utktdA9zyO534-AOqaYzoZTZEAtkdFxxYlI3wlJG1g30wJM7dQV-lCkfru2tEI5I5VEAFfBR5pWwCZeR2fAbv8uf-aKkX4bDbCAFsz1KN88cJRcY_T6pIpFJb1UQg1rFoeWDHIMyq_uY8we2EOJ-M8UsBqfKHjDET5zOuVfo3K6AL42L6HCLBXKeWXyyygqbWU9FEYYfXY8MMha-bkfBxd1In-JCzZj-gly8ZnLnDyn-x4UiiH1kNh_13EdnqSas_9SVEnH4H4gBQncDDxPMDcBX2hATzKEGOsNuMLEexgj_uNK7TKt19GrJQsM_XyibsMv6m1Wy2lJfHRqLIjgODUdsPrLplFpR65V5atkCP_cyyri2NLE96YMQmJWf8Ji-95WlnR0FMIu88BlZE_rjHY3TYIVXG1ED9ToQWCHC6wIHAgLvX7aQC6A7MOP8gxOHG9yRwcPePIJ38hPSfoF92Pwv6GR0iHvFkgl6oKnv-rusFVP6EwHOi0JpYVPJhRyACQgNHnZHOfIFFkNgxA8Z00qjTTpqbdYpLzqmRtBIvXRuW9vB7snMqJEqud5mMsAGIgjWZlex5wiGDPzDsuDdpotQFma7XVl7p-B3NDr9Sgq_2NzokYGpqO7CgZ-8SVyHAkYq0vzAzigeYg2cmdj-v6kms2c2G92pZ0G8VPzkT1tXLQFEVacjsSnTgasHlHr2YmKRU0C2_G8rztDDv7oHZb9kBwcBQqE02uLQxIchkP-eFazaQPKH90X_RA_1Fh1UvAeNI4dxrZkPAYw7HyGvVmpua0PYUMomHthlEZOEerItLUn0f0rWBXByve8WYtJs1kCUwtdG0FFmR5LPeIbtj9hBaUJ2B_Ztn8VcNgAe3fzYHklstw4QliQg0WYiq7VqSKIJ28__4fjxvGNY9QNAoU7v0841W_1xZVMdh-retmGTNrqHcNcF7fsdQd3KXHNNVjJdlRf9PvcxrMXK8LwXtjm9GrIbBJaMfHrme92N7RqBC4v4N9Za7YlthuHdJEOsRs-SYRtetvfiXJF3KfVRRgI51S5xacPzVnviLLLCzDHc3lRd3LHPG3YXU4H4sn3jfa-ljQPkuuzWEKArnHUCHGWlM-BY2ssRwd46uA-20DHF7kF7ru9IXg1iouqG7SBkhJMKeTotcHkzKouhLnMFGpyysA0Ib1yME2KjCRP0LVXlSD8AF4VdyAyIWxaRFt_hwZVMR6neEGTnhH9IkHeo4xZ5tqK3QOkMetoZerj24yVR1zPoxyta9DmqiW3FYcKJ7KMqlltfjRrS8HhoddeKfV_jTawpzJLtRB24krn_CmkbDdvxc9vPbGR9uSy9f6JqAAGSvcxVKBDgo4m7pUanEbskGZE51JevTtFtyen6ngidaBeS_C7LwzXNeqFDcT4T7qcuI9APcI-FkX127QeLyA731KLNF1OLf5khIpxat7EHozwoK9crufceImgOKXiDiJH0ymVlVs3dW-U27SFO7-XcCH14ZK8IH67NUQphzelXZH2-ZcLlnPehcq6poCs0d9HYGAC2FfVYwbA2v_TZQRS8s-uJ74PwzB940rT3XchEXs9GVuoblG8FfA4wWfg1MOXUgc6Po-mpL6Ms0tpPOkzsp0NoziJmQEdse0VXwA0eHnZd8ehE6tjQGwUdYffGarbjzsIemGCgiT3YQgcHMwJ5EL_VeAz8o6KkmVRsjMLiYvIm8sCwW2w4XxS7hi508ms4uLnXT_L2sRltYTH5rrYO2VgWmD71Q8UDiJokEma_J4zjZTFjzMRl6AxuEahdxyY03PEQiz3UfNRfCrpqC_ySP6w2qcyM_2zmUsQqylmnzFgrtz1TV460IK9dgDe0U4P2xM7c06-1PParcRfiRaTAesHpOKK4EO-ToE4BDgmNSrpmpKkVVyvIYIQ_QNXO_x1wXHyPWQ2jlvD491zEoTC3_YEnWrD_wPQcI8KhXDGXhYeYfWK7XOMkh3gMGeuAbFNF5Lh8lkTdl8LdmmBpXVXcPHyNpywcO3HJ1JUAFi2Gimg-tsKbi9A3ADEr91RX26Pb69Yg0-1Tz-HKwHdPC_b3fI8Y3M3g8VBopw6hhbiGW3epiVcw2AZULILTl8pU9Ibm66VkOoK9W_IR0vZB-quMJjnxmNplsF-erG7Oh0DvwWJLyJ8ne96zWOzJfSNktP30BzYSkeeIM4uO9tyI8eTOstzywOoF9YRG-_JZlUw4rzI-XagsHXn2CYjLobDGzTkLQjZEiI8PxUE4L36vIpLJ99ijeFsFuUTGjcjQFeZzsaUD0pgC2ywCTLktp6iuhFtmmYZOAAp1FQlvrILo9B7ZwJ-BNRFfclbaZHpYpmsFS54bXfqyijNius5K4n1abaw5QAI1vA5d4IIYUAKYWGNPd52CaZPTTyoG70826t-nB8A1po39VdyhKSbh5UP6_Pmamty_M_xKtsuB3u0dUgJeU4N1T6ZWi5_I042NJSrJq7S46AIt8q8n34Q-Ot3GEVuXVR0NMuO39tJ-0g4RKnJi2DBevQS02pUGuBJ0auPwE2K1-EuEDlmEWf3oTYZAqiDxx6S3g4jBA0Z7igoBFHDgiIDy7rXMIp5gWAU&cid=CAASEuRo-rJAHUC2udyShabffH5PNg&rfl=2%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240
Frame ID: 85F8F9349D71C8B0DF730B4CD15B978D
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 37BCB2389CD2D5D5498FB81FDC94A165
Requests: 9 HTTP requests in this frame

Frame: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0172F60FD318D7C59C54BAEEE785B7A7
Requests: 25 HTTP requests in this frame

Frame: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CEA067BF399A3C8A01B19CB4AB60DECB
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 80B103B133E9971A73BB5DFCAEC46E4F
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhi7m7azATAB&v=APEucNWXr7k26Q3BJcipQHdJbKNiJHcO9EMPkL08uk15djgsnifaodq8UufSt73q_E7Xbpxz9Fd8SEJsyhcAnGcYdOMAJxVn0O70vr35v_V_HFjwXrtXjE2OS8Fv2VkxwSDbhNfnCGzI1g9xi1EelLlExB0eY_IcrHwOIgaQmFQgxHiD1HXkFHSvubJsYIj7p-zaPQAWjyBUvSMyDDu7wA7gN50PWHFUtg
Frame ID: F6A31440EBBD8F22DA5105A6E80BEFFE
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/8264868/1630000993483/index.html
Frame ID: 4B58157778EE3BA4D97C9F625C3A807A
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/9758366/1630426111390/13-IWE-Edition30-Leaderboard-728x90-iRange/index.html
Frame ID: 1C5AB8CC5C84D1AB4910ADB68E35C0A8
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/index.html
Frame ID: 1FC4442E804D581F6CD257CD6C315DB4
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0B83B952F523EB3A74BC4E18EA89491F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A8F8774C6EC1064CB74E318731F3567F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3239ECBC0DB640A769809B56BA1A179C
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61707552/20210720070806802/300x050.html?e=69&leftOffset=0&topOffset=0&c=M0PVzBjkE9&t=1&renderingType=2
Frame ID: 94CB7D1144F612325DF9ECDF5C9FCEBE
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3BD7451F4E8C10D12C1D7823273A7DC8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 18815A6C0C748A53369D70F938E26D4B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F457F46DAA2250B9573FE8A215D1661A
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/index.html
Frame ID: 9B3D9AF47F38689C1C60A92E36195FA8
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 03E0A0DDCADB52C1D8B106BCC914CBB4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0581D041D5B122F60C39E90B931E470B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js
Frame ID: EA18D99983E512B6E6446AB82D1A2861
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 258D2493BE9B35B8A72CF448F7E98FF9
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js
Frame ID: 174D3490632A58671B2FBE8682AD5E3F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 4B922F93D8A5D705E667375E64B05AD0
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F14443CDA51B9B18F825322ECC926343
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 03FE869C4C6D76C546A2E770FE097C97
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=UA-128776493-31
Frame ID: 01B2093533543B07D1175F01566B90D6
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HawtCelebs – Latest Celebrities Pictures

Page URL History Show full URLs

http://www.hawtcelebs.com/ HTTP 301
https://www.hawtcelebs.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

573
Requests

99 %
HTTPS

31 %
IPv6

81
Domains

127
Subdomains

95
IPs

14
Countries

7869 kB
Transfer

15120 kB
Size

104
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://undefined/?ref=www.hawtcelebs.com
Title: Valueimpression

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en

Search URL Search Domain Scan URL

URL: https://neonail.de/katalog/sets/starter-sets/21-days-starter-set.html?utm_source=paidadvertisingoutbrain&utm_medium=nativead&utm_campaign=neonail_general_desktop&obOrigUrl=true
Title: Maniküre für Zuhause: 21 Tage lang Nägel wie im Studio. neonail.de

Search URL Search Domain Scan URL

URL: https://www.fisherinvestments.com/de-de/campaigns/vermoegenserhalt/1a/?PC=OUTDERMEI5&CC=0AE3DNXX&utm_source=Outbrain&utm_medium=Native&utm_campaign=GIFRON_Desktop&utm_term=$publisher_name$&obOrigUrl=true
Title: Wie weit bringt Sie Ihr Erspartes ab 250.000 € im Ruhestand? Grüner Fisher

Search URL Search Domain Scan URL

URL: https://www.freenet.de/unterhaltung/girls/playmate-daniella-chavez-zeigt-sich-offenherzig-auf-instagram-fntdt_8187756_7000088.html?utm_source=$publisher_name$&utm_medium=referral&utm_campaign=outbrain&utm_term=009958bc651b5f7b933833a6eee022ac5c&utm_content=Playmate+Daniella+Chavez+zeigt+sich+offenherzig+auf+Instagram&obOrigUrl=true
Title: Playmate Daniella Chavez zeigt sich offenherzig auf Instagram freenet.de

Search URL Search Domain Scan URL

URL: https://www.americanexpress.com/de-de/amexcited/explore-all/food/foodpairing-mit-den-richtigen-aromen-zur-geschmacksexplosion-631?sourcesuffix=A0000FPW9M&cpid=100442781&utm_source=outbrain&utm_medium=native&utm_campaign=amexcited&utm_term=bild2&obOrigUrl=true
Title: Inspiration beim Foodpairing: Das Zusammenspiel einzelner Aromakomponenten AMEXcited by American Express

Search URL Search Domain Scan URL

URL: https://de.investing.com/magazine/mechaniker-enthuellen-die-autos-die-ihr-geld-am-wenigsten-wert-sind/?utm_source=Outbrain&utm_medium=cpm&utm_campaign=007e0aeb3ee5ac6c42f7276fe092c39f71&utm_content=%5BBilder%5D+Katastrophale+Optik%3A+Diese+Autos+sind+der+Witz+des+Tages&utm_term=$publisher_name$_$section_name$&origin=outbrain&outbrain_params[ad_id]=003fa87bb900ac8c8dd0c81af6a023c0fb&outbrain_params[doc_title]=Mechaniker+enth%C3%BCllen%3A+Von+einem+Kauf+dieses+Autos+w%C3%BCrde+ich+abraten&outbrain_params[doc_author]=Amanda+Jami&outbrain_params[doc_id]=003c54b9a5c22624ebb7dd35228a4d2692&outbrain_params[ad_title]=%5BBilder%5D+Katastrophale+Optik%3A+Diese+Autos+sind+der+Witz+des+Tages&outbrain_params[publish_date]=20210709&outbrain_params[req_id]=$req_id$&outbrain_params[source_id]=$source_id$&outbrain_params[promoted_link_id]=003fa87bb900ac8c8dd0c81af6a023c0fb&outbrain_params[time_stamp]=$time_stamp$&outbrain_params[campaign_id]=007e0aeb3ee5ac6c42f7276fe092c39f71&outbrain_params[uuid]=$uuid$&outbrain_params[section_id]=$section_id$&outbrain_params[section_name]=$section_name$&outbrain_params[publisher_id]=$publisher_id$&outbrain_params[publisher_name]=$publisher_name$&outbrain_params[ob_click_id]=$ob_click_id$&outbrain_params[android_id]=$android_id$&outbrain_params[idfa]=$idfa$&outbrain_params[cpc]=$cpc$&im_dars=1x100_3x100_5x549_7x615&obOrigUrl=true
Title: [Bilder] Katastrophale Optik: Diese Autos sind der Witz des Tages Investing.com - DE

Search URL Search Domain Scan URL

URL: https://rfvtgb.xfreehub.com/worldwide/woodst-ob-ge?utm_source=outbrainjk&utm_campaign=xf-woodst-des-gr-an-11091d&utm_term=$section_name$&utm_medium=$section_id$&utm_bid=$cpc$&utm_t=4&obOrigUrl=true
Title: [Photos] 25+ Bizarre Woodstock Bilder Die Du Noch Nie Gesehen Hast xfreehub

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.hawtcelebs.com/ HTTP 301
https://www.hawtcelebs.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;apnid=44285964100823436

Request Chain 53

https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEZDNEQyRTItN0Q5Ri00REU0LUJFMjYtNjAzMkI2Rjg4MkU4&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEZDNEQyRTItN0Q5Ri00REU0LUJFMjYtNjAzMkI2Rjg4MkU4&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D8FC4D2E2-7D9F-4DE4-BE26-6032B6F882E8 HTTP 302
https://udmserve.net/udm/fetch.pix?pmid=8FC4D2E2-7D9F-4DE4-BE26-6032B6F882E8

Request Chain 55

https://inv-nets.admixer.net/adxcm.aspx?ssp=F74A1705-8854-4390-959E-C24FA4349F88&rurl=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Badmix%3D%24%24visitor_cookie%24%24 HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;admix=61d6f69ca4ef4b349258f3a57e80eda6

Request Chain 56

https://cs.admanmedia.com/sync/underdog?redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bacu%3D%7B%24UID%7D HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;acu=7a6a91335eaacbe18ba04a730019238c096cf569

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_dbm=&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=3

Request Chain 100

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YVHYHMsF6hLiJXr1KpJ1sQAA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_hm=YVHYHMsF6hLiJXr1KpJ1sQAA&google_tc= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=3

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm=&google_dbm=&google_tc=

Request Chain 102

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQyODU5NjQxMDA4MjM0MzY%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQyODU5NjQxMDA4MjM0MzY%3D&google_tc=

Request Chain 121

https://fw.adsafeprotected.com/rfw/bgd/783646/56311260/xbbe/creative/adj?p=APEucNWCE1-MJCoDoVfdQoIZczgo1dLSA2cnepPr7V3ttSEhZ8hOe5E&d=CnkAoCZ_4GZSaXkB1_UuxP0fCqhU-h3a_PJRYmQSkwX4xL2UKcTMCey8ZNSTiYzlheeG4m14BZ-HHxAHJQxPuV_wQo_XKF5anLSaNle6DuIV3g2hSJUsRPHq25LrorXpksswRTCHm4ddF0xt5eOSHkG1zqv1COE4jGMDEukRAKAmf-AXqPmZ8jqvcYaZLFz6Fm9inYDTvQJf6k250f4nCsjdHM0rKJKVKyKieBIUi_AV8_myY1z7c8d7obw5rFpmzbh5aHPSwJCkTlgAzflW2fCyg3sgal5-HrrIYy7CNb8ca5WB4Au-Pn5At46Kw3fVZLU180ZH4m3q07HVvBkgRSojcZyRGannZd-tRDUGdcsueZtwc7fVaVUjmdiGLYX7rA_VRxdG0kS-uJeA6Y3XyXb2AF5irWmLc0nHXYCkTdghcl6W5Xf0jt-s0SzKPz_0VO-7Xl-mP5Dv9ILb_-9iv5sPyjVdjNoC2bppcTznBVxlgrPwZoKyo9Nwsmt-n4GVr538F0KopERgzI0XfanwI6UC4d9pA7Iz8DUR6dcwBSSogbXHtQnoekVaPCXP9qmSUTy0LyD4DVgM2uc4KXXHPbtm9IIhH40tEDgBqtz5Y9RGOS49KmKPDReNqb-sshbCyIDyyeyP_zh80PcXZLIrv2qjgf2Oiu8Q0riO7e8OtYQxs_5NA6bt3c0vHdmGFTgukYBTmTjBCRL_KdZZL7EhZvcKlfNc3jJk-CWTmXUkg92CjPsMvR6Tc2CPScpmOF4axPLVeS_vA3AY8XDijnvs7iT-_kjdii1jg44UrWYKG4rcHqmgEWbXpbbxx2PF18gsSaKFgbINUb-UZLzzxAOb5m6SVVbt10rNVH_jJInyElBiNgdyqgy3r9q0BdyxduBK0frtNlpy9H2xT7Lhou_k3rlpMml5nCyUu-Lp91YfB1UdEVQaML3GUKe9vXsIbVpmxoG5LqbtJ-YE2utwBYwegecs-V11mLnvKM-svpMwJz5p41iYlgExcMbXNzk2GzHBOWyEmCxtl5MC8UOCym7WGJZQ71rT_LesCtk8D4exB7rb41sRjp2kJ3xH2r3gTgKpJP0i2pdzdifkefql790WCJxXhc5bvz90gnZnN9Bt86iau7oNhNzWi_-dG1F7ZBlE9kO31MWka2RnRG-CkLHGNnS19iI0cDgCYUMy7r8A4A_NdLx1RjQOD6A_aCir7lQ3Fm2Us99q41cwm8By8ClZ4sWrrOYQyxRNAIFMgr3sd7hw8DV2Jbcd0r5vYQdt86tLP4JYzQ2pzTRAUzIY_SpBtECZfdgkTuq2GpEQFa9GEbsk-YB7iI6mv5JqkqHyQ64T02hYaHVtY1PAja0vqRDYOVl-Ayp70L264edXDAcn8n9XbMV1TNZrTBQNFleX5Zagt_mYzLC8yDJT9xawn4Q3OChnlKhDd5ejZ9p0A9U3sIsuhLjwAqKZFsVX4AOYG9NZMJJAico_owt4GEhc67urtOLE7vswLMog6hy6wf_m5LWuOnaLdCJl-Bx0XHhUfQ8a-ANLCZFdn-VHCW1wC7ynncM_A9CbJRS3zqWtbOIXuGneSQgbq-SbRtJdlO32sjYab5b8kiyxehjQ5OftT5Omj1v5W5s2YVHjuQO71LoH4HsG1SfSFnnnM0kQ3feeqXMpe41DTxVoA4uUkablAL8FVryPJG7JElf6haeAvUSjEU8-Mi3tb4JDAZETHFZAIu7ZoGiuUHeItAVDLL6ZoUDNdtCQf6tRz1UD-ZFajdIOgRTujgpvLkgmFgbIrGoa11wXLfh4Iw5xrbU6Jd4JLnmEloKC_zwDLyOzawvADv-Etj5MIan8u4PEwTXvRg1on7JAK-kwyvpBjhimwEJAUw2niVtYAUH2R1b3TzniZjclJmyklPeeKb1CnHYv6fBDhgjUNXNAmXpI7zJVOpEyRIZCJLzYSfyqdNSImDQfHnWfxJahHp9tOO5KNioolB-5bsHBMz9s4AgDHNOyfLUmRaj6-MDUgsDcww6TdLR1I_y4mstvGphaBO3Y8nkbN8Jyvvqs_ZndRByEfDG7J_w3tj6jfyIGnIVGIu_UcFfj3MIm_SZppcjZenZ9nIukouUwpg-AIGVGh-PZRvOVE04TKpiTvGc29hHm7cze43QIpU_eNfV5-s5ldrYXscCzlBPFkZzHHxuUTsXBnePZKgJW3vsDkFXDuHsxtBIeByHkt57ELrqmrNlOmUIciiLI-UO4oKi2uxkdkAj8cw_A1eOOnjjnMaFvZoKt5DaIMzUA5y6jzDkSgUTkNBmOtqiRISOfk-kGKFAmE4fgxDPxzS5o1UPFP5rAPkIogfv21hE7Ki9Aei7sNZxciLzP5--r3rhLSDr6mX-3AG9OfZk277tjxbGkAmxJ7ToQk_g96-JnQpUPWNuCTA0gn9dHVCSaQhZae7G1B0Rd0eI0zY0-ZS35LndntOVZeAqtk1s_Yakl5Sq5HeWpBXl51dyRaeBXSKFMoA8aFKcLk55JLPIrslo2P-dqN5sKXCovbkz3jp1Dr_4sExNM5tVTsXKJz-L836EDYDqYrtIKpQEOLK1UcB9qYOLVpEscIhzLUCo2C0wEuR5DGn5WUNflOMilOjPpThzw6nsO2GUOYPCH2xdMSq5zpNHQI1GcoXdKU1yfgQpDNd9xHpTjVDMLBnMZQOB9YWsu7HAGo-XAU6I36e4PCQPM2vGEmBNnJAcxyaGXrF4WM0smPy6DEDA288Kn7CN9aWTMkYdLVtZ4jhtKR-j4KM-yyh1ZcM3lTiECnQwaUKYNleW41PXM5ioktgdRm3z2TPDP5xppaU--Oi4NZhvdXe4zw7QycwSOb-x4yIa_xhSW37KhXm1YuToIpb8zl6SrEgrrcOsJ8WacUEfMuyyO-NYUt0H8qrIvdBPRxNjEFYk-aa_XbePMDxIe3LErlCgWwiVJZsKXEHsfRLgQXi8CLlo3ASHfcNBn1Jvg443BfjF4xQKdonZDnjk7IQggohrzg-Ps3Qtimh82lbPe8bUQOGRDbgjF_baCk39pZc49HSE1a4vBGHblSMpJjK1DLBUxLeP9joZ1WwbKBq63woSVEVV_NsT_umgIL8W4zB2pD3P4MXERkMbzh70tQvaPTF4dXLcxN3qBMBOCaAv48OYMV4PTztVO9nfChtf81nvoANrs2zTR0XcCE9vCFLk_rEhdBc1fI04SmjTgZ_y6ExoWCAASEuRoSxbQ8ZIg3QmrIsnPbBi5mWAB&adsafe_url=https%3A%2F%2Fwww.hawtcelebs.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fa99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fa99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:70d1aa1f-585c-b93b-929f-b574a3fe684a,c:pqtjwJ,sl:outOfView,em:true,fr:false,thd:1,mn:app16ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:3,fm:sKdS65k+11%7C12%7C13*.783646-56311260%7C131%7C1321%7C14,idMap:13*,rp:n,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:16,oid:01b09c9c-1fa1-11ec-a7c3-067f141e2336,v:19.8.245,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWCE1-MJCoDoVfdQoIZczgo1dLSA2cnepPr7V3ttSEhZ8hOe5E&d=CnkAoCZ_4GZSaXkB1_UuxP0fCqhU-h3a_PJRYmQSkwX4xL2UKcTMCey8ZNSTiYzlheeG4m14BZ-HHxAHJQxPuV_wQo_XKF5anLSaNle6DuIV3g2hSJUsRPHq25LrorXpksswRTCHm4ddF0xt5eOSHkG1zqv1COE4jGMDEukRAKAmf-AXqPmZ8jqvcYaZLFz6Fm9inYDTvQJf6k250f4nCsjdHM0rKJKVKyKieBIUi_AV8_myY1z7c8d7obw5rFpmzbh5aHPSwJCkTlgAzflW2fCyg3sgal5-HrrIYy7CNb8ca5WB4Au-Pn5At46Kw3fVZLU180ZH4m3q07HVvBkgRSojcZyRGannZd-tRDUGdcsueZtwc7fVaVUjmdiGLYX7rA_VRxdG0kS-uJeA6Y3XyXb2AF5irWmLc0nHXYCkTdghcl6W5Xf0jt-s0SzKPz_0VO-7Xl-mP5Dv9ILb_-9iv5sPyjVdjNoC2bppcTznBVxlgrPwZoKyo9Nwsmt-n4GVr538F0KopERgzI0XfanwI6UC4d9pA7Iz8DUR6dcwBSSogbXHtQnoekVaPCXP9qmSUTy0LyD4DVgM2uc4KXXHPbtm9IIhH40tEDgBqtz5Y9RGOS49KmKPDReNqb-sshbCyIDyyeyP_zh80PcXZLIrv2qjgf2Oiu8Q0riO7e8OtYQxs_5NA6bt3c0vHdmGFTgukYBTmTjBCRL_KdZZL7EhZvcKlfNc3jJk-CWTmXUkg92CjPsMvR6Tc2CPScpmOF4axPLVeS_vA3AY8XDijnvs7iT-_kjdii1jg44UrWYKG4rcHqmgEWbXpbbxx2PF18gsSaKFgbINUb-UZLzzxAOb5m6SVVbt10rNVH_jJInyElBiNgdyqgy3r9q0BdyxduBK0frtNlpy9H2xT7Lhou_k3rlpMml5nCyUu-Lp91YfB1UdEVQaML3GUKe9vXsIbVpmxoG5LqbtJ-YE2utwBYwegecs-V11mLnvKM-svpMwJz5p41iYlgExcMbXNzk2GzHBOWyEmCxtl5MC8UOCym7WGJZQ71rT_LesCtk8D4exB7rb41sRjp2kJ3xH2r3gTgKpJP0i2pdzdifkefql790WCJxXhc5bvz90gnZnN9Bt86iau7oNhNzWi_-dG1F7ZBlE9kO31MWka2RnRG-CkLHGNnS19iI0cDgCYUMy7r8A4A_NdLx1RjQOD6A_aCir7lQ3Fm2Us99q41cwm8By8ClZ4sWrrOYQyxRNAIFMgr3sd7hw8DV2Jbcd0r5vYQdt86tLP4JYzQ2pzTRAUzIY_SpBtECZfdgkTuq2GpEQFa9GEbsk-YB7iI6mv5JqkqHyQ64T02hYaHVtY1PAja0vqRDYOVl-Ayp70L264edXDAcn8n9XbMV1TNZrTBQNFleX5Zagt_mYzLC8yDJT9xawn4Q3OChnlKhDd5ejZ9p0A9U3sIsuhLjwAqKZFsVX4AOYG9NZMJJAico_owt4GEhc67urtOLE7vswLMog6hy6wf_m5LWuOnaLdCJl-Bx0XHhUfQ8a-ANLCZFdn-VHCW1wC7ynncM_A9CbJRS3zqWtbOIXuGneSQgbq-SbRtJdlO32sjYab5b8kiyxehjQ5OftT5Omj1v5W5s2YVHjuQO71LoH4HsG1SfSFnnnM0kQ3feeqXMpe41DTxVoA4uUkablAL8FVryPJG7JElf6haeAvUSjEU8-Mi3tb4JDAZETHFZAIu7ZoGiuUHeItAVDLL6ZoUDNdtCQf6tRz1UD-ZFajdIOgRTujgpvLkgmFgbIrGoa11wXLfh4Iw5xrbU6Jd4JLnmEloKC_zwDLyOzawvADv-Etj5MIan8u4PEwTXvRg1on7JAK-kwyvpBjhimwEJAUw2niVtYAUH2R1b3TzniZjclJmyklPeeKb1CnHYv6fBDhgjUNXNAmXpI7zJVOpEyRIZCJLzYSfyqdNSImDQfHnWfxJahHp9tOO5KNioolB-5bsHBMz9s4AgDHNOyfLUmRaj6-MDUgsDcww6TdLR1I_y4mstvGphaBO3Y8nkbN8Jyvvqs_ZndRByEfDG7J_w3tj6jfyIGnIVGIu_UcFfj3MIm_SZppcjZenZ9nIukouUwpg-AIGVGh-PZRvOVE04TKpiTvGc29hHm7cze43QIpU_eNfV5-s5ldrYXscCzlBPFkZzHHxuUTsXBnePZKgJW3vsDkFXDuHsxtBIeByHkt57ELrqmrNlOmUIciiLI-UO4oKi2uxkdkAj8cw_A1eOOnjjnMaFvZoKt5DaIMzUA5y6jzDkSgUTkNBmOtqiRISOfk-kGKFAmE4fgxDPxzS5o1UPFP5rAPkIogfv21hE7Ki9Aei7sNZxciLzP5--r3rhLSDr6mX-3AG9OfZk277tjxbGkAmxJ7ToQk_g96-JnQpUPWNuCTA0gn9dHVCSaQhZae7G1B0Rd0eI0zY0-ZS35LndntOVZeAqtk1s_Yakl5Sq5HeWpBXl51dyRaeBXSKFMoA8aFKcLk55JLPIrslo2P-dqN5sKXCovbkz3jp1Dr_4sExNM5tVTsXKJz-L836EDYDqYrtIKpQEOLK1UcB9qYOLVpEscIhzLUCo2C0wEuR5DGn5WUNflOMilOjPpThzw6nsO2GUOYPCH2xdMSq5zpNHQI1GcoXdKU1yfgQpDNd9xHpTjVDMLBnMZQOB9YWsu7HAGo-XAU6I36e4PCQPM2vGEmBNnJAcxyaGXrF4WM0smPy6DEDA288Kn7CN9aWTMkYdLVtZ4jhtKR-j4KM-yyh1ZcM3lTiECnQwaUKYNleW41PXM5ioktgdRm3z2TPDP5xppaU--Oi4NZhvdXe4zw7QycwSOb-x4yIa_xhSW37KhXm1YuToIpb8zl6SrEgrrcOsJ8WacUEfMuyyO-NYUt0H8qrIvdBPRxNjEFYk-aa_XbePMDxIe3LErlCgWwiVJZsKXEHsfRLgQXi8CLlo3ASHfcNBn1Jvg443BfjF4xQKdonZDnjk7IQggohrzg-Ps3Qtimh82lbPe8bUQOGRDbgjF_baCk39pZc49HSE1a4vBGHblSMpJjK1DLBUxLeP9joZ1WwbKBq63woSVEVV_NsT_umgIL8W4zB2pD3P4MXERkMbzh70tQvaPTF4dXLcxN3qBMBOCaAv48OYMV4PTztVO9nfChtf81nvoANrs2zTR0XcCE9vCFLk_rEhdBc1fI04SmjTgZ_y6ExoWCAASEuRoSxbQ8ZIg3QmrIsnPbBi5mWAB

Request Chain 159

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_dbm=&google_tc=

Request Chain 160

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzgwYjRiOWQtY2E2My0yNjNkLWY1ZWMtN2M1NmMzOGFiYmQ4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzgwYjRiOWQtY2E2My0yNjNkLWY1ZWMtN2M1NmMzOGFiYmQ4&google_tc=

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm=&google_dbm=&google_tc= HTTP 302
https://sync.teads.tv/um?eid=3&uid=&google_error=3

Request Chain 181

https://ads.travelaudience.com/google_pixel?google_gid=CAESEHqP2ia1TSuqoiW1lzOH8b0&google_cver=1&google_push=AYg5qPKNTW9Xa93VlIK0lCliK0cFsd0G211AQSlqS8z306LIoPNgLVBa1dJQ90rv2W4ijqGffGmDqyFtZGn1Y8NDASCX0OQPkOmt HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=9LvPczokRBmk7ReC0sBXMQ2&google_push=AYg5qPKNTW9Xa93VlIK0lCliK0cFsd0G211AQSlqS8z306LIoPNgLVBa1dJQ90rv2W4ijqGffGmDqyFtZGn1Y8NDASCX0OQPkOmt HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=9LvPczokRBmk7ReC0sBXMQ2&google_push=AYg5qPKNTW9Xa93VlIK0lCliK0cFsd0G211AQSlqS8z306LIoPNgLVBa1dJQ90rv2W4ijqGffGmDqyFtZGn1Y8NDASCX0OQPkOmt&google_tc= HTTP 302
https://ads.travelaudience.com/google_match.ashx?google_error=3

Request Chain 182

https://d5p.de17a.com/cookies/google?google_gid=CAESEGvIZeJS4ds9DXyNgw6sm-I&google_cver=1&google_push=AYg5qPIrN25QqNd1KbiZAERK4nzUV2nlBGVRtcaxS0o4ugxMHMRP0I3JoPAqkxdcqKm0zHGuZ4eW1-gCFo4pV2oaIOrV8-KUC5ZT HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGvIZeJS4ds9DXyNgw6sm-I&google_cver=1&google_push=AYg5qPIrN25QqNd1KbiZAERK4nzUV2nlBGVRtcaxS0o4ugxMHMRP0I3JoPAqkxdcqKm0zHGuZ4eW1-gCFo4pV2oaIOrV8-KUC5ZT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIrN25QqNd1KbiZAERK4nzUV2nlBGVRtcaxS0o4ugxMHMRP0I3JoPAqkxdcqKm0zHGuZ4eW1-gCFo4pV2oaIOrV8-KUC5ZT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIrN25QqNd1KbiZAERK4nzUV2nlBGVRtcaxS0o4ugxMHMRP0I3JoPAqkxdcqKm0zHGuZ4eW1-gCFo4pV2oaIOrV8-KUC5ZT&google_tc= HTTP 302
https://d5p.de17a.com/cookies/google?google_error=3

Request Chain 183

https://rtb.openx.net/sync/dds?google_gid=CAESEAUs1CqJZm4InAkMFVpAZHo&google_cver=1&google_push=AYg5qPK7Wni689cUGDUUyz0zx61uu_8NkmScRHuEuBrDMDnH1mLlbWNBsygmykGSwYoVFo0lXn5JLPcqwjmQ5MnKEPaDywj7q74 HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEAUs1CqJZm4InAkMFVpAZHo&google_cver=1&google_push=AYg5qPK7Wni689cUGDUUyz0zx61uu_8NkmScRHuEuBrDMDnH1mLlbWNBsygmykGSwYoVFo0lXn5JLPcqwjmQ5MnKEPaDywj7q74&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPK7Wni689cUGDUUyz0zx61uu_8NkmScRHuEuBrDMDnH1mLlbWNBsygmykGSwYoVFo0lXn5JLPcqwjmQ5MnKEPaDywj7q74&google_hm=izISa6qSwbcGeGpY2nFPAg== HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPK7Wni689cUGDUUyz0zx61uu_8NkmScRHuEuBrDMDnH1mLlbWNBsygmykGSwYoVFo0lXn5JLPcqwjmQ5MnKEPaDywj7q74&google_hm=izISa6qSwbcGeGpY2nFPAg==&google_tc= HTTP 302
https://rtb.openx.net/sync/dds?google_error=3

Request Chain 184

https://google-sync.rutarget.ru/sync?google_gid=CAESEGkxARm14AnK9qVsNM94EzM&google_cver=1&google_push=AYg5qPIhod6u8VZ32NP0mwHxYibD_As-VIrIY7QvNGUavQsnO0G4QOWh9-NyXnlfE994GsqGTZNMMDAO6pmsLV5YkNvpOj_332xu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=aXE4em5hNVpJQWdU&google_ula=2046794&google_push=AYg5qPIhod6u8VZ32NP0mwHxYibD_As-VIrIY7QvNGUavQsnO0G4QOWh9-NyXnlfE994GsqGTZNMMDAO6pmsLV5YkNvpOj_332xu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=aXE4em5hNVpJQWdU&google_ula=2046794&google_push=AYg5qPIhod6u8VZ32NP0mwHxYibD_As-VIrIY7QvNGUavQsnO0G4QOWh9-NyXnlfE994GsqGTZNMMDAO6pmsLV5YkNvpOj_332xu&google_tc= HTTP 302
https://google-sync.rutarget.ru/sync?google_error=3

Request Chain 185

https://cs.media.net/cksync?type=g&google_gid=CAESEDwWNsJsMOaoXKj2u2oK3pM&google_cver=1&google_push=AYg5qPL2UIHhWndvBFj8T9D5tJXSjkc9xZHhIvEjSFoYKmDsyfnLr1gkB5h6d9NpjFgdZBdzQ0Ja18sZXG6WpyHOoyx0XhydkWs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc1NzU1MjkyOTg2MDE5ODAwMFYxMA%3d%3d&mn_hm=Mjc1NzU1MjkyOTg2MDE5ODAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPL2UIHhWndvBFj8T9D5tJXSjkc9xZHhIvEjSFoYKmDsyfnLr1gkB5h6d9NpjFgdZBdzQ0Ja18sZXG6WpyHOoyx0XhydkWs&gdpr=&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc1NzU1MjkyOTg2MDE5ODAwMFYxMA%3D%3D&mn_hm=Mjc1NzU1MjkyOTg2MDE5ODAwMFYxMA%3D%3D&google_sc=1&google_push=AYg5qPL2UIHhWndvBFj8T9D5tJXSjkc9xZHhIvEjSFoYKmDsyfnLr1gkB5h6d9NpjFgdZBdzQ0Ja18sZXG6WpyHOoyx0XhydkWs&gdpr=&gdpr_consent=&google_tc= HTTP 302
https://cs.media.net/cksync?type=g&mn_hm=Mjc1NzU1MjkyOTg2MDE5ODAwMFYxMA%3D%3D&gdpr=&gdpr_consent=&google_error=3

Request Chain 186

https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEGexLC7PezEiPOpdRGqTRvc&google_cver=1&google_push=AYg5qPJXWqaxUq_1Y3LfXCRepvUojhaKRggo-KeH2wGsrP-o-FSFwFmG0Fkne2BDDy2Tp1BzXyupYSVXOPDTrLYrRkEvtTYlO6Qz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtODlkYzkyNzUyZDMwNDIwYzYyMjY5MTBjMWE4YmU4NzU=&google_push=AYg5qPJXWqaxUq_1Y3LfXCRepvUojhaKRggo-KeH2wGsrP-o-FSFwFmG0Fkne2BDDy2Tp1BzXyupYSVXOPDTrLYrRkEvtTYlO6Qz HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtODlkYzkyNzUyZDMwNDIwYzYyMjY5MTBjMWE4YmU4NzU=&google_push=AYg5qPJXWqaxUq_1Y3LfXCRepvUojhaKRggo-KeH2wGsrP-o-FSFwFmG0Fkne2BDDy2Tp1BzXyupYSVXOPDTrLYrRkEvtTYlO6Qz&google_tc= HTTP 302
https://cs.chocolateplatform.com/pub?pid=ebda&google_error=3

Request Chain 207

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm=&google_dbm=&google_tc=

Request Chain 208

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=021d3fd3-1fa1-11ec-bf8f-129210fe0306 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDIyMTlkOGYtMWZhMS0xMWVjLThlMTktMWVlNWI5ZTEwMTA2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDIyMTlkOGYtMWZhMS0xMWVjLThlMTktMWVlNWI5ZTEwMTA2&google_tc=

Request Chain 210

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm=&google_dbm=&google_tc=

Request Chain 211

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=02219dc3-1fa1-11ec-8e19-1ee5b9e10106 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDIyMTlkOGYtMWZhMS0xMWVjLThlMTktMWVlNWI5ZTEwMTA2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDIyMTlkOGYtMWZhMS0xMWVjLThlMTktMWVlNWI5ZTEwMTA2&google_tc=

Request Chain 213

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm=&google_dbm=&_origin=1&google_tc= HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=&_origin=1&google_error=3 HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?uid=&_origin=1&google_error=3&apid=UP022297f2-1fa1-11ec-a5a1-06f6161f24a4

Request Chain 214

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP022297f2-1fa1-11ec-a5a1-06f6161f24a4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVAwMjIyOTdmMi0xZmExLTExZWMtYTVhMS0wNmY2MTYxZjI0YTQ%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVAwMjIyOTdmMi0xZmExLTExZWMtYTVhMS0wNmY2MTYxZjI0YTQ%3D&google_tc= HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=&google_error=3 HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?uid=&google_error=3&apid=UP022297f2-1fa1-11ec-a5a1-06f6161f24a4

Request Chain 215

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1FV2pBeDlORTJ1RkdQZWxxYW9nOVhXZXl2MlJYcnRMcX5B HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1FV2pBeDlORTJ1RkdQZWxxYW9nOVhXZXl2MlJYcnRMcX5B&google_tc=

Request Chain 228

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPNM0kxmDiLhja2tOchkVCI&google_cver=1&google_push=AYg5qPJlSs5OuC9hFE5TUSfkK85dEKR5ZT6yzoW-QYQe3cYytaaUkbKNrJA_nF8Ra84-aJ5HJtBzmzRUlDPrxy4cT4s-1lvS7Sh2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJlSs5OuC9hFE5TUSfkK85dEKR5ZT6yzoW-QYQe3cYytaaUkbKNrJA_nF8Ra84-aJ5HJtBzmzRUlDPrxy4cT4s-1lvS7Sh2&google_hm=OMbRQV4hT6mx17_-Wla-akk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJlSs5OuC9hFE5TUSfkK85dEKR5ZT6yzoW-QYQe3cYytaaUkbKNrJA_nF8Ra84-aJ5HJtBzmzRUlDPrxy4cT4s-1lvS7Sh2&google_hm=OMbRQV4hT6mx17_-Wla-akk&google_tc= HTTP 302
https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_error=3

Request Chain 229

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJJe-OjCxwyCergKJ653Pok&google_cver=1&google_push=AYg5qPKRuImU26Me_QxChJJUB3hdJJzbk_h2_itB6WHSRLb0GkXQjeiq-T6rOlNodIIlly0ODGxqfxa3p5m-UG1Pza5g1eE9fz7x HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKRuImU26Me_QxChJJUB3hdJJzbk_h2_itB6WHSRLb0GkXQjeiq-T6rOlNodIIlly0ODGxqfxa3p5m-UG1Pza5g1eE9fz7x&google_hm=NzM5NzcxMDI1NzQ4MDI2Mjc4NQ%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKRuImU26Me_QxChJJUB3hdJJzbk_h2_itB6WHSRLb0GkXQjeiq-T6rOlNodIIlly0ODGxqfxa3p5m-UG1Pza5g1eE9fz7x&google_hm=NzM5NzcxMDI1NzQ4MDI2Mjc4NQ%3D%3D&google_tc= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adx?google_error=3

Request Chain 230

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEG6SyJ71zBD1f99jg42GjaU&google_cver=1&google_push=AYg5qPKi_o9JApUaOKQHTGeuDjw_xb7ODIcY1ky2p-kKGcEiG5pAybcpJfldkAD4_asx2Vm9sH-fsIan_oR7EOZo6a4jTFLPROu_ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVHYHMsF6hLiJXr1KpJ1sQAABE8AAAIB&google_cver=1&google_push=AYg5qPKi_o9JApUaOKQHTGeuDjw_xb7ODIcY1ky2p-kKGcEiG5pAybcpJfldkAD4_asx2Vm9sH-fsIan_oR7EOZo6a4jTFLPROu_&google_gid=CAESEG6SyJ71zBD1f99jg42GjaU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVHYHMsF6hLiJXr1KpJ1sQAABE8AAAIB&google_cver=1&google_push=AYg5qPKi_o9JApUaOKQHTGeuDjw_xb7ODIcY1ky2p-kKGcEiG5pAybcpJfldkAD4_asx2Vm9sH-fsIan_oR7EOZo6a4jTFLPROu_&google_gid=CAESEG6SyJ71zBD1f99jg42GjaU&google_tc=

Request Chain 232

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOUPwhsvqNYcPvx4tm4qNkA&google_cver=1&google_push=AYg5qPL6asrjDxqPyZut2A51uDH7g2GP-IHr6KGLPLZjpLKDLydtjOpGpbaFsERX5Q7LKdGpSB0iwrvYQRgt5claVL-vbyCHgtl7 HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOUPwhsvqNYcPvx4tm4qNkA&google_cver=1&google_push=AYg5qPL6asrjDxqPyZut2A51uDH7g2GP-IHr6KGLPLZjpLKDLydtjOpGpbaFsERX5Q7LKdGpSB0iwrvYQRgt5claVL-vbyCHgtl7&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL6asrjDxqPyZut2A51uDH7g2GP-IHr6KGLPLZjpLKDLydtjOpGpbaFsERX5Q7LKdGpSB0iwrvYQRgt5claVL-vbyCHgtl7&google_hm=99b702b97cd180b9613d832a HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL6asrjDxqPyZut2A51uDH7g2GP-IHr6KGLPLZjpLKDLydtjOpGpbaFsERX5Q7LKdGpSB0iwrvYQRgt5claVL-vbyCHgtl7&google_hm=99b702b97cd180b9613d832a&google_tc=

Request Chain 233

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEMhGAsbUUaYtizJPWrXiHaE&google_cver=1&google_push=AYg5qPKSDvXdPT2bB9Lxqj6PR1JKC-cavN0X6-e7QpBWNjwtM9sL1KSFxdDQ2dDU5rpJbEVSTRFBbDOmk_IsJlzuhP6jKMUFTvo HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-cc76c41d-ce22-4396-a8d1-298410bfa19a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKSDvXdPT2bB9Lxqj6PR1JKC-cavN0X6-e7QpBWNjwtM9sL1KSFxdDQ2dDU5rpJbEVSTRFBbDOmk_IsJlzuhP6jKMUFTvo%26google_hm%3DA8x2xB3OIkOWqNEphBC_oZo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKSDvXdPT2bB9Lxqj6PR1JKC-cavN0X6-e7QpBWNjwtM9sL1KSFxdDQ2dDU5rpJbEVSTRFBbDOmk_IsJlzuhP6jKMUFTvo&google_hm=A8x2xB3OIkOWqNEphBC_oZo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKSDvXdPT2bB9Lxqj6PR1JKC-cavN0X6-e7QpBWNjwtM9sL1KSFxdDQ2dDU5rpJbEVSTRFBbDOmk_IsJlzuhP6jKMUFTvo&google_hm=A8x2xB3OIkOWqNEphBC_oZo&google_tc= HTTP 302
https://sync.1rx.io/syncpixel/rmpssp?sub=google&google_error=3

Request Chain 234

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEJoxjdCqEikM7wy4FfrHohM&google_cver=1&google_push=AYg5qPISgghNTf90Cap6NeMwn3LYmXqCq8pq3h7cfeq9J15snScJ9QiqyeWtjBhO0sMbndfKANM6gmGA1UNYauNVBRoP2r2PriGO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTBlNmU4YmItYmQxYS00NGY0LWI3MzMtOWVkYmVlMmI5OWM5&google_push=AYg5qPISgghNTf90Cap6NeMwn3LYmXqCq8pq3h7cfeq9J15snScJ9QiqyeWtjBhO0sMbndfKANM6gmGA1UNYauNVBRoP2r2PriGO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTBlNmU4YmItYmQxYS00NGY0LWI3MzMtOWVkYmVlMmI5OWM5&google_push=AYg5qPISgghNTf90Cap6NeMwn3LYmXqCq8pq3h7cfeq9J15snScJ9QiqyeWtjBhO0sMbndfKANM6gmGA1UNYauNVBRoP2r2PriGO&google_tc= HTTP 302
https://match.sharethrough.com/sync/v1?google_error=3

Request Chain 267

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A//red.vtracy.de/tr_aa%3Fv3%3Dvi-25096020-643e-404f-a0bc-b919da1fab1c%26adid%3Dk26225744_s6273635_p310386514_c156386358%26userId%3D%25%25COOKIE%25%25%26tr_timestamp%3D1632753692996 HTTP 302
https://red.vtracy.de/tr_aa?v3=vi-25096020-643e-404f-a0bc-b919da1fab1c&adid=k26225744_s6273635_p310386514_c156386358&userId=7012623713859270801&tr_timestamp=1632753692996

Request Chain 268

https://cm.g.doubleclick.net/pixel?google_nid=vivakide_dmp2&google_cm&v3=vi-25096020-643e-404f-a0bc-b919da1fab1c&adid=k26225744_s6273635_p310386514_c156386358&tr_timestamp=1632753692997 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=vivakide_dmp2&google_cm=&v3=vi-25096020-643e-404f-a0bc-b919da1fab1c&adid=k26225744_s6273635_p310386514_c156386358&tr_timestamp=1632753692997&google_tc= HTTP 302
https://red.vtracy.de/tr_cm?v3=vi-25096020-643e-404f-a0bc-b919da1fab1c&adid=k26225744_s6273635_p310386514_c156386358&tr_timestamp=1632753692997&google_error=3

Request Chain 269

https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-25096020-643e-404f-a0bc-b919da1fab1c HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-25096020-643e-404f-a0bc-b919da1fab1c HTTP 302
https://red.vtracy.de/tr_ttd.tr?&tdid=91e5044f-5df7-4a65-b60c-01f76a9ed948&ttd_puid=vi-25096020-643e-404f-a0bc-b919da1fab1c&ttd_puid=vi-25096020-643e-404f-a0bc-b919da1fab1c

Request Chain 274

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_dbm=&google_tc= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=&google_error=3

Request Chain 275

https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTkzZDM5Y2Q5M2YzNzgzY2MwZWU0MWQwZTU1MGFlMjE=&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTkzZDM5Y2Q5M2YzNzgzY2MwZWU0MWQwZTU1MGFlMjE=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&redirectId=-1&gdpr=0&gdpr_consent=&google_error=3

Request Chain 276

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm=&google_dbm=&google_tc= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=&google_error=3

Request Chain 301

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIYgjjlJ4uM8DjjVJZXI2GQ&google_cver=1&google_push=AYg5qPL6Md_XN0awegOFjuQhUBtPPDr-zmwDSMCLItffObv_qoZJKwyZHzPOrJUoOFLugU1l6ahR6pL4KfHrHbR88p9oHGejkI4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzcwNjk1Mzc0NjI0MjYzODcyOQ== HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm=&google_sc=&google_hm=NzcwNjk1Mzc0NjI0MjYzODcyOQ==&google_tc=

Request Chain 303

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOrz3hdBdEtKIgKOCqhkOBY&google_cver=1&google_push=AYg5qPJQZ-kNKBqyQgR33YB60XQtU0VySKy2XLOOyx_Tj28Xh4LrraZnZ_ZgnLRc457yqBiUaeaYv1gu5xAIOCttpH0Y5859s74 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOrz3hdBdEtKIgKOCqhkOBY&google_cver=1&google_push=AYg5qPJQZ-kNKBqyQgR33YB60XQtU0VySKy2XLOOyx_Tj28Xh4LrraZnZ_ZgnLRc457yqBiUaeaYv1gu5xAIOCttpH0Y5859s74 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bURPaGlUOFQxTXVST1o1&google_gid=CAESEOrz3hdBdEtKIgKOCqhkOBY&google_cver=1&google_push=AYg5qPJQZ-kNKBqyQgR33YB60XQtU0VySKy2XLOOyx_Tj28Xh4LrraZnZ_ZgnLRc457yqBiUaeaYv1gu5xAIOCttpH0Y5859s74 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bURPaGlUOFQxTXVST1o1&google_gid=CAESEOrz3hdBdEtKIgKOCqhkOBY&google_cver=1&google_push=AYg5qPJQZ-kNKBqyQgR33YB60XQtU0VySKy2XLOOyx_Tj28Xh4LrraZnZ_ZgnLRc457yqBiUaeaYv1gu5xAIOCttpH0Y5859s74&google_tc= HTTP 302
https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_error=3

Request Chain 304

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFutXn4o_nmRZ5TuFjBbFAw&google_cver=1&google_push=AYg5qPIHOgEBiMg93QOfFE5Rdc0ZI-7XrMiewACSNdulfQSQRWKcHKikYNbFXM1za9l_q5JlQYG6qClzrAU3BWQ9umg-DDwLh38 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxMjYyMzcxMzg1OTI3MDgwMQ%3D%3D&google_push=AYg5qPIHOgEBiMg93QOfFE5Rdc0ZI-7XrMiewACSNdulfQSQRWKcHKikYNbFXM1za9l_q5JlQYG6qClzrAU3BWQ9umg-DDwLh38 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxMjYyMzcxMzg1OTI3MDgwMQ%3D%3D&google_push=AYg5qPIHOgEBiMg93QOfFE5Rdc0ZI-7XrMiewACSNdulfQSQRWKcHKikYNbFXM1za9l_q5JlQYG6qClzrAU3BWQ9umg-DDwLh38&google_tc= HTTP 302
https://imagesrv.adition.com/1x1.gif?google_error=3

Request Chain 305

https://ads.travelaudience.com/google_pixel?google_gid=CAESEHqP2ia1TSuqoiW1lzOH8b0&google_cver=1&google_push=AYg5qPKNewlinsVb2mpK6G-g9gglBhZ-13tzkF0OLhxLBXq5bO-30Ej2pZKGpTCnl2kxynx0BkiVtc0B2wX3AHYlIAedHsk9ISQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=9LvPczokRBmk7ReC0sBXMQ2&google_push=AYg5qPKNewlinsVb2mpK6G-g9gglBhZ-13tzkF0OLhxLBXq5bO-30Ej2pZKGpTCnl2kxynx0BkiVtc0B2wX3AHYlIAedHsk9ISQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=9LvPczokRBmk7ReC0sBXMQ2&google_push=AYg5qPKNewlinsVb2mpK6G-g9gglBhZ-13tzkF0OLhxLBXq5bO-30Ej2pZKGpTCnl2kxynx0BkiVtc0B2wX3AHYlIAedHsk9ISQ&google_tc= HTTP 302
https://ads.travelaudience.com/google_match.ashx?google_error=3

Request Chain 306

https://px.adhigh.net/p/gm/rub?google_gid=CAESEOzb0JLQJSMw8h9cx7dbV0U&google_cver=1&google_push=AYg5qPK48g5zp3sIaVu0vHVG6yl7EthfpG5a8CEcxFDI2QcOEEm2OS__U8RCCrPkri1JdoQcHJdBtAPSQKiriBl--979QukcF-0 HTTP 302
https://px.adhigh.net/p/gm/rub?google_gid=CAESEOzb0JLQJSMw8h9cx7dbV0U&google_cver=1&google_push=AYg5qPK48g5zp3sIaVu0vHVG6yl7EthfpG5a8CEcxFDI2QcOEEm2OS__U8RCCrPkri1JdoQcHJdBtAPSQKiriBl--979QukcF-0&bounced=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPK48g5zp3sIaVu0vHVG6yl7EthfpG5a8CEcxFDI2QcOEEm2OS__U8RCCrPkri1JdoQcHJdBtAPSQKiriBl--979QukcF-0&google_hm=-QO_PgJtdBMAAikABlF8J7QyeA%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPK48g5zp3sIaVu0vHVG6yl7EthfpG5a8CEcxFDI2QcOEEm2OS__U8RCCrPkri1JdoQcHJdBtAPSQKiriBl--979QukcF-0&google_hm=-QO_PgJtdBMAAikABlF8J7QyeA%3D%3D&google_tc= HTTP 302
https://px.adhigh.net/p/cm/goog_rub?google_error=3

Request Chain 307

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEC7u_98JPDJg0jqJEVw_Oes&google_cver=1&google_push=AYg5qPJf6lGcYlsnaEoHxQxMKJup9TX7J2EKoOKrUVDZpKVIzN1CYIqztW_6Jq4JhF3oS7hHqChO0cLWqLNK09NM20-zsXU4sFA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPJf6lGcYlsnaEoHxQxMKJup9TX7J2EKoOKrUVDZpKVIzN1CYIqztW_6Jq4JhF3oS7hHqChO0cLWqLNK09NM20-zsXU4sFA&google_hm=MTYzNDMyMzEwMzE5MTg3OTk5NQ%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPJf6lGcYlsnaEoHxQxMKJup9TX7J2EKoOKrUVDZpKVIzN1CYIqztW_6Jq4JhF3oS7hHqChO0cLWqLNK09NM20-zsXU4sFA&google_hm=MTYzNDMyMzEwMzE5MTg3OTk5NQ%3D%3D&google_tc= HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_error=3 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=&google_hm=MTYzNDMyMzEwMzE5MTg3OTk5NQ%3D%3D HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_error=5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=&google_hm=MTYzNDMyMzEwMzE5MTg3OTk5NQ%3D%3D HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_error=5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=&google_hm=MTYzNDMyMzEwMzE5MTg3OTk5NQ%3D%3D HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_error=5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=&google_hm=MTYzNDMyMzEwMzE5MTg3OTk5NQ%3D%3D HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_error=5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=&google_hm=MTYzNDMyMzEwMzE5MTg3OTk5NQ%3D%3D HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_error=5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=&google_hm=MTYzNDMyMzEwMzE5MTg3OTk5NQ%3D%3D HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_error=5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=&google_hm=MTYzNDMyMzEwMzE5MTg3OTk5NQ%3D%3D HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_error=5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=&google_hm=MTYzNDMyMzEwMzE5MTg3OTk5NQ%3D%3D HTTP 302
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_error=5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=&google_hm=MTYzNDMyMzEwMzE5MTg3OTk5NQ%3D%3D

Request Chain 312

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOrz3hdBdEtKIgKOCqhkOBY&google_cver=1&google_push=AYg5qPLgixw-o2mieTYsi45_YIbyz_BaLtL-pnTxzSSpjj_OkGDo5bZaxwUcVzU-SbXOJ-IE8v03MUWRp-aPD2wHtlTWLLp1qQ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOrz3hdBdEtKIgKOCqhkOBY&google_cver=1&google_push=AYg5qPLgixw-o2mieTYsi45_YIbyz_BaLtL-pnTxzSSpjj_OkGDo5bZaxwUcVzU-SbXOJ-IE8v03MUWRp-aPD2wHtlTWLLp1qQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bURPaGlUOFQxTXVST1o1&google_gid=CAESEOrz3hdBdEtKIgKOCqhkOBY&google_cver=1&google_push=AYg5qPLgixw-o2mieTYsi45_YIbyz_BaLtL-pnTxzSSpjj_OkGDo5bZaxwUcVzU-SbXOJ-IE8v03MUWRp-aPD2wHtlTWLLp1qQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bURPaGlUOFQxTXVST1o1&google_gid=CAESEOrz3hdBdEtKIgKOCqhkOBY&google_cver=1&google_push=AYg5qPLgixw-o2mieTYsi45_YIbyz_BaLtL-pnTxzSSpjj_OkGDo5bZaxwUcVzU-SbXOJ-IE8v03MUWRp-aPD2wHtlTWLLp1qQ&google_tc= HTTP 302
https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_error=3

Request Chain 313

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESELJFdIaufHudnExUw0gQJp0&google_cver=1&google_push=AYg5qPLjgcXHuaVGe4VEqK2X53gZW6KCakOlHFujgTjyzuIrdIigIDGw-doUAqF5B0PxNH5VWBz1QyUaXSNu8kbrBce8gf5g-b8 HTTP 302
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESELJFdIaufHudnExUw0gQJp0&google_cver=1&google_push=AYg5qPLjgcXHuaVGe4VEqK2X53gZW6KCakOlHFujgTjyzuIrdIigIDGw-doUAqF5B0PxNH5VWBz1QyUaXSNu8kbrBce8gf5g-b8&prevuid=03030001_6151d81d3d851&knw=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPLjgcXHuaVGe4VEqK2X53gZW6KCakOlHFujgTjyzuIrdIigIDGw-doUAqF5B0PxNH5VWBz1QyUaXSNu8kbrBce8gf5g-b8&google_hm=MDMwMzAwMDFfNjE1MWQ4MWQzZDg1MQ%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPLjgcXHuaVGe4VEqK2X53gZW6KCakOlHFujgTjyzuIrdIigIDGw-doUAqF5B0PxNH5VWBz1QyUaXSNu8kbrBce8gf5g-b8&google_hm=MDMwMzAwMDFfNjE1MWQ4MWQzZDg1MQ%3D%3D&google_tc= HTTP 302
https://gu.dyntrk.com/adx/ga/us.php?dynk=ga2ex&gg_call=1&guid=&google_error=3

Request Chain 314

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEL1w0ZsYMdNKV8w7kvBBHfI&google_cver=1&google_push=AYg5qPI5JoWMV-7PJZ4sntHuDoz8x2m-gkt1R5v6G-80MreuPSh9KGbyQu3bkTC9fY4S0QS75VvKATOYlB7TwzOGVh8fGrPyRw HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEL1w0ZsYMdNKV8w7kvBBHfI&google_cver=1&google_push=AYg5qPI5JoWMV-7PJZ4sntHuDoz8x2m-gkt1R5v6G-80MreuPSh9KGbyQu3bkTC9fY4S0QS75VvKATOYlB7TwzOGVh8fGrPyRw HTTP 302
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=7aa71613-bf07-475b-830b-fb8bf3aa1327 HTTP 302
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=7aa71613-bf07-475b-830b-fb8bf3aa1327 HTTP 302
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=20ed1d6f-a0a1-4ef7-b6f9-d948c764f698&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI5JoWMV-7PJZ4sntHuDoz8x2m-gkt1R5v6G-80MreuPSh9KGbyQu3bkTC9fY4S0QS75VvKATOYlB7TwzOGVh8fGrPyRw&google_hm=eqcWE78HR1uDC_uL86oTJw== HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI5JoWMV-7PJZ4sntHuDoz8x2m-gkt1R5v6G-80MreuPSh9KGbyQu3bkTC9fY4S0QS75VvKATOYlB7TwzOGVh8fGrPyRw&google_hm=eqcWE78HR1uDC_uL86oTJw==&google_tc= HTTP 302
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_error=3

Request Chain 315

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGZpuQCyVIzY-zC91XeVKXY&google_cver=1&google_push=AYg5qPJaHrD9lrYIUTYnHPzR6srOO-Yn5JzSSGI2yf-9ROGxC_V2LV5kQO7umzbfuXofw7mhU_3cUH4ml9TBItaDydIw4bhJpLo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j8TS4n2fTeS-JmAytviC6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJaHrD9lrYIUTYnHPzR6srOO-Yn5JzSSGI2yf-9ROGxC_V2LV5kQO7umzbfuXofw7mhU_3cUH4ml9TBItaDydIw4bhJpLo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j8TS4n2fTeS-JmAytviC6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJaHrD9lrYIUTYnHPzR6srOO-Yn5JzSSGI2yf-9ROGxC_V2LV5kQO7umzbfuXofw7mhU_3cUH4ml9TBItaDydIw4bhJpLo&google_tc= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&p=156578&mpc=4&fp=1&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156578%26sc%3D1&google_error=3 HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:4cf76151-d81d-4000-a512-e9d34669c5e6&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6282211392932163713 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=91e5044f-5df7-4a65-b60c-01f76a9ed948 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&google_error=3 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156578&sc=1

Request Chain 316

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKRoRUJoPtkaBngJdVFvDnQ&google_cver=1&google_push=AYg5qPLJL30lBFbRE8uV2_E-VF1DZKidE7cm4Ajhc15b3cmaSVAdZwpzT1udf2-Mc1aJBtjts-HaYz_g3Ffkfil-ZUkRK1NNUeM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLJL30lBFbRE8uV2_E-VF1DZKidE7cm4Ajhc15b3cmaSVAdZwpzT1udf2-Mc1aJBtjts-HaYz_g3Ffkfil-ZUkRK1NNUeM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLJL30lBFbRE8uV2_E-VF1DZKidE7cm4Ajhc15b3cmaSVAdZwpzT1udf2-Mc1aJBtjts-HaYz_g3Ffkfil-ZUkRK1NNUeM&google_tc= HTTP 302
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_error=3

Request Chain 317

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGwdCwTMv3LXp_4Dm0OIFgg&google_cver=1&google_push=AYg5qPLcGzypUowSWOxF8mNlidSvWpfUANGe2jcLDvEv6pa6IBG3smj31ZQFnyHGnoRtbIclbhsuiJzut3qrVuOZ1xuSmdzijMA HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLcGzypUowSWOxF8mNlidSvWpfUANGe2jcLDvEv6pa6IBG3smj31ZQFnyHGnoRtbIclbhsuiJzut3qrVuOZ1xuSmdzijMA&google_gid=CAESEGwdCwTMv3LXp_4Dm0OIFgg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY5NzUxNjM3NDUyMzg5MzgxMTE%3D&google_push=AYg5qPLcGzypUowSWOxF8mNlidSvWpfUANGe2jcLDvEv6pa6IBG3smj31ZQFnyHGnoRtbIclbhsuiJzut3qrVuOZ1xuSmdzijMA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY5NzUxNjM3NDUyMzg5MzgxMTE%3D&google_push=AYg5qPLcGzypUowSWOxF8mNlidSvWpfUANGe2jcLDvEv6pa6IBG3smj31ZQFnyHGnoRtbIclbhsuiJzut3qrVuOZ1xuSmdzijMA&google_tc= HTTP 302
https://eb2.3lift.com/ebda?gdpr=1&gdpr_consent=&google_error=3

Request Chain 318

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEJoxjdCqEikM7wy4FfrHohM&google_cver=1&google_push=AYg5qPL073XGlwBu5eTTuAiycV4MNJ1XS6j06gxssctykH8PwKXqSzkG6YUeR2cGqJjbF1ZH8tMVtwgWsvF2pUYjeR4bBtRDU50m HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTBlNmU4YmItYmQxYS00NGY0LWI3MzMtOWVkYmVlMmI5OWM5&google_push=AYg5qPL073XGlwBu5eTTuAiycV4MNJ1XS6j06gxssctykH8PwKXqSzkG6YUeR2cGqJjbF1ZH8tMVtwgWsvF2pUYjeR4bBtRDU50m HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTBlNmU4YmItYmQxYS00NGY0LWI3MzMtOWVkYmVlMmI5OWM5&google_push=AYg5qPL073XGlwBu5eTTuAiycV4MNJ1XS6j06gxssctykH8PwKXqSzkG6YUeR2cGqJjbF1ZH8tMVtwgWsvF2pUYjeR4bBtRDU50m&google_tc= HTTP 302
https://match.sharethrough.com/sync/v1?google_error=3

Request Chain 332

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJJe-OjCxwyCergKJ653Pok&google_cver=1&google_push=AYg5qPJT2W_DR6mkog7wK3HEBoLSR0DxFIyqOIXgQfuPxGyytPOEJoxKX8gDqXRL0WZur5416LVDyFK5iFv1DwHvOTBLiqoOCBvvpw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJT2W_DR6mkog7wK3HEBoLSR0DxFIyqOIXgQfuPxGyytPOEJoxKX8gDqXRL0WZur5416LVDyFK5iFv1DwHvOTBLiqoOCBvvpw&google_hm=NzM5NzcxMDI1NzQ4MDI2Mjc4NQ%3D%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJT2W_DR6mkog7wK3HEBoLSR0DxFIyqOIXgQfuPxGyytPOEJoxKX8gDqXRL0WZur5416LVDyFK5iFv1DwHvOTBLiqoOCBvvpw&google_hm=NzM5NzcxMDI1NzQ4MDI2Mjc4NQ%3D%3D&google_tc= HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adx?google_error=3

Request Chain 334

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAZWGbSBeNyYC-KcWfEUNf8&google_cver=1&google_push=AYg5qPKSFrrIwU5zDSS73O3nUY4wUJyD8O12xrW5u68cx6qQJEB3jYuWJ8Div2bTJ0_OLGLJAbSm80qsFEueMwrZlIts-5cQg2e-xg HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAZWGbSBeNyYC-KcWfEUNf8&google_cver=1&google_push=AYg5qPKSFrrIwU5zDSS73O3nUY4wUJyD8O12xrW5u68cx6qQJEB3jYuWJ8Div2bTJ0_OLGLJAbSm80qsFEueMwrZlIts-5cQg2e-xg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI4MjIxMTM5MjkzMjE2MzcxMw&google_push=AYg5qPKSFrrIwU5zDSS73O3nUY4wUJyD8O12xrW5u68cx6qQJEB3jYuWJ8Div2bTJ0_OLGLJAbSm80qsFEueMwrZlIts-5cQg2e-xg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI4MjIxMTM5MjkzMjE2MzcxMw&google_push=AYg5qPKSFrrIwU5zDSS73O3nUY4wUJyD8O12xrW5u68cx6qQJEB3jYuWJ8Div2bTJ0_OLGLJAbSm80qsFEueMwrZlIts-5cQg2e-xg&google_tc= HTTP 302
https://c1.adform.net/serving/cookie/match/?google_error=3

Request Chain 335

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEG6SyJ71zBD1f99jg42GjaU&google_cver=1&google_push=AYg5qPJHnj8cx1mHDdtFISSVuYmn4A68zNffRIzkrnU79PM7Oh4EeKuET8w6wNclgpdNAHB4R-32lNvf5dQH0Bx8The9_NOhofAEBA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVHYHMsF6hLiJXr1KpJ1sQAABE8AAAIB&google_push=AYg5qPJHnj8cx1mHDdtFISSVuYmn4A68zNffRIzkrnU79PM7Oh4EeKuET8w6wNclgpdNAHB4R-32lNvf5dQH0Bx8The9_NOhofAEBA&google_cver=1&google_gid=CAESEG6SyJ71zBD1f99jg42GjaU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVHYHMsF6hLiJXr1KpJ1sQAABE8AAAIB&google_push=AYg5qPJHnj8cx1mHDdtFISSVuYmn4A68zNffRIzkrnU79PM7Oh4EeKuET8w6wNclgpdNAHB4R-32lNvf5dQH0Bx8The9_NOhofAEBA&google_cver=1&google_gid=CAESEG6SyJ71zBD1f99jg42GjaU&google_tc=

Request Chain 336

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEAd9YMbCeXMRdQOrDQtSEgE&google_cver=1&google_push=AYg5qPIrjxmmKmgCjgTqw8vkG25dKcihfVY55bEN4pd9f0fLBKhkzENyKj4Ngyz631IGsHz-A9IspxHZDSbZYd_WT1i2Un-8uIVF0W0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPIrjxmmKmgCjgTqw8vkG25dKcihfVY55bEN4pd9f0fLBKhkzENyKj4Ngyz631IGsHz-A9IspxHZDSbZYd_WT1i2Un-8uIVF0W0&google_hm=ODMwNjU2OTE5MjQ2MDcxODEwNg== HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPIrjxmmKmgCjgTqw8vkG25dKcihfVY55bEN4pd9f0fLBKhkzENyKj4Ngyz631IGsHz-A9IspxHZDSbZYd_WT1i2Un-8uIVF0W0&google_hm=ODMwNjU2OTE5MjQ2MDcxODEwNg==&google_tc= HTTP 302
https://a.rfihub.com/cm?pub=445&google_error=3

Request Chain 370

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEEBeZThE0PwWdWaqrgeEY2w&google_cver=1&google_push=AYg5qPIhne7GKUjbRRbrDeqlNBmWyxdDrXu5ujWtCYXc0hrs0hXP-EQ8N8WJ5toOxJntJo_LqBV9EP5oJ3sO7mzpl-AfOD4cWp9GzQ HTTP 302
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEEBeZThE0PwWdWaqrgeEY2w&google_cver=1&google_push=AYg5qPIhne7GKUjbRRbrDeqlNBmWyxdDrXu5ujWtCYXc0hrs0hXP-EQ8N8WJ5toOxJntJo_LqBV9EP5oJ3sO7mzpl-AfOD4cWp9GzQ&checkcookies=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=tc1xJOiY5GmJfAJVvASoTg&google_push=AYg5qPIhne7GKUjbRRbrDeqlNBmWyxdDrXu5ujWtCYXc0hrs0hXP-EQ8N8WJ5toOxJntJo_LqBV9EP5oJ3sO7mzpl-AfOD4cWp9GzQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=tc1xJOiY5GmJfAJVvASoTg&google_push=AYg5qPIhne7GKUjbRRbrDeqlNBmWyxdDrXu5ujWtCYXc0hrs0hXP-EQ8N8WJ5toOxJntJo_LqBV9EP5oJ3sO7mzpl-AfOD4cWp9GzQ&google_tc= HTTP 302
https://tracking.m6r.eu/sync/adxSyncDone?gdprFallback=true&google_error=3

Request Chain 372

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGZpuQCyVIzY-zC91XeVKXY&google_cver=1&google_push=AYg5qPIbH9AmfSrSY076L1DdWfcw5hGv4gqT9n4Qp8zJrpZR4_IFQlLiQaXJk-0tcT0u4n0RTetoQpfpgo6NftiLWooymlvMpPZxwg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j8TS4n2fTeS-JmAytviC6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIbH9AmfSrSY076L1DdWfcw5hGv4gqT9n4Qp8zJrpZR4_IFQlLiQaXJk-0tcT0u4n0RTetoQpfpgo6NftiLWooymlvMpPZxwg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j8TS4n2fTeS-JmAytviC6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIbH9AmfSrSY076L1DdWfcw5hGv4gqT9n4Qp8zJrpZR4_IFQlLiQaXJk-0tcT0u4n0RTetoQpfpgo6NftiLWooymlvMpPZxwg&google_tc= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&p=156578&mpc=4&fp=1&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156578%26sc%3D1&google_error=3 HTTP 302
https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6282211392932163713 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=91e5044f-5df7-4a65-b60c-01f76a9ed948 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&google_error=3 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156578&sc=1

Request Chain 373

https://match.360yield.com/match/ebda?google_gid=CAESEEO6Jr9rscKEpQ4QduDYofU&google_cver=1&google_push=AYg5qPKXufS0H2E2SDq6RFKyJTLKKNw3cvU0HNgZNXnvAz9k5q1y9nYq432jTfRbbXngACAhX5V6ZkrEJXMxImsDpsBtzItgY1Ul6w HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEO6Jr9rscKEpQ4QduDYofU&google_cver=1&google_push=AYg5qPKXufS0H2E2SDq6RFKyJTLKKNw3cvU0HNgZNXnvAz9k5q1y9nYq432jTfRbbXngACAhX5V6ZkrEJXMxImsDpsBtzItgY1Ul6w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=S7dpENw7RiuSx5_tma_gfA&google_push=AYg5qPKXufS0H2E2SDq6RFKyJTLKKNw3cvU0HNgZNXnvAz9k5q1y9nYq432jTfRbbXngACAhX5V6ZkrEJXMxImsDpsBtzItgY1Ul6w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=S7dpENw7RiuSx5_tma_gfA&google_push=AYg5qPKXufS0H2E2SDq6RFKyJTLKKNw3cvU0HNgZNXnvAz9k5q1y9nYq432jTfRbbXngACAhX5V6ZkrEJXMxImsDpsBtzItgY1Ul6w&google_tc= HTTP 302
https://match.360yield.com/match?google_error=3

Request Chain 374

https://ads.avads.net/sync/ggl?google_gid=CAESEKZzgOB56e-yxgcsPCusEvc&google_cver=1&google_push=AYg5qPIXxmyj8m7hg7glbHvLjTul8cFFgnZ_zG1qwDZ689zoGB5mOyL-jKa4GWiGV3XU6g1TsrFcRzyd4UImDiYyy41-fOvCbUyIQ54 HTTP 302
https://ads.avads.net/sync/ggl?google_gid=CAESEKZzgOB56e-yxgcsPCusEvc&google_cver=1&google_push=AYg5qPIXxmyj8m7hg7glbHvLjTul8cFFgnZ_zG1qwDZ689zoGB5mOyL-jKa4GWiGV3XU6g1TsrFcRzyd4UImDiYyy41-fOvCbUyIQ54&av_tc=True HTTP 302
https://ads.avads.net/sync/ggl?google_gid=CAESEKZzgOB56e-yxgcsPCusEvc&google_cver=1&google_push=AYg5qPIXxmyj8m7hg7glbHvLjTul8cFFgnZ_zG1qwDZ689zoGB5mOyL-jKa4GWiGV3XU6g1TsrFcRzyd4UImDiYyy41-fOvCbUyIQ54 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2U1OWVlNmYtNzVhNy00MjhjLWJmOGYtOGM2ZTJkZTJmNDFj&google_push=AYg5qPIXxmyj8m7hg7glbHvLjTul8cFFgnZ_zG1qwDZ689zoGB5mOyL-jKa4GWiGV3XU6g1TsrFcRzyd4UImDiYyy41-fOvCbUyIQ54 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2U1OWVlNmYtNzVhNy00MjhjLWJmOGYtOGM2ZTJkZTJmNDFj&google_push=AYg5qPIXxmyj8m7hg7glbHvLjTul8cFFgnZ_zG1qwDZ689zoGB5mOyL-jKa4GWiGV3XU6g1TsrFcRzyd4UImDiYyy41-fOvCbUyIQ54&google_tc= HTTP 302
https://ads.avads.net/report/ggl?google_error=3

Request Chain 383

https://a.tribalfusion.com/i.match?p=b6&u=CAESEB-HI8CUOq0d7H9mxlnjf4o&google_cver=1&google_push=AYg5qPIGCVlRymBYqEi4hTo5mmwSgDKA1UA4C77No-TIN9D2f2j77xHMQcJNl4eRMgvNgB6T8bViLEXWidr_I4ljIWPqRRGrbjk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIGCVlRymBYqEi4hTo5mmwSgDKA1UA4C77No-TIN9D2f2j77xHMQcJNl4eRMgvNgB6T8bViLEXWidr_I4ljIWPqRRGrbjk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB-HI8CUOq0d7H9mxlnjf4o&google_cver=1&google_push=AYg5qPIGCVlRymBYqEi4hTo5mmwSgDKA1UA4C77No-TIN9D2f2j77xHMQcJNl4eRMgvNgB6T8bViLEXWidr_I4ljIWPqRRGrbjk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIGCVlRymBYqEi4hTo5mmwSgDKA1UA4C77No-TIN9D2f2j77xHMQcJNl4eRMgvNgB6T8bViLEXWidr_I4ljIWPqRRGrbjk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 384

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEND-U8gZ476JOgqWy2zRPsA&google_cver=1&google_push=AYg5qPIJyaPoeLCjV4GGNg8oQgRPXEEOIg2u83DxcVD5_EDh2vjPggfrAIMBgnivTySGERFQlYbum8QFeEG1XqLVI4Xl_C6Em8o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPIJyaPoeLCjV4GGNg8oQgRPXEEOIg2u83DxcVD5_EDh2vjPggfrAIMBgnivTySGERFQlYbum8QFeEG1XqLVI4Xl_C6Em8o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPIJyaPoeLCjV4GGNg8oQgRPXEEOIg2u83DxcVD5_EDh2vjPggfrAIMBgnivTySGERFQlYbum8QFeEG1XqLVI4Xl_C6Em8o&google_tc= HTTP 302
https://px.ads.linkedin.com/setuid?partner=google&google_gid=&google_error=3

Request Chain 385

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEH8QeFjZzM4Exqp2VjM8ABo&google_cver=1&google_push=AYg5qPJ3O4G0YInAsO71pcjPIsS-ry_uKvsNI4o9jjjAHGMekI6baUQzqwVyX0TS2MjI4_yk3_K53nqnfbcLitq0yeH18BFlcA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJ3O4G0YInAsO71pcjPIsS-ry_uKvsNI4o9jjjAHGMekI6baUQzqwVyX0TS2MjI4_yk3_K53nqnfbcLitq0yeH18BFlcA&google_hm=QXZ6R3lLYXVWZ3F0RHZYVjF1QUdTZHc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJ3O4G0YInAsO71pcjPIsS-ry_uKvsNI4o9jjjAHGMekI6baUQzqwVyX0TS2MjI4_yk3_K53nqnfbcLitq0yeH18BFlcA&google_hm=QXZ6R3lLYXVWZ3F0RHZYVjF1QUdTZHc=&google_tc= HTTP 302
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_error=3

Request Chain 386

https://cs.media.net/cksync?type=g&google_gid=CAESEDwWNsJsMOaoXKj2u2oK3pM&google_cver=1&google_push=AYg5qPLi8VQ66_1zN4UNdxJXrFjVtFyCrG7T0fU1-7zjLWkc5tAfHcKa9Y6FCCfRFBD64B7C0uptresQ9deHYM0WfI8qh_C3EDw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc1NzU1MjkyOTg2MDE5ODAwMFYxMA%3d%3d&mn_hm=Mjc1NzU1MjkyOTg2MDE5ODAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLi8VQ66_1zN4UNdxJXrFjVtFyCrG7T0fU1-7zjLWkc5tAfHcKa9Y6FCCfRFBD64B7C0uptresQ9deHYM0WfI8qh_C3EDw&gdpr=&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc1NzU1MjkyOTg2MDE5ODAwMFYxMA%3D%3D&mn_hm=Mjc1NzU1MjkyOTg2MDE5ODAwMFYxMA%3D%3D&google_sc=1&google_push=AYg5qPLi8VQ66_1zN4UNdxJXrFjVtFyCrG7T0fU1-7zjLWkc5tAfHcKa9Y6FCCfRFBD64B7C0uptresQ9deHYM0WfI8qh_C3EDw&gdpr=&gdpr_consent=&google_tc= HTTP 302
https://cs.media.net/cksync?type=g&mn_hm=Mjc1NzU1MjkyOTg2MDE5ODAwMFYxMA%3D%3D&gdpr=&gdpr_consent=&google_error=3

Request Chain 388

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEIeyJtkBCyq2dFHbfFkeDnk&google_cver=1&google_push=AYg5qPJrY7z6GW0lGESAt9bab1q-Nw3xesgzss18sluDFUf08JwPbHJnqToztr9_QdBML8yX9ahJ80LZTfpNNPNLO6tv2Z7p4cDK HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEIeyJtkBCyq2dFHbfFkeDnk&google_cver=1&google_push=AYg5qPJrY7z6GW0lGESAt9bab1q-Nw3xesgzss18sluDFUf08JwPbHJnqToztr9_QdBML8yX9ahJ80LZTfpNNPNLO6tv2Z7p4cDK&apid=UP022297f2-1fa1-11ec-a5a1-06f6161f24a4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwMjIyOTdmMi0xZmExLTExZWMtYTVhMS0wNmY2MTYxZjI0YTQ%3D&google_push=AYg5qPJrY7z6GW0lGESAt9bab1q-Nw3xesgzss18sluDFUf08JwPbHJnqToztr9_QdBML8yX9ahJ80LZTfpNNPNLO6tv2Z7p4cDK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwMjIyOTdmMi0xZmExLTExZWMtYTVhMS0wNmY2MTYxZjI0YTQ%3D&google_push=AYg5qPJrY7z6GW0lGESAt9bab1q-Nw3xesgzss18sluDFUf08JwPbHJnqToztr9_QdBML8yX9ahJ80LZTfpNNPNLO6tv2Z7p4cDK&google_tc= HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=false&google_error=3 HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=false&google_error=3&apid=UP022297f2-1fa1-11ec-a5a1-06f6161f24a4

573 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.hawtcelebs.com/
Redirect Chain

http://www.hawtcelebs.com/
https://www.hawtcelebs.com/

23 KB
6 KB

1301ms
1276ms

Document
text/html

2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hawtcelebs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c5401b5a7e3446228d9795e81215d74c7def3f774580cc9bd85ab07716028aa

Request headers

:method: GET
:authority: www.hawtcelebs.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
content-type: text/html; charset=UTF-8
link: <https://www.hawtcelebs.com/wp-json/>; rel="https://api.w.org/"
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1gMYegmR3qt2yTdmRT9Ez%2B6nbFc1lwrilVGuQRk9Q%2BVmAy9VKN4iGYzBeVAzxwTNdlb6F8SOf0lnT1Ex8octLO7YFSmNYuySko7yMB2halsd07BC6%2Bi9CyyVCw%2BHW4Btz6VX0ZmITTUeCpi83pwrPc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 69557e3bed28325c-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Mon, 27 Sep 2021 14:41:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 27 Sep 2021 15:41:28 GMT
Location: https://www.hawtcelebs.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4AOQZk%2BfescMyluNoCv6ZvotEw7JOk8aQftgbliR0WrCUgwqnv3xSz8wgWZSbqoVhxgWULg0Da2IsS63sJB3SAtynHS0r%2FHzogmyHczf4D7GX6PUeaEI%2BdM6BKnq1X9dQMO%2FndhKAQUdc%2FOOIFycNtc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 69557e3b98d36921-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 up.js Show response
live.demand.supply/ 4 KB
3 KB 263ms
203ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/up.js
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa3d7e10ba5df323a1736d7a2bdac9a927269aa99e3bb2897055fdad23d7368e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FEM84MFDT8K26ZZE9TNQZW8S
date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 830
cf-polished: origSize=3991
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
cf-bgj: minify
server: cloudflare
etag: W/"2ca53d417adc7f6e92588a7a5642763b-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
cf-ray: 69557e4498b1dff3-FRA
link: <https://live.demand.supply/impl.v13.7.2.js>; rel=preload; as=script,<https://live.demand.supply/p4/v13-6-0/d3d3Lmhhd3RjZWxlYnMuY29tLw==>; rel=preload; as=script,<https://live.demand.supply/dspd.13.js>; rel=preload; as=script

GET
H2 200 style.css
www.hawtcelebs.com/wp-content/themes/hawtceleb/ 15 KB
4 KB 76ms
76ms Stylesheet
text/css 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hawtcelebs.com/wp-content/themes/hawtceleb/style.css?ver=5.8.1
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af0d6570462dee3c3937e8694b2ee98ea78313219976105080e94680c29769ad

Request headers

:path: /wp-content/themes/hawtceleb/style.css?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.hawtcelebs.com
referer: https://www.hawtcelebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 156324
cf-polished: status=cannot_optimize
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 26 Aug 2019 09:10:58 GMT
server: cloudflare
etag: W/"5d63a222-3db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K28YILXxAO74%2Ffk%2BcCbJY49KYbpAafO6vds8THKvt0lGCk3P31Q7kCh0dzvI77GVrZNKsW%2FrLLFMac5M%2F%2FRPlF5EHFdUDuRHAjWL0zbXcO7cqjVa5WvT%2BbYR%2B2ToBJwecYky1zBaRFkYHUFeRAc23Lc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 69557e443b17325c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 53ms
28ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%2C700i&ver=5.8.1

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0882fe11baf5c777266a9ab3f14aa451432c7099158b2d69b3515ee5c8e66d4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 14:23:57 GMT
server: ESF
date: Mon, 27 Sep 2021 14:41:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Sep 2021 14:41:30 GMT

GET
H2 200 dd-multi-col-cats.css
www.hawtcelebs.com/wp-content/themes/hawtceleb/ 238 B
516 B 29ms
29ms Stylesheet
text/css 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hawtcelebs.com/wp-content/themes/hawtceleb/dd-multi-col-cats.css
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a40dcd59c23d9ed6f0fbaeefeb57c78543b487ad93c49f5f74b89dd85b0ea278

Request headers

:path: /wp-content/themes/hawtceleb/dd-multi-col-cats.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.hawtcelebs.com
referer: https://www.hawtcelebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 156324
cf-polished: origSize=313
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 10 Jun 2019 10:27:20 GMT
server: cloudflare
etag: W/"5cfe3088-139"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wG7JfPGuYvO3wGr3DJUPjuVzzVHoqgiPd6yLSnp0qozagbZg6Thc35dGVSZHlnQzCkB1BqtZS1FbvGz%2FyBm9YteNNMJkFdFzVBW8JrygGPv260OanxlAgHBNI%2B5EAgL%2FV897nprEs5MLmG%2BxCChFOjU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
cf-ray: 69557e443b1c325c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ 27 KB
5 KB 599ms
153ms Script
application/x-javascript 68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to

Full URL: https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=6;
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: dee525e0e65ecf117f8dcc0a45e64ef4eb1d0ebbcc926fa7c817f591f5ec8f1c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:30 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: application/x-javascript
Expires: 0

GET
H2 200 meghan-thee-stallion-performs-at-governor-s-ball-2021-in-new-york-09-25-2021-12_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2021/09/ 38 KB
39 KB 16ms
15ms Image
image/jpeg 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hawtcelebs.com/wp-content/uploads/2021/09/meghan-thee-stallion-performs-at-governor-s-ball-2021-in-new-york-09-25-2021-12_thumbnail.jpg
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52acc0a283dae0496a4f6c7b177183a61acaea196ab508be721035445353486e

Request headers

:path: /wp-content/uploads/2021/09/meghan-thee-stallion-performs-at-governor-s-ball-2021-in-new-york-09-25-2021-12_thumbnail.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hawtcelebs.com
referer: https://www.hawtcelebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8935
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 39397
last-modified: Mon, 27 Sep 2021 12:12:26 GMT
server: cloudflare
etag: "6151b52a-99e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTTGIHXEmn9oELpFNwlTpeKtICYikUplkzZvQfWjSOpuQzaWUx3b8MMmrGt7x%2BxChHcMb3j%2BJs%2Fycw%2BD3CYdYUvk2H1sXJuPGPXFO%2FixCQT%2F%2B7uM9kB8p6P0M1%2B3Pesle%2BrncPmm69QvjL%2FKq7Szga4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69557e444b21325c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gigi-hadid-at-versace-special-event-in-milan-09-26-2021-9_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2021/09/ 52 KB
52 KB 49ms
47ms Image
image/jpeg 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hawtcelebs.com/wp-content/uploads/2021/09/gigi-hadid-at-versace-special-event-in-milan-09-26-2021-9_thumbnail.jpg
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f5ef1a821e915318035418c14c515243c9321543fab8cb45fb6f547edb0bd96

Request headers

:path: /wp-content/uploads/2021/09/gigi-hadid-at-versace-special-event-in-milan-09-26-2021-9_thumbnail.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hawtcelebs.com
referer: https://www.hawtcelebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8996
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 52980
last-modified: Mon, 27 Sep 2021 12:11:24 GMT
server: cloudflare
etag: "6151b4ec-cef4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rS%2FORMJgjY1Ufrafn%2Fx1xZdWuEh3IwAyBHu1T7VV4AE4wTsS0zAwzZQiP9H1qqmCMKGL9Qe9wZx83%2FL4Ezl3VhZ9O9mmeAP7dqQt3broGLZ88lvDb5KQPzCkoPBDAMlX7w442VOi2oXQJS1uDF6MJGg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69557e444b22325c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 alissa-violet-at-offsunset-with-benny-blanco-cashmere-cat-launch-in-west-hollywood-09-25-2021-3_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2021/09/ 108 KB
108 KB 29ms
28ms Image
image/jpeg 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hawtcelebs.com/wp-content/uploads/2021/09/alissa-violet-at-offsunset-with-benny-blanco-cashmere-cat-launch-in-west-hollywood-09-25-2021-3_thumbnail.jpg
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 853aa1271cc55ec218acc3290e6565e6921917cb1cf2317a6c7cff71cb77b386

Request headers

:path: /wp-content/uploads/2021/09/alissa-violet-at-offsunset-with-benny-blanco-cashmere-cat-launch-in-west-hollywood-09-25-2021-3_thumbnail.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hawtcelebs.com
referer: https://www.hawtcelebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9182
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 110173
last-modified: Mon, 27 Sep 2021 12:08:25 GMT
server: cloudflare
etag: "6151b439-1ae5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnc%2F4pTXlNs7GOlspkJs3YCIu4%2BH%2FE4fay44iJeaRGuSkO4ldkd1f6xvTP3V27B6%2FI5%2FdM7NyA5xSOqIeBDDuogQDJ4deMiT0QX5EL3HfvMSCxrSOLLHdqLkj3XFZVroAj2eoRldSrFxyr0pxmKqu3w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69557e444b24325c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 laverne-cox-at-academy-museum-of-motion-pictures-opening-gala-in-los-angeles-09-25-2021-4_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2021/09/ 67 KB
67 KB 66ms
64ms Image
image/jpeg 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hawtcelebs.com/wp-content/uploads/2021/09/laverne-cox-at-academy-museum-of-motion-pictures-opening-gala-in-los-angeles-09-25-2021-4_thumbnail.jpg
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c2668897ee1ff467d51ff41483a4aa80789c359aa49dd42fa7cde0e3609b95c

Request headers

:path: /wp-content/uploads/2021/09/laverne-cox-at-academy-museum-of-motion-pictures-opening-gala-in-los-angeles-09-25-2021-4_thumbnail.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hawtcelebs.com
referer: https://www.hawtcelebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9261
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 68433
last-modified: Mon, 27 Sep 2021 12:07:04 GMT
server: cloudflare
etag: "6151b3e8-10b51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SmRsiMTwHvciMBPEpGxPwde%2FnGzWnx1oI4JE9VsMsQ4rfslZh8O1vL4xSRbXQKXmNM7Ym4QZUGrvitRMXJOalGpyQnHJtsTolNxLi2MfzOr935n1qd6fQxSAGchLuQoiBiJqAk6GqifxrDf%2BnK0A0ek%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69557e444b25325c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ariann-murad-at-rumba-love-premiere-at-landmark-theater-in-los-angeles-09-22-2021-3_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2021/09/ 62 KB
63 KB 78ms
77ms Image
image/jpeg 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hawtcelebs.com/wp-content/uploads/2021/09/ariann-murad-at-rumba-love-premiere-at-landmark-theater-in-los-angeles-09-22-2021-3_thumbnail.jpg
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 448daa705cc16f302bd65576425925a14e5d57480e07b0e955aff52c342bca1d

Request headers

:path: /wp-content/uploads/2021/09/ariann-murad-at-rumba-love-premiere-at-landmark-theater-in-los-angeles-09-22-2021-3_thumbnail.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hawtcelebs.com
referer: https://www.hawtcelebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9303
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 63651
last-modified: Mon, 27 Sep 2021 12:06:22 GMT
server: cloudflare
etag: "6151b3be-f8a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uvF02IzrZJ3T3CFURYCSqTeR%2BcthMvgFxa52T4yaxq92C6o6rwKAaHuyYgYfJciTew0jlgf8T8VJWnGSoZc1m5j4Y%2FLBsq782GPPmgQytVpl604IQKrWCysfLp%2Fd6Gl%2Fjv5prt%2B3vAd6ntGRLV7OhXw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69557e444b28325c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 helen-flanagan-night-out-in-london-09-26-2021-6_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2021/09/ 49 KB
50 KB 23ms
22ms Image
image/jpeg 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hawtcelebs.com/wp-content/uploads/2021/09/helen-flanagan-night-out-in-london-09-26-2021-6_thumbnail.jpg
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5378474e9a30594d2fa154c4a0cebdd3cbf903eba394f7b710f4ac26d40076f

Request headers

:path: /wp-content/uploads/2021/09/helen-flanagan-night-out-in-london-09-26-2021-6_thumbnail.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hawtcelebs.com
referer: https://www.hawtcelebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12921
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 50396
last-modified: Mon, 27 Sep 2021 11:06:01 GMT
server: cloudflare
etag: "6151a599-c4dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kr%2FkacIgUDIp1AKc1Mt0o4Bsh4EBZx8exgKn%2B7M2h40ph2IchzqPd8OHOZcm%2FhuTBdj%2FUZmvJljA2bQdKf3wYYI57t5CfTVs9VzDdlpTYZiSmsx0CMpYp6Wlxix4gJQqraE38D8EKJ01zta954Mlryw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69557e444b2b325c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mollie-king-at-global-radio-studios-in-london-09-26-2021-6_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2021/09/ 55 KB
56 KB 60ms
59ms Image
image/jpeg 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hawtcelebs.com/wp-content/uploads/2021/09/mollie-king-at-global-radio-studios-in-london-09-26-2021-6_thumbnail.jpg
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db246a19437446ef17f4f45766deac36198aed592c8a3c6a8a6b780d852d57c4

Request headers

:path: /wp-content/uploads/2021/09/mollie-king-at-global-radio-studios-in-london-09-26-2021-6_thumbnail.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hawtcelebs.com
referer: https://www.hawtcelebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12983
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 56556
last-modified: Mon, 27 Sep 2021 11:05:01 GMT
server: cloudflare
etag: "6151a55d-dcec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1Drf4CWFlyoybp5nFWiTVJIYKfU7rR8Qw3lEFvGisjt1WPGLGzXLkCJLEak02HXY2p3v1hTevRBshs5iMYkREDigI10HZjhqZIU%2Fz8atOKLrUV1TUgKnk9tJfdjhrabloNAc%2BCiqC9dkG53hcPiy5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69557e444b2c325c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 aida-domenech-arrives-at-ermanno-scervino-fashion-show-in-milan-09-25-2021-4_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2021/09/ 69 KB
69 KB 53ms
52ms Image
image/jpeg 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hawtcelebs.com/wp-content/uploads/2021/09/aida-domenech-arrives-at-ermanno-scervino-fashion-show-in-milan-09-25-2021-4_thumbnail.jpg
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70b2d75b457ce831a3fd0517187e7bf885c9c9f654419e6e01c2dd393de57412

Request headers

:path: /wp-content/uploads/2021/09/aida-domenech-arrives-at-ermanno-scervino-fashion-show-in-milan-09-25-2021-4_thumbnail.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hawtcelebs.com
referer: https://www.hawtcelebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13151
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 70363
last-modified: Mon, 27 Sep 2021 11:02:16 GMT
server: cloudflare
etag: "6151a4b8-112db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUQv5vJ66NGjZbx7ugyxGoCz%2BNqeJMy3MvoqGQc2JeUkR7CnbUEHB3uI6%2FWP%2Brc7so09U7%2FTPuqgtf9w9zFqK6eZhHUN3KQFYGp13AadJd6dhlnYomb%2BTs5Dqz6ZMXOfRIn4y7H%2FCJAVGSeHg1cresY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69557e444b2e325c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 olivia-palermo-arrives-at-ermanno-scervino-show-at-milan-fashion-week-09-25-2021-2_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2021/09/ 66 KB
66 KB 40ms
40ms Image
image/jpeg 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hawtcelebs.com/wp-content/uploads/2021/09/olivia-palermo-arrives-at-ermanno-scervino-show-at-milan-fashion-week-09-25-2021-2_thumbnail.jpg
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e40c8ae725b404793dc7f2b06ef31e14f6e3b5abd22f8c2847c489069faf7a3

Request headers

:path: /wp-content/uploads/2021/09/olivia-palermo-arrives-at-ermanno-scervino-show-at-milan-fashion-week-09-25-2021-2_thumbnail.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hawtcelebs.com
referer: https://www.hawtcelebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13195
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 67202
last-modified: Mon, 27 Sep 2021 11:01:28 GMT
server: cloudflare
etag: "6151a488-10682"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nsU1HoPaijWXpc%2FrxxfZLp1i5q49RlSk7TpR5XTPpv0r8kq2xGQO6ZG9nBp%2Bg0gsuaw5P%2BtRSZqvxX0dghQusGEBn8b5VBD77%2BmW2PoTP%2BaIIvCoz4ImNzQzW0HLIEsKzbYpx4iKPLMfM9p8eB7Iq6A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69557e444b30325c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 maria-teresa-buccino-arrives-at-ermanno-scervino-fashion-show-in-milan-09-25-2021-3_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2021/09/ 60 KB
61 KB 75ms
75ms Image
image/jpeg 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hawtcelebs.com/wp-content/uploads/2021/09/maria-teresa-buccino-arrives-at-ermanno-scervino-fashion-show-in-milan-09-25-2021-3_thumbnail.jpg
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca80773b7eab4eccd26614ab3313abf331213f82be70cc38c4fa86cc831f749

Request headers

:path: /wp-content/uploads/2021/09/maria-teresa-buccino-arrives-at-ermanno-scervino-fashion-show-in-milan-09-25-2021-3_thumbnail.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hawtcelebs.com
referer: https://www.hawtcelebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15091
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 61750
last-modified: Mon, 27 Sep 2021 10:29:56 GMT
server: cloudflare
etag: "61519d24-f136"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6wUj88AJFEa3qOfAZHJJcqrqD5XlKqmzmhRQwdxkyTgefkIGzL%2BD1FX9yxeKFdhdf3IzGoI35BqaZ0ccbwhFXyvG2wY93G8yePhyPLo0taFXCR6UnoY%2BVpylf61gfxtDqxqq3LzkOuOh57lMTvO2%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69557e444b32325c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rocket-loader.min.js Show response
www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 13ms
13ms Script
application/javascript 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

:path: /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hawtcelebs.com
referer: https://www.hawtcelebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 21 Sep 2021 15:51:34 GMT
server: cloudflare
etag: W/"6149ff86-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89WkOK%2BGE18HA59%2BdZqQg6iQiyZo4%2B6c%2BAB3Rac26syXfWy5WeIyxKNDpnf9cuJCXiuqha99622fphkVgVYJ79zmt9CPo%2BB4O6AfNFiXnNwyUZIzSD4LL8ERmnGZt6UTfCaSYTK1jQa6FnBgq8nq%2BMc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800 public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 69557e444b34325c-FRA
vary: Accept-Encoding
expires: Wed, 29 Sep 2021 14:41:30 GMT

GET
H2 200 c.js Show response
waust.at/ 12 KB
6 KB 231ms
48ms Script
application/x-javascript 2606:4700:20::681a:507
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/c.js
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:507 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1292
last-modified: Mon, 03 May 2021 17:48:53 GMT
server: cloudflare
etag: W/"60903785-2f8d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYSi0ab3Uzo%2Bf0D%2FqqgAq6i18cz8Ik6M0EkYluGWkxlBrR5J0yr1blBPCptvX1UzTil%2FAJs50wxEWv%2BVGt37cpeZ%2B6j%2F3da%2Bpotbkc4bu%2F0QwcbkcRZACpbot27RkNMTxEvQeB8W"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 69557e458dfb4edf-FRA
expires: Tue, 28 Sep 2021 14:19:58 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 183 KB
62 KB 213ms
28ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ee9bcf40869defb2ba36f0398aafcdbe1c82715317c76a2fad2e8ae0a74f2225

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:14:17 GMT
etag: W/"2dd14-xHIYTyef9V4m9QpegRxijTiSwm4"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: c3a34e56c27d8ddabfc7dd345522d2e
timing-allow-origin: *, *
content-length: 62421
expires: Mon, 27 Sep 2021 18:41:30 GMT

GET
H2 200 / Show response
services.vlitag.com/adv1/ 929 B
1 KB 313ms
128ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/adv1/?q=036e05035cbef88431e89138f2969605

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6218b18c06deda58406f88ef17ec37989aadb616587ea31bdefb774d6fa032a

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Mon, 27 Sep 2021 14:41:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQ2gD4jkMmqYLXKjI%2B2y0xog6%2Fe6TdG2EAOo2fQmUskE2HDfhUgyfiscg%2FOMMITYGWLsfvEYfJRX25zfHxKvs%2FKu2HeKT1TEDpYNv6K7KI49vVwzIqwLVIwBwoYL1X%2FRh7VeXBhVxEUIdT48Qm75O5c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 69557e458a7f6934-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 64ms
26ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-10995097-8

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe90cfc533c7ded21980055d47d598dd3bf7b6c22bfa8b7917f514c628a49a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39259
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 Sep 2021 14:41:30 GMT

GET
H2 200 jquery.js Show response
www.hawtcelebs.com/wp-content/themes/hawtceleb/js/ 95 KB
34 KB 62ms
61ms Script
application/javascript 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hawtcelebs.com/wp-content/themes/hawtceleb/js/jquery.js?ver=1.0.0
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919

Request headers

:path: /wp-content/themes/hawtceleb/js/jquery.js?ver=1.0.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.hawtcelebs.com
referer: https://www.hawtcelebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 156120
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 10 Jun 2019 11:28:48 GMT
server: cloudflare
etag: W/"5cfe3ef0-17a62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQadXVnTXG99CEH1ldpphnrcsfFlgcw%2B2jTmrEOyL5upnS3MATnnhqlaDYbuSpRURyGMQbEmKHHBFflPCdB1minOtNDL5aIjCWYHNFHysge2Tp5XJnTjgMAQo9qU0vkzEXN%2BwaIz2BbCu9UDR71PEn0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 69557e446b5e325c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 icon.ttf
www.hawtcelebs.com/wp-content/themes/hawtceleb/fonts/ 14 KB
14 KB 26ms
26ms Font
application/octet-stream 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hawtcelebs.com/wp-content/themes/hawtceleb/fonts/icon.ttf?zf3xc5
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/wp-content/themes/hawtceleb/style.css?ver=5.8.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bee4c3ddceefb6558b86e3d6bbe40326f6d67e1b0b535eb6949d570e7630d82d

Request headers

:path: /wp-content/themes/hawtceleb/fonts/icon.ttf?zf3xc5
pragma: no-cache
origin: https://www.hawtcelebs.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.hawtcelebs.com
referer: https://www.hawtcelebs.com/wp-content/themes/hawtceleb/style.css?ver=5.8.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.hawtcelebs.com/wp-content/themes/hawtceleb/style.css?ver=5.8.1
Origin: https://www.hawtcelebs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4230
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14224
last-modified: Mon, 10 Jun 2019 08:38:45 GMT
server: cloudflare
etag: "5cfe1715-3790"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQEAhSUbVDXK2RsGAfapALYcfbDYSkF2AIeU0N5W6hPFlvlWbyISoQ11RINeiuSFGlB9LuW4vyrb0coVKVttat5SkwC%2F%2BrhzzSIG6StHtsi7iNWsyK9B06zAkQIknWqDh2qR8PurfOGGRwR0fbhcFls%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 69557e44cbee325c-FRA

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 137ms
12ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%2C700i&ver=5.8.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hawtcelebs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 22:28:30 GMT
x-content-type-options: nosniff
age: 403980
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Sep 2022 22:28:30 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
20 KB 131ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C400i%2C700%2C700i&ver=5.8.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.hawtcelebs.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 13:18:36 GMT
x-content-type-options: nosniff
age: 436974
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Sep 2022 13:18:36 GMT

GET
H2 200 impl.v13.7.2.js Show response
live.demand.supply/ 77 KB
25 KB 24ms
23ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/impl.v13.7.2.js
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3104d96908d7c2e43aaea23643467a97d3485579425fa19b4a19cd2a0dde0bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FEM844GRBQYC5A6W9Z97Q7S1
date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 2133988
cf-polished: origSize=79344
cf-ray: 69557e45ead1dff3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"577f36f4bcd3be1c79ca228137ecde8b-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *

GET
H2 200 d3d3Lmhhd3RjZWxlYnMuY29tLw== Show response
live.demand.supply/p4/v13-6-0/ 3 KB
1 KB 355ms
355ms Script
text/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/p4/v13-6-0/d3d3Lmhhd3RjZWxlYnMuY29tLw==
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f679035b4527b8f560e0bc22c14208b16d4018c565c043edc2dba193b645a55c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 69557e45ead3dff3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 dspd.13.js Show response
live.demand.supply/ 310 KB
92 KB 32ms
32ms Script
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/dspd.13.js
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dab7c20eec6b08ebf45d87bb9b5a7d74589bec3130a09c7365372325f9f2af12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FES0ED8WAMPWAPKBWV4XSJQD
date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: br
cf-cache-status: HIT
age: 1974195
cf-polished: origSize=317084
cf-ray: 69557e45ead7dff3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-bgj: minify
server: cloudflare
etag: W/"65636f95338190728834b27f76eb9725-ssl-df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
timing-allow-origin: *

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
104 B 32ms
16ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?e=ll&d=264&cs=c&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:30 GMT
cf-cache-status: HIT
age: 1439917
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e460da15c0e-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 57ms
35ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60e19c098c974311188db471cb03472950033c6bd1f3a92e8992f2b0be5e2381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49925
x-xss-protection: 0
server: cafe
etag: 1109047676077799126
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 27 Sep 2021 14:41:30 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 73 KB
25 KB 38ms
16ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: live.demand.supply
URL: https://live.demand.supply/up.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

afc87e4d91efff4a8f548bfbfa77d13a8632bd3684f17f08f5bdf7bdeeaaf411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "999 / 468 of 1000 / last-modified: 1632741118"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24874
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Sep 2021 14:41:30 GMT

GET
H2 200 ds.2.html Show response
live.demand.supply/ 413 B
328 B 36ms
21ms XHR
text/html 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/ds.2.html
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG3ZNSGC3BY9CZMHRP6RAHSR
date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
timing-allow-origin: *
age: 390887
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-ray: 69557e460da55c0e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

HEAD
H2 200 e.js Show response
live.demand.supply/x/ 0
44 B 35ms
21ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=rl&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG0Q3YCGW6AVJC831WE1F8R9
date: Mon, 27 Sep 2021 14:41:30 GMT
cf-cache-status: HIT
age: 423461
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0b1ef88152c3a4cd79e0ba959cca0c64-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e460da95c0e-FRA

HEAD
H2 200 e.js Show response
live.demand.supply/x/ 0
426 B 29ms
16ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=rl&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/up.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG0Q3YCGW6AVJC831WE1F8R9
date: Mon, 27 Sep 2021 14:41:30 GMT
cf-cache-status: HIT
age: 423461
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0b1ef88152c3a4cd79e0ba959cca0c64-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e460dac5c0e-FRA

GET
H2 200 pubads_impl_2021091501.js Show response
securepubads.g.doubleclick.net/gpt/ 334 KB
117 KB 18ms
17ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

52c41152c7916b4cf3b3a90f790faa0ba7f746603671e286531bc50407d844ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119151
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 08:39:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Sep 2021 14:41:30 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 346 B
185 B 37ms
22ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.hawtcelebs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

c6b6518709df601ec8bcf6f5bca431a0ae4256909395934eaba9fffb5c5aedc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160
x-xss-protection: 0
expires: Mon, 27 Sep 2021 14:41:30 GMT

GET
H2 200 hawtcelebs.com_responsive_h_reshorheaderdesktop Show response
api.demand.supply/v13-6-0/a/ 292 B
376 B 35ms
17ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v13-6-0/a/hawtcelebs.com_responsive_h_reshorheaderdesktop?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4430ae2cc36cd010e6d34e53d48aba86b7cdf3a5f73010851d69395e583896ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2031
etag: W/"124-oaF4GADZya3UB+T6jeiI+y/+1cs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 69557e469f655c0e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 hawtcelebs.com_responsive_h_archive-3 Show response
api.demand.supply/v13-6-0/a/ 301 B
299 B 35ms
18ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v13-6-0/a/hawtcelebs.com_responsive_h_archive-3?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9301278aba09e63cfe43632e3b8d61ca48ca0d1e609927850749b2d5f983349b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2031
etag: W/"12d-LAlRcD9UzOtxQNECMvFtecd/E50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 69557e469f625c0e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 hawtcelebs.com_native_multi_native_home_7 Show response
api.demand.supply/v13-6-0/a/ 305 B
293 B 34ms
18ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v13-6-0/a/hawtcelebs.com_native_multi_native_home_7?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe699c2035f62c7c0253d7d4e063aa2c85f544b61c59e5e8adb0dffc52bcc6e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2031
etag: W/"131-u3iDrNzcoZLsxORm1pkKGqfD7sE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 69557e469f645c0e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 hawtcelebs.com_300x250_desno300x250 Show response
api.demand.supply/v13-6-0/a/ 297 B
299 B 44ms
27ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v13-6-0/a/hawtcelebs.com_300x250_desno300x250?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a69271c7437bd4e6d32add08254b9b0170238186e84bf42c6b22daf6c7830717

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 4252
etag: W/"129-LD4bhB16UkXI+4s+IriGp6yYICs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 69557e469f5b5c0e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 hawtcelebs.com_300x600_hawt600 Show response
api.demand.supply/v13-6-0/a/ 365 B
338 B 44ms
28ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v13-6-0/a/hawtcelebs.com_300x600_hawt600?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df08c4ff59620e89c3b36f1968bd2dfe63fe3a99ddcf3a3071397eec62a734d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 4252
etag: W/"16d-RoEK/aN/+lSTVAO1YNO9fQCFKcU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 69557e469f5f5c0e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 hawtcelebs.com_160x600_hawt160 Show response
api.demand.supply/v13-6-0/a/ 297 B
295 B 45ms
28ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v13-6-0/a/hawtcelebs.com_160x600_hawt160?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2776e4e9db86fcff8c0ee5c2e32d4555546b7373c9df7b3a5885a23e08970d36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2031
etag: W/"129-Bbpp8IilGFDMSOVvnksnGHCTjt8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 69557e469f685c0e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/ Frame 0696 10 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210922/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210922/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hawtcelebs.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 27 Sep 2021 05:23:04 GMT
expires: Mon, 11 Oct 2021 05:23:04 GMT
content-type: text/html; charset=UTF-8
etag: 14847953055219580247
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4613
x-xss-protection: 0
age: 33506
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 hawtcelebs.com_responsive_h_hawtfuterreshor Show response
api.demand.supply/v13-6-0/a/ 292 B
287 B 21ms
20ms XHR
application/json 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.demand.supply/v13-6-0/a/hawtcelebs.com_responsive_h_hawtfuterreshor?&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e0f26739c23b45264b05b0fb95fbcfca7c10564a7a22430299a6023e1092de4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 2031
etag: W/"124-tdD/41RnvOWLxnIHJugTIRNX2/Q"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
cf-ray: 69557e46af835c0e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 hawtcelebs.com_responsive_h_reshorheaderdesktop Show response
live.demand.supply/cp/ 27 B
82 B 1321ms
1155ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/hawtcelebs.com_responsive_h_reshorheaderdesktop?mlos=wi&mlbr=ch&mlla=en&mlbs=67&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f7dfa73c25e5c5a7f25f0a384366d6b50521a8218bed6bf6c478fa25f52ddc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 69557e47cab15c0e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27

GET
H2 200 hawtcelebs.com_native_multi_native_home_7 Show response
live.demand.supply/cp/ 27 B
82 B 1321ms
1155ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/hawtcelebs.com_native_multi_native_home_7?mlos=wi&mlbr=ch&mlla=en&mlbs=67&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eea89623b927ab32676a6ebe2196a1a88a8fe22633a808c428a3a439967a2255

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 69557e47cabc5c0e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27

GET
H2 200 hawtcelebs.com_responsive_h_archive-3 Show response
live.demand.supply/cp/ 27 B
82 B 1318ms
1154ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/hawtcelebs.com_responsive_h_archive-3?mlos=wi&mlbr=ch&mlla=en&mlbs=67&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13f97cda275bac9b47edb02fab633b26cf684bc014e42a8e0db563910cf51518

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 69557e47cab95c0e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27

GET
H2 200 hawtcelebs.com_300x250_desno300x250 Show response
live.demand.supply/cp/ 27 B
82 B 1301ms
1151ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/hawtcelebs.com_300x250_desno300x250?mlos=wi&mlbr=ch&mlla=en&mlbs=67&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b55818d41d9ba020320cafa3a1a19a3877d8545bcd45cb10ed5fadeba3c6b35

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 69557e47caba5c0e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27

GET
H2 200 hawtcelebs.com_responsive_h_hawtfuterreshor Show response
live.demand.supply/cp/ 27 B
82 B 1300ms
1150ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/hawtcelebs.com_responsive_h_hawtfuterreshor?mlos=wi&mlbr=ch&mlla=en&mlbs=67&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c87c8abe303c3939c1db99459f44dc23bd79b71be0c9f7af139924e7fd261643

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 69557e47cab75c0e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27

GET
H2 200 hawtcelebs.com_300x600_hawt600 Show response
live.demand.supply/cp/ 26 B
84 B 1304ms
1154ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/hawtcelebs.com_300x600_hawt600?mlos=wi&mlbr=ch&mlla=en&mlbs=67&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a3bfcd4d926995d351653d6351619955ab345b3de04a848bc99e1648a4ca8eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 69557e47cab55c0e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 26

GET
H2 200 hawtcelebs.com_160x600_hawt160 Show response
live.demand.supply/cp/ 27 B
120 B 543ms
394ms XHR
text/plain 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/cp/hawtcelebs.com_160x600_hawt160?mlos=wi&mlbr=ch&mlla=en&mlbs=67&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3a04fe9f8fa57a2f381e245aa4f102e3f2d8f10f7447355d81e2c16511e01a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: private,max-age=3600
cf-ray: 69557e47cab35c0e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27

GET
H2 200 udm-r3_v2.8.1.js Show response
bid.underdog.media/ 466 KB
143 KB 93ms
9ms Script
application/javascript 2600:9000:2156:4000:5:c4ab:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/udm-r3_v2.8.1.js
Requested by: Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=6;
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4000:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec1293462e3633ffb0090e22474b0a0dab27511cd56737ec5ffa525253e1b9f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 19:37:15 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 19:25:17 GMT
server: AmazonS3
age: 414256
etag: "c5b815a1ff74b9e430a8e5d216817b8c"
x-edge-origin-shield-skipped: 0
content-type: application/javascript
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 145497
x-amz-cf-id: sF-OQRyH2_IQi7AjmvMVRQTw9HZascZj8NGt2bARjPBIydGExGmbrg==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 30ms
9ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=6;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c9d50edae9ab89f8373214510b01eb50f60e16bd5e71328173962c0e13b31c07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: gzip
etag: "dfAcRt65NMPvqdNgsZZi3w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 04 Oct 2021 14:41:30 GMT

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID
https://udmserve.net/udm/fetch.pix?dt=1;apnid=44285964100823436

43 B
593 B

225ms
142ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;apnid=44285964100823436
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:31 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:30 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 6ce30a1c-ec7f-4970-83b2-9cc4ceaf193a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://udmserve.net/udm/fetch.pix?dt=1;apnid=44285964100823436
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEZDNEQyRTItN0Q5Ri00REU0LUJFMjYtNjAzMkI2Rjg4MkU4&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OEZDNEQyRTItN0Q5Ri00REU0LUJFMjYtNjAzMkI2Rjg4MkU4&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D8FC4D2E2-7D9F-4DE4-BE26-6032B6F882E8
https://udmserve.net/udm/fetch.pix?pmid=8FC4D2E2-7D9F-4DE4-BE26-6032B6F882E8

43 B
611 B

153ms
144ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?pmid=8FC4D2E2-7D9F-4DE4-BE26-6032B6F882E8
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:31 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://udmserve.net/udm/fetch.pix?pmid=8FC4D2E2-7D9F-4DE4-BE26-6032B6F882E8
date: Mon, 27 Sep 2021 14:41:30 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 services
sync.technoratimedia.com/ 0
297 B 329ms
93ms Image
text/plain 193.122.128.135
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=54&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsncr%3D[USER_ID]
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:31 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 197084833
access-control-allow-origin: https://www.hawtcelebs.com/
access-control-allow-credentials: true

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://inv-nets.admixer.net/adxcm.aspx?ssp=F74A1705-8854-4390-959E-C24FA4349F88&rurl=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Badmix%3D%24%24visitor_cookie%24%24
https://udmserve.net/udm/fetch.pix?dt=1;admix=61d6f69ca4ef4b349258f3a57e80eda6

43 B
608 B

144ms
143ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;admix=61d6f69ca4ef4b349258f3a57e80eda6
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:32 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Date: Mon, 27 Sep 2021 14:41:31 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://udmserve.net/udm/fetch.pix?dt=1;admix=61d6f69ca4ef4b349258f3a57e80eda6
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://cs.admanmedia.com/sync/underdog?redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bacu%3D%7B%24UID%7D
https://udmserve.net/udm/fetch.pix?dt=1;acu=7a6a91335eaacbe18ba04a730019238c096cf569

43 B
614 B

177ms
142ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;acu=7a6a91335eaacbe18ba04a730019238c096cf569
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:31 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://udmserve.net/udm/fetch.pix?dt=1;acu=7a6a91335eaacbe18ba04a730019238c096cf569
Date: Mon, 27 Sep 2021 14:41:31 GMT
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
X-Frame-Options: DENY
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload

POST
H/1.1 200
OK prebid Show response
lockerdome.com/ladbid/ 11 B
431 B 464ms
114ms XHR
application/json 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/ladbid/prebid
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/dspd.13.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.hawtcelebs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 27 Sep 2021 14:41:31 GMT
Content-Encoding: gzip
P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Access-Control-Allow-Origin: https://www.hawtcelebs.com
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 31

GET img.fetch
udmserve.net/udm/ 0
0

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 18ms
18ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hawtcelebs.com_300x600_hawt600&q=17&cd=3&e=bc&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:30 GMT
cf-cache-status: HIT
age: 1439917
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e483bda5c0e-FRA

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 15ms
14ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hawtcelebs.com_300x600_hawt600&q=20&cd=3&e=bc&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:30 GMT
cf-cache-status: HIT
age: 1439917
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e483bdb5c0e-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 38ms
17ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hawtcelebs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 38ms
17ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hawtcelebs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1003 B
583 B 173ms
173ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=671257358546789&correlator=3459065181021382&output=ldjh&impl=fif&eid=31062903%2C31062346&vrg=2021091501&ptt=17&sc=1&sfv=1-0-38&ecs=20210927&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C05d68e4b-c539-4fe7-b7a0-36adfe74d624&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=ti%3D53f6a350-39ce-4048-aaf9-630c8f171eb7%26interstitials-bid%3D10%26bid-p%3Dgoogle%26bsc%3D67&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1632753690&dt=1632753690923&dlt=1632753690261&idt=408&frm=20&biw=1600&bih=1200&oid=3&adks=3396334874&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=253180117.1632753691&ga_sid=1632753691&ga_hid=1498244484&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

9da9ad3761cffd8f2aa78c1a32e970a88723c028e707f1632d53159b66a1c037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hawtcelebs.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E26C 6 KB
4 KB 61ms
15ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hawtcelebs.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 27 Sep 2021 14:41:30 GMT
expires: Tue, 27 Sep 2022 14:41:30 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2021091501.js Show response
securepubads.g.doubleclick.net/gpt/ 39 KB
14 KB 15ms
15ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021091501.js?cb=31062903

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

da6ad3edbe3f16089eb6ed4cb0355031c2ca1d19ab3bef349c0d5ddbeadc3f5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14183
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 08:39:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Sep 2021 14:41:30 GMT

GET
H2 200 rules-p-effSsmMYCbAck.js Show response
rules.quantcount.com/ 3 B
452 B 26ms
7ms Script
application/javascript 2600:9000:2156:c400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 18:13:29 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
age: 73681
x-edge-origin-shield-skipped: 0
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
content-length: 3
last-modified: Sat, 04 Mar 2017 21:04:20 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: CLf0kHHV-JjgwUfQ1a2m34ydc1BD10ZoD7eFA2syxoAvc8zztSiMIQ==

GET
H2 200 rules-p-Pz67dCqdsHfxh.js Show response
rules.quantcount.com/ 147 B
626 B 26ms
8ms Script
application/javascript 2600:9000:2156:c400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 57b7f2b2bcdd983268775ebc6ee71d208510b285d79dd058f2717248079c59d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:36:56 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
age: 275
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
content-length: 147
last-modified: Tue, 27 Apr 2021 19:10:31 GMT
server: AmazonS3
etag: "f7c84b69d3abe411fbfc06992543fbe2"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: D3SyhxOH6Wnn2hbugpMijIfnqmGt67Y7bm74L8mTAfGxE-i6kN_Lrw==

GET
H2 200 pixel;r=193302541;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=1;fpa=P0-231294886-1632753690962;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=d1dcdf1b-20210921204814;cm=;gdpr=0;ref=;d...
pixel.quantserve.com/ 35 B
371 B 15ms
14ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=193302541;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=1;fpa=P0-231294886-1632753690962;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=d1dcdf1b-20210921204814;cm=;gdpr=0;ref=;d=hawtcelebs.com;je=0;sr=1600x1200x24;dst=0;et=1632753690962;tzo=0;ogl=

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:30 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=292467758;labels=edge.1%2Csid.14863;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=0;fpa=P0-231294886-1632753690962;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=d1dcdf1b-202109...
pixel.quantserve.com/ 35 B
371 B 14ms
14ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=292467758;labels=edge.1%2Csid.14863;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=0;fpa=P0-231294886-1632753690962;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=d1dcdf1b-20210921204814;cm=;gdpr=0;ref=;d=hawtcelebs.com;je=0;sr=1600x1200x24;dst=0;et=1632753690964;tzo=0;ogl=

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:30 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 bcv1.js Show response
bid.underdog.media/ 15 KB
5 KB 8ms
8ms Script
application/x-javascript 2600:9000:2156:4000:5:c4ab:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/bcv1.js
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.8.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4000:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a87a83413c28984b0877643c9cb1b55d67002186d685c76cf2168ec8089de735

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:15:29 GMT
content-encoding: gzip
last-modified: Mon, 27 Sep 2021 14:00:04 GMT
server: AmazonS3
age: 1563
etag: "0c94f7a0589fd5d072af145ced3faadb"
x-edge-origin-shield-skipped: 0
content-type: application/x-javascript
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control: max-age=1800
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 4717
x-amz-cf-id: bU2EbZl4CMksuYlhBx5Sj5oxlKctScjTwA3Wf0THlmH1g0_YGItUPg==

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
73 B 32ms
32ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hawtcelebs.com_300x600_hawt600&q=20&m=151&sn=false&cs=149&e=br&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:31 GMT
cf-cache-status: HIT
age: 1439918
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e491e915c0e-FRA

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 15ms
14ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hawtcelebs.com_auto_interstitial_desktop&e=nai&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:31 GMT
cf-cache-status: HIT
age: 1439918
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e496f6c5c0e-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 18ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hawtcelebs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 14:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hawtcelebs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 14:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 986 B
573 B 158ms
158ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=671257358546789&correlator=3690715784187618&output=ldjh&impl=fif&eid=31062903%2C31062346&vrg=2021091501&ptt=17&sc=1&sfv=1-0-38&ecs=20210927&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C542ffbc7-3cd8-4f42-9269-0fd2787d1ee3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=ti%3D53f6a350-39ce-4048-aaf9-630c8f171eb7%26interstitials-bid%3D1%26bid-p%3Dgoogle%26bsc%3D67&eri=1&cookie=ID%3D2e3a6d588cf1e027-22bbcd4561c90063%3AT%3D1632753690%3AS%3DALNI_MZ9Dwg8-fnMMomG9nZ4E33LiIrCJw&bc=31&abxe=1&lmt=1632753691&dt=1632753691112&dlt=1632753690261&idt=408&frm=20&biw=1600&bih=1200&oid=3&adks=4148235607&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=253180117.1632753691&ga_sid=1632753691&ga_hid=1498244484&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

a28b8fde60e59180a82647be7475759d416cbbab33e8da8742bd7e11f36e2d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 544
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hawtcelebs.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 16ms
16ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hawtcelebs.com_160x600_hawt160&pdc=0.37616543769836425&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:31 GMT
cf-cache-status: HIT
age: 1439918
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e4a49aa5c0e-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hawtcelebs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 14:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
17ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hawtcelebs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 14:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 24 KB
11 KB 286ms
286ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=671257358546789&correlator=2408171528600850&output=ldjh&impl=fif&eid=31062903%2C31062346&vrg=2021091501&ptt=17&sc=1&sfv=1-0-38&ecs=20210927&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2Cc3c5bf82-582f-4a94-a645-38de142fa6ca&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&prev_scp=ti%3D53f6a350-39ce-4048-aaf9-630c8f171eb7%26bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D67&eri=1&cookie=ID%3D2e3a6d588cf1e027-22bbcd4561c90063%3AT%3D1632753690%3AS%3DALNI_MZ9Dwg8-fnMMomG9nZ4E33LiIrCJw&bc=31&abxe=1&lmt=1632753691&dt=1632753691248&dlt=1632753690261&idt=408&frm=20&biw=1600&bih=1200&oid=3&adxs=272&adys=164&adks=1836524711&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&ga_vid=253180117.1632753691&ga_sid=1632753691&ga_hid=1498244484&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

9d58dd4dd0fd612f915b5a9e63f55c3a300032204d38b0eab2e330c84a38423c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11476
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hawtcelebs.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 14ms
14ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hawtcelebs.com_auto_interstitial_desktop&e=nai&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:31 GMT
cf-cache-status: HIT
age: 1439918
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e4a7a445c0e-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hawtcelebs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 14:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hawtcelebs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 14:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 883 B
475 B 114ms
114ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=671257358546789&correlator=4353095193709288&output=ldjh&impl=fif&eid=31062903%2C31062346&vrg=2021091501&ptt=17&sc=1&sfv=1-0-38&ecs=20210927&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C42d64542-ad30-45c9-9859-6b93dc8b1e0c&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=ti%3D53f6a350-39ce-4048-aaf9-630c8f171eb7%26interstitials-bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D67&eri=1&cookie=ID%3D2e3a6d588cf1e027%3AT%3D1632753690%3AS%3DALNI_MZPm4iAaOSarLHPqjyclmPzVTtdjw&bc=31&abxe=1&lmt=1632753691&dt=1632753691280&dlt=1632753690261&idt=408&frm=20&biw=1600&bih=1200&oid=3&adks=1978351858&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=253180117.1632753691&ga_sid=1632753691&ga_hid=1498244484&ga_fc=false&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

5ad53818aa2b75dca2983ebb3e95a06d65d9e167a352a70b0e5e497b2e09b1c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 446
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hawtcelebs.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 13ms
13ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hawtcelebs.com_300x600_hawt600&q=17&m=471&sn=false&cs=149&e=br&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:31 GMT
cf-cache-status: HIT
age: 1439918
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e4b1c325c0e-FRA

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 17ms
17ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hawtcelebs.com_auto_interstitial_desktop&e=nai&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:31 GMT
cf-cache-status: HIT
age: 1439918
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e4b4cc85c0e-FRA

GET
H2 200 container.html Show response
a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ED97 6 KB
3 KB 308ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hawtcelebs.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 27 Sep 2021 14:41:30 GMT
expires: Tue, 27 Sep 2022 14:41:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 43ms
19ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a7ad5974f3d165d1a83149795afe792e241b0e6a41078c6e14bcecc5449934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27652
x-xss-protection: 0
server: sffe
etag: "1632310961004595"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Mon, 27 Sep 2021 14:41:31 GMT

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 28ms
28ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.2&b=1&r=hawtcelebs.com_160x600_hawt160&sy=c930b04b-b65e-4cc9-a8b6-938425915080&ts=67&cd=2&pud=264&pus=c&pue=1651&pid=30&pis=c&pie=1681&pdd=46&pds=c&pde=1697&psd=46&pss=c&pse=1697&ppd=357&pps=a&ppe=2008&pad=68&pas=c&pae=1722&pcl=1411&ttc=1807&tti=2662&ttif=0&lca=2008&lcak=ppe&lct=2008&lctk=ppe&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=160x600&mlbw=4g&mlcs=149&mltp=53f6a350-39ce-4048-aaf9-630c8f171eb7&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:31 GMT
cf-cache-status: HIT
age: 1439918
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e4c3f8b5c0e-FRA

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2B23 624 B
455 B 35ms
35ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXn2QIQnJvbAhiGsLOxATAB&v=APEucNWDMX30YoFQG9BEnkmcSiA2eliG9Lo_2nCFgP8Tl5OFlhAowKPaSYHtlWvOKUGeikPGixQ0UklCgqjMKXgefYnCyspB3ySMK1TRdy_RFME9wDiOiVG-zKEU0OCselMrKe2OmdBLxjrWu8zCUcrcHESpiJxeSvFiFtL5CHWTPci_Kjj-KYve95tBqj7AjS-WI4mtXSR8BL4WvNxf8izw10Aou7-ftw

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CMXn2QIQnJvbAhiGsLOxATAB&v=APEucNWDMX30YoFQG9BEnkmcSiA2eliG9Lo_2nCFgP8Tl5OFlhAowKPaSYHtlWvOKUGeikPGixQ0UklCgqjMKXgefYnCyspB3ySMK1TRdy_RFME9wDiOiVG-zKEU0OCselMrKe2OmdBLxjrWu8zCUcrcHESpiJxeSvFiFtL5CHWTPci_Kjj-KYve95tBqj7AjS-WI4mtXSR8BL4WvNxf8izw10Aou7-ftw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkPWCIDg9VzJTnZnWfuCKLqGvX7s6d5KZiGQqF1nfaRy9SKtKZbzy_iZnoOeyg; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 27 Sep 2021 14:41:31 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 27 Sep 2021 14:41:31 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame ED97 12 KB
9 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BRr5zrMPdaV6ld5nUHorhbS9rS_9nW1uqYnrFog2BBsK9wp_6-QhMqf1MKI0askgaRXVrE7gVFXLIunNIUIvxKUXqw4GTxA-p2Yqf0Lg6B1Prkls4EPz9FOx_W9YTbkRxXRI_Z4gX6SvYHkULmNpK2qHiHiA&dbm_d=AKAmf-DGDdaV27aF-JVy67G8k5AGuMdh05JxXwqc9cP3nfAMNlko0BuOpgcYESg7JhIIpT48PQima53mFDZQdjbHrq0v9l4wEEg3-f2CHWvZ09IFCvw139Pxcw4phCI1SxbXni6EfDUZak0ZCYoNr7EY5u5FG0X5I24q6bwmjNQ42J68kjOdZaf_j8OqirubFy7OFSWeoaB1braNdSdUHD9gl5XQjVMzXpWQTM61H6hAqOGJL8zy8kWKZv8oppI9SviJEf9ndkhV_6-BzqIzEjOwMXsfHTpc5Q1dt2vmQU6Q7r1-cnmeuR0MUMwoTyGppLIAB2tmcrvCy7hDNEC63pmniZ7fQwxiS9hoI1-n-nylTJcY7BF3OiHj9kWQpiMIY_BZaGnpNJlEY5J5gZsuqCh7X2TgXDAe09y-vetxy-9t_H3LlKLvFrZaZ7bdxUtyryUjMh4NM3xsJU0xE7XhuoBjf_-COgpx1E_NqzhiIfHfz2VJNB8aj-dxTbrhMyYElKWFn3leVfb4rhTkgL4i8Z_5X0vcVcVPVDfKwfR59QW1ZJN1D3LrPQ3CkwK12BsIcC9HEGFonpBdx5cSxFcw9VmfAsa2Wur9GOTxsjd0DUD1u263-uggUe5jb25a6Ifu__ROhZ6ln_mNSAISWReC_YmQxdmfnYB76Lx_dGjwtrLv4lpd58NNv-YM_U0ILdH4MqSYgiH7eM-n747WrYSqne1zprfFbdiIzM0PxDHrK9x9pYPy-mFWQkfQ-EPzZpQQnRD9Bn1IWZjmlY1gxueYsUI1mHRU8PdEIswDqWmkS52P0S0UmcFux4aISVYoWXKRPwPLPUaFR9xsC-p59ja13I55JzTbHhAfxtrQkspoZYH4aOHNDk1xCIX4hTHfyQOHV8QlWf4PVVbWP5-KOTk2xiPN7c8bYGsiqSjd3QtNZoj95dQ9-8TKZtIgpI2K2iwncAmiYw8FKeEo1w4kpCH10vdMQpBnUGbp6_PrJiQpt2-jpjZpskuUbxDFZO9C_XnjlxPY9fqvWt-zih9UOLoQy94PL3AHdtS1MFhk2dmqspjR9Od_rYnYGYyOSG5P2QOnwT9o4nz4iWgIT9LruB8VnCwMzBizmaTx12_Ju30hlCCd3hVwuB0AL7m2LaUDKrpBr6MG7TQHAHrnjZAz4TVZCxMNRddxg9BXrx1IhvKE5hW2ngNVkfMMa02s63xDEEd8fH-jc-2TauZLAjlGvEkNGjS9Jzf5ULGwb0177HP-rhPwUhQvRa8XqYJCED8w1Zz90na-veHi8Wze2J51NRsxXOMbx-aDA5Xh4q-mOon-KWxAMhgRVrQ6Hs2ZxLfHKd5YTlo9mSKCCOaJfb7839ETUhJ_4T4_FFa3EboIGsUMBelm2IVDkrT3AejJsYHml4CmmM9310q5HIXeOwng0RAtfSRxG_6DhRPZOlH7TyxF_rOtlCnIOAPLt7mx8G-QHQfKO71_hTUTPJkiC_iFyRsjV_2vUAy8US-fUhRlaNKUPTJIF6gksHUYH3OqyzXMwlVFOWBqS7vaJ2_3nrnRa-mCe9PZHkyLghp56dwSSDHaDBnFA3oAEnsKn-fxZRfaOLyRoj3qbN12zcoG6niAVgbHKfH2KJrG0UOkHzMG-dS1sSsO5QUrueK5hXe34PE95cbtJF_qfKsd03-fDiKNfyrZz76Q3xadh8JwfSVXc4psAQwNjXVyDOZYiBZjcVRJx6bZn4ioU4sxujGCxYxozbQ3wOqBFN_jnHFQTdeNDMkeO4XGNKnBbgjpG3pSzeU1cKSWzLRAyM3ABIVZXn8MrP5k-MNBlC5lIl4Ea30wMR_0fZtwBK6eBRxk3KmR3HWCEqvno61opz7kDfWH-tNcup475LnoTmm4Bmu-Ai2FW3fAgHdOvoc9_tWwwqkvr8Fd9l-UYFgCjc5eZ5L474Q7Vprv9WiecJYEpwprIkUSSHjqFBkxn6NpDTc31wWrRArMaVuS1XHNk1jsAQadC1pTD5Csl7l6eThWHrjMNja8dvsXtMAzHYWu6Lvm0CaExSQbk-bXJChGPEmc54_uSpOUPaaee0Hv05Nu86m6MC_5tFWcfBazxQ3UlqhnLIA4BzuQ3-LuHXmWC_wkNiiPJ9WZjlJ2ut1Hh1ab4iVXSj0RHOKDXvdATS9MTR61_-hDC1gTQcPID14Aoz4g_M3iu6hSRsRQmxSpVGRW4loo8fou2qriIvdXXmDJ5KEMBYMCi6DFBpMfoP5W9Lp14NJhNh4TbD8RK_J_96W43rIrhVIico6ZFati4oGCDT7820BXrudH3K6HZJIpbHSRFAnm55RS_7NVEKw79hi1nCJTyxHrNX4BflBt1zwRd6BVHy5v_TGqtdZXhCrgNT9yvg_s4qkMl9zCrbpQCVZHnoKdJSTh9OPj22NlOINHuR40t9v392DvbBTnsAuzGjwGJYCxpvNuNKMHiv29wFWgZIY69NspG3u2nO0k2udXDeUiwkgpjqhfkOoS7pl62Ug8gjMzfWI3K4p98QQ8knuf6JqYkcSW5M2uAA3cXATBt6T99Yt8PoK5ImyZrp7L8rd2rImBcy5M1WCgFlrvWkvCnsBDjp-cr-LQKlsCCRD7wrO4Qk3w7fi_3Qihj4C2XgiIS8N2hDImIKGXczipGID1aiwIyfvJuF66QwHFUJAxvvgL3X8&cid=CAASEuRoSxbQ8ZIg3QmrIsnPbBi5mQ&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef173d3f79f54261a07ace9a0a6b66d95528a8f80b2fcc54cfe875b90a8ca090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8852
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame ED97 42 B
173 B 31ms
29ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C6w0TSqgFrCQt8N4HCdYxpnxdHS5unyWCryHayw9kGpWSfk3h9PsgO9G0TdkbnyWG-b19VF2SeEY2ioBAc4wbWVIMWFnml6WnvCPSH---DEZGIhmY

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/783646/56311260/xbbe/creative/ Frame ED97 235 KB
79 KB 173ms
56ms Script
application/javascript 54.72.219.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/783646/56311260/xbbe/creative/adj?p=APEucNWCE1-MJCoDoVfdQoIZczgo1dLSA2cnepPr7V3ttSEhZ8hOe5E&d=CnkAoCZ_4GZSaXkB1_UuxP0fCqhU-h3a_PJRYmQSkwX4xL2UKcTMCey8ZNSTiYzlheeG4m14BZ-HHxAHJQxPuV_wQo_XKF5anLSaNle6DuIV3g2hSJUsRPHq25LrorXpksswRTCHm4ddF0xt5eOSHkG1zqv1COE4jGMDEukRAKAmf-AXqPmZ8jqvcYaZLFz6Fm9inYDTvQJf6k250f4nCsjdHM0rKJKVKyKieBIUi_AV8_myY1z7c8d7obw5rFpmzbh5aHPSwJCkTlgAzflW2fCyg3sgal5-HrrIYy7CNb8ca5WB4Au-Pn5At46Kw3fVZLU180ZH4m3q07HVvBkgRSojcZyRGannZd-tRDUGdcsueZtwc7fVaVUjmdiGLYX7rA_VRxdG0kS-uJeA6Y3XyXb2AF5irWmLc0nHXYCkTdghcl6W5Xf0jt-s0SzKPz_0VO-7Xl-mP5Dv9ILb_-9iv5sPyjVdjNoC2bppcTznBVxlgrPwZoKyo9Nwsmt-n4GVr538F0KopERgzI0XfanwI6UC4d9pA7Iz8DUR6dcwBSSogbXHtQnoekVaPCXP9qmSUTy0LyD4DVgM2uc4KXXHPbtm9IIhH40tEDgBqtz5Y9RGOS49KmKPDReNqb-sshbCyIDyyeyP_zh80PcXZLIrv2qjgf2Oiu8Q0riO7e8OtYQxs_5NA6bt3c0vHdmGFTgukYBTmTjBCRL_KdZZL7EhZvcKlfNc3jJk-CWTmXUkg92CjPsMvR6Tc2CPScpmOF4axPLVeS_vA3AY8XDijnvs7iT-_kjdii1jg44UrWYKG4rcHqmgEWbXpbbxx2PF18gsSaKFgbINUb-UZLzzxAOb5m6SVVbt10rNVH_jJInyElBiNgdyqgy3r9q0BdyxduBK0frtNlpy9H2xT7Lhou_k3rlpMml5nCyUu-Lp91YfB1UdEVQaML3GUKe9vXsIbVpmxoG5LqbtJ-YE2utwBYwegecs-V11mLnvKM-svpMwJz5p41iYlgExcMbXNzk2GzHBOWyEmCxtl5MC8UOCym7WGJZQ71rT_LesCtk8D4exB7rb41sRjp2kJ3xH2r3gTgKpJP0i2pdzdifkefql790WCJxXhc5bvz90gnZnN9Bt86iau7oNhNzWi_-dG1F7ZBlE9kO31MWka2RnRG-CkLHGNnS19iI0cDgCYUMy7r8A4A_NdLx1RjQOD6A_aCir7lQ3Fm2Us99q41cwm8By8ClZ4sWrrOYQyxRNAIFMgr3sd7hw8DV2Jbcd0r5vYQdt86tLP4JYzQ2pzTRAUzIY_SpBtECZfdgkTuq2GpEQFa9GEbsk-YB7iI6mv5JqkqHyQ64T02hYaHVtY1PAja0vqRDYOVl-Ayp70L264edXDAcn8n9XbMV1TNZrTBQNFleX5Zagt_mYzLC8yDJT9xawn4Q3OChnlKhDd5ejZ9p0A9U3sIsuhLjwAqKZFsVX4AOYG9NZMJJAico_owt4GEhc67urtOLE7vswLMog6hy6wf_m5LWuOnaLdCJl-Bx0XHhUfQ8a-ANLCZFdn-VHCW1wC7ynncM_A9CbJRS3zqWtbOIXuGneSQgbq-SbRtJdlO32sjYab5b8kiyxehjQ5OftT5Omj1v5W5s2YVHjuQO71LoH4HsG1SfSFnnnM0kQ3feeqXMpe41DTxVoA4uUkablAL8FVryPJG7JElf6haeAvUSjEU8-Mi3tb4JDAZETHFZAIu7ZoGiuUHeItAVDLL6ZoUDNdtCQf6tRz1UD-ZFajdIOgRTujgpvLkgmFgbIrGoa11wXLfh4Iw5xrbU6Jd4JLnmEloKC_zwDLyOzawvADv-Etj5MIan8u4PEwTXvRg1on7JAK-kwyvpBjhimwEJAUw2niVtYAUH2R1b3TzniZjclJmyklPeeKb1CnHYv6fBDhgjUNXNAmXpI7zJVOpEyRIZCJLzYSfyqdNSImDQfHnWfxJahHp9tOO5KNioolB-5bsHBMz9s4AgDHNOyfLUmRaj6-MDUgsDcww6TdLR1I_y4mstvGphaBO3Y8nkbN8Jyvvqs_ZndRByEfDG7J_w3tj6jfyIGnIVGIu_UcFfj3MIm_SZppcjZenZ9nIukouUwpg-AIGVGh-PZRvOVE04TKpiTvGc29hHm7cze43QIpU_eNfV5-s5ldrYXscCzlBPFkZzHHxuUTsXBnePZKgJW3vsDkFXDuHsxtBIeByHkt57ELrqmrNlOmUIciiLI-UO4oKi2uxkdkAj8cw_A1eOOnjjnMaFvZoKt5DaIMzUA5y6jzDkSgUTkNBmOtqiRISOfk-kGKFAmE4fgxDPxzS5o1UPFP5rAPkIogfv21hE7Ki9Aei7sNZxciLzP5--r3rhLSDr6mX-3AG9OfZk277tjxbGkAmxJ7ToQk_g96-JnQpUPWNuCTA0gn9dHVCSaQhZae7G1B0Rd0eI0zY0-ZS35LndntOVZeAqtk1s_Yakl5Sq5HeWpBXl51dyRaeBXSKFMoA8aFKcLk55JLPIrslo2P-dqN5sKXCovbkz3jp1Dr_4sExNM5tVTsXKJz-L836EDYDqYrtIKpQEOLK1UcB9qYOLVpEscIhzLUCo2C0wEuR5DGn5WUNflOMilOjPpThzw6nsO2GUOYPCH2xdMSq5zpNHQI1GcoXdKU1yfgQpDNd9xHpTjVDMLBnMZQOB9YWsu7HAGo-XAU6I36e4PCQPM2vGEmBNnJAcxyaGXrF4WM0smPy6DEDA288Kn7CN9aWTMkYdLVtZ4jhtKR-j4KM-yyh1ZcM3lTiECnQwaUKYNleW41PXM5ioktgdRm3z2TPDP5xppaU--Oi4NZhvdXe4zw7QycwSOb-x4yIa_xhSW37KhXm1YuToIpb8zl6SrEgrrcOsJ8WacUEfMuyyO-NYUt0H8qrIvdBPRxNjEFYk-aa_XbePMDxIe3LErlCgWwiVJZsKXEHsfRLgQXi8CLlo3ASHfcNBn1Jvg443BfjF4xQKdonZDnjk7IQggohrzg-Ps3Qtimh82lbPe8bUQOGRDbgjF_baCk39pZc49HSE1a4vBGHblSMpJjK1DLBUxLeP9joZ1WwbKBq63woSVEVV_NsT_umgIL8W4zB2pD3P4MXERkMbzh70tQvaPTF4dXLcxN3qBMBOCaAv48OYMV4PTztVO9nfChtf81nvoANrs2zTR0XcCE9vCFLk_rEhdBc1fI04SmjTgZ_y6ExoWCAASEuRoSxbQ8ZIg3QmrIsnPbBi5mWAB
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.219.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-219-124.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f28138f767c381797d7db85b6275e12928a427f1c6e71fe84179db520efc0f6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: gzip
x-server-name: app16.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame ED97 3 KB
1 KB 37ms
10ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 245
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:37:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ED97 128 KB
39 KB 133ms
132ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Mon, 27 Sep 2021 14:41:32 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame ED97 14 KB
7 KB 35ms
9ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 624
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:31:07 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame ED97 0
0 46ms
16ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQWnj1whzcCITPJZvv73MoigDj6DZUWFIPtHNh49o4gxPHpfkMxFbHa72KO9TshG8Z3QviVLUd-3Yq5iRtpr-zqcf_8w
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame ED97 41 KB
15 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BRr5zrMPdaV6ld5nUHorhbS9rS_9nW1uqYnrFog2BBsK9wp_6-QhMqf1MKI0askgaRXVrE7gVFXLIunNIUIvxKUXqw4GTxA-p2Yqf0Lg6B1Prkls4EPz9FOx_W9YTbkRxXRI_Z4gX6SvYHkULmNpK2qHiHiA&dbm_d=AKAmf-DGDdaV27aF-JVy67G8k5AGuMdh05JxXwqc9cP3nfAMNlko0BuOpgcYESg7JhIIpT48PQima53mFDZQdjbHrq0v9l4wEEg3-f2CHWvZ09IFCvw139Pxcw4phCI1SxbXni6EfDUZak0ZCYoNr7EY5u5FG0X5I24q6bwmjNQ42J68kjOdZaf_j8OqirubFy7OFSWeoaB1braNdSdUHD9gl5XQjVMzXpWQTM61H6hAqOGJL8zy8kWKZv8oppI9SviJEf9ndkhV_6-BzqIzEjOwMXsfHTpc5Q1dt2vmQU6Q7r1-cnmeuR0MUMwoTyGppLIAB2tmcrvCy7hDNEC63pmniZ7fQwxiS9hoI1-n-nylTJcY7BF3OiHj9kWQpiMIY_BZaGnpNJlEY5J5gZsuqCh7X2TgXDAe09y-vetxy-9t_H3LlKLvFrZaZ7bdxUtyryUjMh4NM3xsJU0xE7XhuoBjf_-COgpx1E_NqzhiIfHfz2VJNB8aj-dxTbrhMyYElKWFn3leVfb4rhTkgL4i8Z_5X0vcVcVPVDfKwfR59QW1ZJN1D3LrPQ3CkwK12BsIcC9HEGFonpBdx5cSxFcw9VmfAsa2Wur9GOTxsjd0DUD1u263-uggUe5jb25a6Ifu__ROhZ6ln_mNSAISWReC_YmQxdmfnYB76Lx_dGjwtrLv4lpd58NNv-YM_U0ILdH4MqSYgiH7eM-n747WrYSqne1zprfFbdiIzM0PxDHrK9x9pYPy-mFWQkfQ-EPzZpQQnRD9Bn1IWZjmlY1gxueYsUI1mHRU8PdEIswDqWmkS52P0S0UmcFux4aISVYoWXKRPwPLPUaFR9xsC-p59ja13I55JzTbHhAfxtrQkspoZYH4aOHNDk1xCIX4hTHfyQOHV8QlWf4PVVbWP5-KOTk2xiPN7c8bYGsiqSjd3QtNZoj95dQ9-8TKZtIgpI2K2iwncAmiYw8FKeEo1w4kpCH10vdMQpBnUGbp6_PrJiQpt2-jpjZpskuUbxDFZO9C_XnjlxPY9fqvWt-zih9UOLoQy94PL3AHdtS1MFhk2dmqspjR9Od_rYnYGYyOSG5P2QOnwT9o4nz4iWgIT9LruB8VnCwMzBizmaTx12_Ju30hlCCd3hVwuB0AL7m2LaUDKrpBr6MG7TQHAHrnjZAz4TVZCxMNRddxg9BXrx1IhvKE5hW2ngNVkfMMa02s63xDEEd8fH-jc-2TauZLAjlGvEkNGjS9Jzf5ULGwb0177HP-rhPwUhQvRa8XqYJCED8w1Zz90na-veHi8Wze2J51NRsxXOMbx-aDA5Xh4q-mOon-KWxAMhgRVrQ6Hs2ZxLfHKd5YTlo9mSKCCOaJfb7839ETUhJ_4T4_FFa3EboIGsUMBelm2IVDkrT3AejJsYHml4CmmM9310q5HIXeOwng0RAtfSRxG_6DhRPZOlH7TyxF_rOtlCnIOAPLt7mx8G-QHQfKO71_hTUTPJkiC_iFyRsjV_2vUAy8US-fUhRlaNKUPTJIF6gksHUYH3OqyzXMwlVFOWBqS7vaJ2_3nrnRa-mCe9PZHkyLghp56dwSSDHaDBnFA3oAEnsKn-fxZRfaOLyRoj3qbN12zcoG6niAVgbHKfH2KJrG0UOkHzMG-dS1sSsO5QUrueK5hXe34PE95cbtJF_qfKsd03-fDiKNfyrZz76Q3xadh8JwfSVXc4psAQwNjXVyDOZYiBZjcVRJx6bZn4ioU4sxujGCxYxozbQ3wOqBFN_jnHFQTdeNDMkeO4XGNKnBbgjpG3pSzeU1cKSWzLRAyM3ABIVZXn8MrP5k-MNBlC5lIl4Ea30wMR_0fZtwBK6eBRxk3KmR3HWCEqvno61opz7kDfWH-tNcup475LnoTmm4Bmu-Ai2FW3fAgHdOvoc9_tWwwqkvr8Fd9l-UYFgCjc5eZ5L474Q7Vprv9WiecJYEpwprIkUSSHjqFBkxn6NpDTc31wWrRArMaVuS1XHNk1jsAQadC1pTD5Csl7l6eThWHrjMNja8dvsXtMAzHYWu6Lvm0CaExSQbk-bXJChGPEmc54_uSpOUPaaee0Hv05Nu86m6MC_5tFWcfBazxQ3UlqhnLIA4BzuQ3-LuHXmWC_wkNiiPJ9WZjlJ2ut1Hh1ab4iVXSj0RHOKDXvdATS9MTR61_-hDC1gTQcPID14Aoz4g_M3iu6hSRsRQmxSpVGRW4loo8fou2qriIvdXXmDJ5KEMBYMCi6DFBpMfoP5W9Lp14NJhNh4TbD8RK_J_96W43rIrhVIico6ZFati4oGCDT7820BXrudH3K6HZJIpbHSRFAnm55RS_7NVEKw79hi1nCJTyxHrNX4BflBt1zwRd6BVHy5v_TGqtdZXhCrgNT9yvg_s4qkMl9zCrbpQCVZHnoKdJSTh9OPj22NlOINHuR40t9v392DvbBTnsAuzGjwGJYCxpvNuNKMHiv29wFWgZIY69NspG3u2nO0k2udXDeUiwkgpjqhfkOoS7pl62Ug8gjMzfWI3K4p98QQ8knuf6JqYkcSW5M2uAA3cXATBt6T99Yt8PoK5ImyZrp7L8rd2rImBcy5M1WCgFlrvWkvCnsBDjp-cr-LQKlsCCRD7wrO4Qk3w7fi_3Qihj4C2XgiIS8N2hDImIKGXczipGID1aiwIyfvJuF66QwHFUJAxvvgL3X8&cid=CAASEuRoSxbQ8ZIg3QmrIsnPbBi5mQ&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15923
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 27 Sep 2022 10:16:08 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2FF5 22 KB
8 KB 12ms
12ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 27 Sep 2021 10:27:15 GMT
expires: Tue, 27 Sep 2022 10:27:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 15256
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2B23
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_dbm=&google_tc=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=3

43 B
315 B

20ms
17ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=3
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXn2QIQnJvbAhiGsLOxATAB&v=APEucNWDMX30YoFQG9BEnkmcSiA2eliG9Lo_2nCFgP8Tl5OFlhAowKPaSYHtlWvOKUGeikPGixQ0UklCgqjMKXgefYnCyspB3ySMK1TRdy_RFME9wDiOiVG-zKEU0OCselMrKe2OmdBLxjrWu8zCUcrcHESpiJxeSvFiFtL5CHWTPci_Kjj-KYve95tBqj7AjS-WI4mtXSR8BL4WvNxf8izw10Aou7-ftw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 27 Sep 2021 14:41:32 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 287
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 2B23
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YVHYHMsF6hLiJXr1KpJ1sQAA
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm=&google_hm=YVHYHMsF6hLiJXr1KpJ1sQAA&google_tc=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=3

43 B
315 B

13ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=3
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXn2QIQnJvbAhiGsLOxATAB&v=APEucNWDMX30YoFQG9BEnkmcSiA2eliG9Lo_2nCFgP8Tl5OFlhAowKPaSYHtlWvOKUGeikPGixQ0UklCgqjMKXgefYnCyspB3ySMK1TRdy_RFME9wDiOiVG-zKEU0OCselMrKe2OmdBLxjrWu8zCUcrcHESpiJxeSvFiFtL5CHWTPci_Kjj-KYve95tBqj7AjS-WI4mtXSR8BL4WvNxf8izw10Aou7-ftw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:32 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Mon, 27 Sep 2021 14:41:32 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 287
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2B23
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm=&google_dbm=&google_tc=

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm=&google_dbm=&google_tc=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXn2QIQnJvbAhiGsLOxATAB&v=APEucNWDMX30YoFQG9BEnkmcSiA2eliG9Lo_2nCFgP8Tl5OFlhAowKPaSYHtlWvOKUGeikPGixQ0UklCgqjMKXgefYnCyspB3ySMK1TRdy_RFME9wDiOiVG-zKEU0OCselMrKe2OmdBLxjrWu8zCUcrcHESpiJxeSvFiFtL5CHWTPci_Kjj-KYve95tBqj7AjS-WI4mtXSR8BL4WvNxf8izw10Aou7-ftw

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:31 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm=&google_dbm=&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 297
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2B23
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQyODU5NjQxMDA4MjM0MzY%3D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQyODU5NjQxMDA4MjM0MzY%3D&google_tc=

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQyODU5NjQxMDA4MjM0MzY%3D&google_tc=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDQyODU5NjQxMDA4MjM0MzY%3D&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 307
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js Show response
pagead2.googlesyndication.com/bg/ Frame 2FF5 35 KB
13 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16541
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13388
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 27 Sep 2022 10:05:51 GMT

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
355 B 24ms
23ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hawtcelebs.com_300x250_desno300x250&pdc=0.30582332611083984&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:32 GMT
cf-cache-status: HIT
age: 1439919
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e4f083e5c0e-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hawtcelebs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
17ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hawtcelebs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
9 KB 322ms
322ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=671257358546789&correlator=1066732897538466&output=ldjh&impl=fif&eid=31062903%2C31062346&vrg=2021091501&ptt=17&sc=1&sfv=1-0-38&ecs=20210927&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C6fba91e9-d020-48d4-9f2a-c80c3ac58704&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=ti%3D53f6a350-39ce-4048-aaf9-630c8f171eb7%26bid%3D0.3%26bid-p%3Dgoogle%26bsc%3D67&eri=1&cookie=ID%3D2e3a6d588cf1e027%3AT%3D1632753690%3AS%3DALNI_MZPm4iAaOSarLHPqjyclmPzVTtdjw&bc=31&abxe=1&lmt=1632753692&dt=1632753692007&dlt=1632753690261&idt=408&frm=20&biw=1600&bih=1200&oid=3&adxs=1029&adys=144&adks=2407794193&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=253180117.1632753691&ga_sid=1632753691&ga_hid=1498244484&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

5bc36f1c001b69c9ae67c35a9c30d1482abc7053a889d0acc2d6a37a0260bd1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9198
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hawtcelebs.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
98 B 19ms
19ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hawtcelebs.com_responsive_h_hawtfuterreshor&pdc=0.23859710693359376&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:32 GMT
cf-cache-status: HIT
age: 1439919
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e4f18695c0e-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
9 KB 315ms
315ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=671257358546789&correlator=3312953073906131&output=ldjh&impl=fif&eid=31062903%2C31062346&vrg=2021091501&ptt=17&sc=1&sfv=1-0-38&ecs=20210927&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C562f1490-6016-470a-a15d-db024410a0f6&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x100&prev_scp=ti%3D53f6a350-39ce-4048-aaf9-630c8f171eb7%26bid%3D0.15%26bid-p%3Dgoogle%26bsc%3D67&eri=1&cookie=ID%3D2e3a6d588cf1e027%3AT%3D1632753690%3AS%3DALNI_MZPm4iAaOSarLHPqjyclmPzVTtdjw&bc=31&abxe=1&lmt=1632753692&dt=1632753692013&dlt=1632753690261&idt=408&frm=20&biw=1600&bih=1200&oid=3&adxs=252&adys=10342&adks=1420092399&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1097x0&msz=1097x0&ga_vid=253180117.1632753691&ga_sid=1632753691&ga_hid=1498244484&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

468c50db12596d6432fa396a0c544b27965c30b4a2bad3604affc31b605813b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9533
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hawtcelebs.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 18ms
18ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hawtcelebs.com_responsive_h_archive-3&pdc=0.06685696244239807&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:32 GMT
cf-cache-status: HIT
age: 1439919
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e4f28b75c0e-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 241ms
239ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=671257358546789&correlator=1099650678016410&output=ldjh&impl=fif&eid=31062903%2C31062346&vrg=2021091501&ptt=17&sc=1&sfv=1-0-38&ecs=20210927&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C78fc47f5-82d9-4372-abb6-30fb7285583d&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=570x100&prev_scp=ti%3D53f6a350-39ce-4048-aaf9-630c8f171eb7%26bid%3D0.05%26bid-p%3Dgoogle%26bsc%3D67&eri=1&cookie=ID%3D2e3a6d588cf1e027%3AT%3D1632753690%3AS%3DALNI_MZPm4iAaOSarLHPqjyclmPzVTtdjw&bc=31&abxe=1&lmt=1632753692&dt=1632753692024&dlt=1632753690261&idt=408&frm=20&biw=1600&bih=1200&oid=3&adxs=432&adys=3136&adks=2783878407&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=577x0&msz=577x0&ga_vid=253180117.1632753691&ga_sid=1632753691&ga_hid=1498244484&ga_fc=false&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

b60d50a83cec93bcbec072b1485c0436f93de086b4f481ee374ccfea478dbf29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10696
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hawtcelebs.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 22ms
21ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hawtcelebs.com_300x600_hawt600&pdc=0.3255579471588135&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:32 GMT
cf-cache-status: HIT
age: 1439919
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e4f390f5c0e-FRA

POST
H/1.1 200
OK prebid Show response
lockerdome.com/ladbid/ 11 B
431 B 113ms
113ms XHR
application/json 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/ladbid/prebid
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/dspd.13.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.hawtcelebs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 27 Sep 2021 14:41:32 GMT
Content-Encoding: gzip
P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Access-Control-Allow-Origin: https://www.hawtcelebs.com
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 31

GET img.fetch
udmserve.net/udm/ 0
0

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 40ms
40ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hawtcelebs.com_300x600_hawt600&q=17&cd=3&e=bc&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:32 GMT
cf-cache-status: HIT
age: 1439919
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e4f39165c0e-FRA

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 18ms
18ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hawtcelebs.com_300x600_hawt600&q=20&cd=3&e=bc&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:32 GMT
cf-cache-status: HIT
age: 1439919
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e4f391a5c0e-FRA

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 15ms
15ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hawtcelebs.com_responsive_h_reshorheaderdesktop&pdc=0.40465841293334964&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:32 GMT
cf-cache-status: HIT
age: 1439919
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e4f391c5c0e-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
10 KB 308ms
308ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=671257358546789&correlator=1297934896740595&output=ldjh&impl=fif&eid=31062903%2C31062346&vrg=2021091501&ptt=17&sc=1&sfv=1-0-38&ecs=20210927&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2Ca99eb8c1-35d8-42b2-8558-c3e0cb993d80&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1024x100&prev_scp=ti%3D53f6a350-39ce-4048-aaf9-630c8f171eb7%26bid%3D0.15%26bid-p%3Dgoogle%26bsc%3D67&eri=1&cookie=ID%3D2e3a6d588cf1e027%3AT%3D1632753690%3AS%3DALNI_MZPm4iAaOSarLHPqjyclmPzVTtdjw&bc=31&abxe=1&lmt=1632753692&dt=1632753692038&dlt=1632753690261&idt=408&frm=20&biw=1600&bih=1200&oid=3&adxs=252&adys=120&adks=1111361213&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1097x0&msz=1097x0&ga_vid=253180117.1632753691&ga_sid=1632753691&ga_hid=1498244484&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

5061e86a233a27f7c767268b3ebf6de658f0ee8ef927741e92de944a1cda0e5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9813
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hawtcelebs.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 36ms
36ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hawtcelebs.com_native_multi_native_home_7&pdc=0.34482380747795105&ucv=005099&e=tcp&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:32 GMT
cf-cache-status: HIT
age: 1439919
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e4f49505c0e-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 109 KB
32 KB 491ms
491ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=671257358546789&correlator=534848464033317&output=ldjh&impl=fif&eid=31062903%2C31062346&vrg=2021091501&ptt=17&sc=1&sfv=1-0-38&ecs=20210927&iu_parts=44890869%3A3968751%2Cnative-multi%2C73c4dd7e-b16a-4678-86a9-98e3e238bb57&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50&fluid=height&prev_scp=ti%3D53f6a350-39ce-4048-aaf9-630c8f171eb7%26bid%3D0.03%26bid-p%3Dgoogle%26bsc%3D67%26format%3Dmulti-native&eri=1&cookie=ID%3D2e3a6d588cf1e027%3AT%3D1632753690%3AS%3DALNI_MZPm4iAaOSarLHPqjyclmPzVTtdjw&bc=31&abxe=1&lmt=1632753692&dt=1632753692043&dlt=1632753690261&idt=408&frm=20&biw=1600&bih=1200&oid=3&adxs=432&adys=7232&adks=2310108942&ucis=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=577x0&msz=577x0&ga_vid=253180117.1632753691&ga_sid=1632753691&ga_hid=1498244484&ga_fc=false&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

b988618d788eef8dc0a561e9d45aacb95b3659aa23e3caca79f24d8221982d1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32825
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hawtcelebs.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame ED97
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/783646/56311260/xbbe/creative/adj?p=APEucNWCE1-MJCoDoVfdQoIZczgo1dLSA2cnepPr7V3ttSEhZ8hOe5E&d=CnkAoCZ_4GZSaXkB1_UuxP0fCqhU-h3a_PJRYmQSkwX4xL2UKcTMCey8ZNSTiYzl...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWCE1-MJCoDoVfdQoIZczgo1dLSA2cnepPr7V3ttSEhZ8hOe5E&d=CnkAoCZ_4GZSaXkB1_UuxP0fCqhU-h3a_PJRYmQSkwX4xL2UKcTMCey8ZNSTiYzlheeG4m14BZ-HHxAHJQxPuV_wQ...

65 KB
20 KB

106ms
53ms

Script
text/javascript

74.125.140.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWCE1-MJCoDoVfdQoIZczgo1dLSA2cnepPr7V3ttSEhZ8hOe5E&d=CnkAoCZ_4GZSaXkB1_UuxP0fCqhU-h3a_PJRYmQSkwX4xL2UKcTMCey8ZNSTiYzlheeG4m14BZ-HHxAHJQxPuV_wQo_XKF5anLSaNle6DuIV3g2hSJUsRPHq25LrorXpksswRTCHm4ddF0xt5eOSHkG1zqv1COE4jGMDEukRAKAmf-AXqPmZ8jqvcYaZLFz6Fm9inYDTvQJf6k250f4nCsjdHM0rKJKVKyKieBIUi_AV8_myY1z7c8d7obw5rFpmzbh5aHPSwJCkTlgAzflW2fCyg3sgal5-HrrIYy7CNb8ca5WB4Au-Pn5At46Kw3fVZLU180ZH4m3q07HVvBkgRSojcZyRGannZd-tRDUGdcsueZtwc7fVaVUjmdiGLYX7rA_VRxdG0kS-uJeA6Y3XyXb2AF5irWmLc0nHXYCkTdghcl6W5Xf0jt-s0SzKPz_0VO-7Xl-mP5Dv9ILb_-9iv5sPyjVdjNoC2bppcTznBVxlgrPwZoKyo9Nwsmt-n4GVr538F0KopERgzI0XfanwI6UC4d9pA7Iz8DUR6dcwBSSogbXHtQnoekVaPCXP9qmSUTy0LyD4DVgM2uc4KXXHPbtm9IIhH40tEDgBqtz5Y9RGOS49KmKPDReNqb-sshbCyIDyyeyP_zh80PcXZLIrv2qjgf2Oiu8Q0riO7e8OtYQxs_5NA6bt3c0vHdmGFTgukYBTmTjBCRL_KdZZL7EhZvcKlfNc3jJk-CWTmXUkg92CjPsMvR6Tc2CPScpmOF4axPLVeS_vA3AY8XDijnvs7iT-_kjdii1jg44UrWYKG4rcHqmgEWbXpbbxx2PF18gsSaKFgbINUb-UZLzzxAOb5m6SVVbt10rNVH_jJInyElBiNgdyqgy3r9q0BdyxduBK0frtNlpy9H2xT7Lhou_k3rlpMml5nCyUu-Lp91YfB1UdEVQaML3GUKe9vXsIbVpmxoG5LqbtJ-YE2utwBYwegecs-V11mLnvKM-svpMwJz5p41iYlgExcMbXNzk2GzHBOWyEmCxtl5MC8UOCym7WGJZQ71rT_LesCtk8D4exB7rb41sRjp2kJ3xH2r3gTgKpJP0i2pdzdifkefql790WCJxXhc5bvz90gnZnN9Bt86iau7oNhNzWi_-dG1F7ZBlE9kO31MWka2RnRG-CkLHGNnS19iI0cDgCYUMy7r8A4A_NdLx1RjQOD6A_aCir7lQ3Fm2Us99q41cwm8By8ClZ4sWrrOYQyxRNAIFMgr3sd7hw8DV2Jbcd0r5vYQdt86tLP4JYzQ2pzTRAUzIY_SpBtECZfdgkTuq2GpEQFa9GEbsk-YB7iI6mv5JqkqHyQ64T02hYaHVtY1PAja0vqRDYOVl-Ayp70L264edXDAcn8n9XbMV1TNZrTBQNFleX5Zagt_mYzLC8yDJT9xawn4Q3OChnlKhDd5ejZ9p0A9U3sIsuhLjwAqKZFsVX4AOYG9NZMJJAico_owt4GEhc67urtOLE7vswLMog6hy6wf_m5LWuOnaLdCJl-Bx0XHhUfQ8a-ANLCZFdn-VHCW1wC7ynncM_A9CbJRS3zqWtbOIXuGneSQgbq-SbRtJdlO32sjYab5b8kiyxehjQ5OftT5Omj1v5W5s2YVHjuQO71LoH4HsG1SfSFnnnM0kQ3feeqXMpe41DTxVoA4uUkablAL8FVryPJG7JElf6haeAvUSjEU8-Mi3tb4JDAZETHFZAIu7ZoGiuUHeItAVDLL6ZoUDNdtCQf6tRz1UD-ZFajdIOgRTujgpvLkgmFgbIrGoa11wXLfh4Iw5xrbU6Jd4JLnmEloKC_zwDLyOzawvADv-Etj5MIan8u4PEwTXvRg1on7JAK-kwyvpBjhimwEJAUw2niVtYAUH2R1b3TzniZjclJmyklPeeKb1CnHYv6fBDhgjUNXNAmXpI7zJVOpEyRIZCJLzYSfyqdNSImDQfHnWfxJahHp9tOO5KNioolB-5bsHBMz9s4AgDHNOyfLUmRaj6-MDUgsDcww6TdLR1I_y4mstvGphaBO3Y8nkbN8Jyvvqs_ZndRByEfDG7J_w3tj6jfyIGnIVGIu_UcFfj3MIm_SZppcjZenZ9nIukouUwpg-AIGVGh-PZRvOVE04TKpiTvGc29hHm7cze43QIpU_eNfV5-s5ldrYXscCzlBPFkZzHHxuUTsXBnePZKgJW3vsDkFXDuHsxtBIeByHkt57ELrqmrNlOmUIciiLI-UO4oKi2uxkdkAj8cw_A1eOOnjjnMaFvZoKt5DaIMzUA5y6jzDkSgUTkNBmOtqiRISOfk-kGKFAmE4fgxDPxzS5o1UPFP5rAPkIogfv21hE7Ki9Aei7sNZxciLzP5--r3rhLSDr6mX-3AG9OfZk277tjxbGkAmxJ7ToQk_g96-JnQpUPWNuCTA0gn9dHVCSaQhZae7G1B0Rd0eI0zY0-ZS35LndntOVZeAqtk1s_Yakl5Sq5HeWpBXl51dyRaeBXSKFMoA8aFKcLk55JLPIrslo2P-dqN5sKXCovbkz3jp1Dr_4sExNM5tVTsXKJz-L836EDYDqYrtIKpQEOLK1UcB9qYOLVpEscIhzLUCo2C0wEuR5DGn5WUNflOMilOjPpThzw6nsO2GUOYPCH2xdMSq5zpNHQI1GcoXdKU1yfgQpDNd9xHpTjVDMLBnMZQOB9YWsu7HAGo-XAU6I36e4PCQPM2vGEmBNnJAcxyaGXrF4WM0smPy6DEDA288Kn7CN9aWTMkYdLVtZ4jhtKR-j4KM-yyh1ZcM3lTiECnQwaUKYNleW41PXM5ioktgdRm3z2TPDP5xppaU--Oi4NZhvdXe4zw7QycwSOb-x4yIa_xhSW37KhXm1YuToIpb8zl6SrEgrrcOsJ8WacUEfMuyyO-NYUt0H8qrIvdBPRxNjEFYk-aa_XbePMDxIe3LErlCgWwiVJZsKXEHsfRLgQXi8CLlo3ASHfcNBn1Jvg443BfjF4xQKdonZDnjk7IQggohrzg-Ps3Qtimh82lbPe8bUQOGRDbgjF_baCk39pZc49HSE1a4vBGHblSMpJjK1DLBUxLeP9joZ1WwbKBq63woSVEVV_NsT_umgIL8W4zB2pD3P4MXERkMbzh70tQvaPTF4dXLcxN3qBMBOCaAv48OYMV4PTztVO9nfChtf81nvoANrs2zTR0XcCE9vCFLk_rEhdBc1fI04SmjTgZ_y6ExoWCAASEuRoSxbQ8ZIg3QmrIsnPbBi5mWAB

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f154.1e100.net

Software

cafe /

Resource Hash

e4cbdd1a94705900363b58e97da4c17262ab388e028de80a507cbd1dab045b39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20232
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
x-server-name: app24.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNWCE1-MJCoDoVfdQoIZczgo1dLSA2cnepPr7V3ttSEhZ8hOe5E&d=CnkAoCZ_4GZSaXkB1_UuxP0fCqhU-h3a_PJRYmQSkwX4xL2UKcTMCey8ZNSTiYzlheeG4m14BZ-HHxAHJQxPuV_wQo_XKF5anLSaNle6DuIV3g2hSJUsRPHq25LrorXpksswRTCHm4ddF0xt5eOSHkG1zqv1COE4jGMDEukRAKAmf-AXqPmZ8jqvcYaZLFz6Fm9inYDTvQJf6k250f4nCsjdHM0rKJKVKyKieBIUi_AV8_myY1z7c8d7obw5rFpmzbh5aHPSwJCkTlgAzflW2fCyg3sgal5-HrrIYy7CNb8ca5WB4Au-Pn5At46Kw3fVZLU180ZH4m3q07HVvBkgRSojcZyRGannZd-tRDUGdcsueZtwc7fVaVUjmdiGLYX7rA_VRxdG0kS-uJeA6Y3XyXb2AF5irWmLc0nHXYCkTdghcl6W5Xf0jt-s0SzKPz_0VO-7Xl-mP5Dv9ILb_-9iv5sPyjVdjNoC2bppcTznBVxlgrPwZoKyo9Nwsmt-n4GVr538F0KopERgzI0XfanwI6UC4d9pA7Iz8DUR6dcwBSSogbXHtQnoekVaPCXP9qmSUTy0LyD4DVgM2uc4KXXHPbtm9IIhH40tEDgBqtz5Y9RGOS49KmKPDReNqb-sshbCyIDyyeyP_zh80PcXZLIrv2qjgf2Oiu8Q0riO7e8OtYQxs_5NA6bt3c0vHdmGFTgukYBTmTjBCRL_KdZZL7EhZvcKlfNc3jJk-CWTmXUkg92CjPsMvR6Tc2CPScpmOF4axPLVeS_vA3AY8XDijnvs7iT-_kjdii1jg44UrWYKG4rcHqmgEWbXpbbxx2PF18gsSaKFgbINUb-UZLzzxAOb5m6SVVbt10rNVH_jJInyElBiNgdyqgy3r9q0BdyxduBK0frtNlpy9H2xT7Lhou_k3rlpMml5nCyUu-Lp91YfB1UdEVQaML3GUKe9vXsIbVpmxoG5LqbtJ-YE2utwBYwegecs-V11mLnvKM-svpMwJz5p41iYlgExcMbXNzk2GzHBOWyEmCxtl5MC8UOCym7WGJZQ71rT_LesCtk8D4exB7rb41sRjp2kJ3xH2r3gTgKpJP0i2pdzdifkefql790WCJxXhc5bvz90gnZnN9Bt86iau7oNhNzWi_-dG1F7ZBlE9kO31MWka2RnRG-CkLHGNnS19iI0cDgCYUMy7r8A4A_NdLx1RjQOD6A_aCir7lQ3Fm2Us99q41cwm8By8ClZ4sWrrOYQyxRNAIFMgr3sd7hw8DV2Jbcd0r5vYQdt86tLP4JYzQ2pzTRAUzIY_SpBtECZfdgkTuq2GpEQFa9GEbsk-YB7iI6mv5JqkqHyQ64T02hYaHVtY1PAja0vqRDYOVl-Ayp70L264edXDAcn8n9XbMV1TNZrTBQNFleX5Zagt_mYzLC8yDJT9xawn4Q3OChnlKhDd5ejZ9p0A9U3sIsuhLjwAqKZFsVX4AOYG9NZMJJAico_owt4GEhc67urtOLE7vswLMog6hy6wf_m5LWuOnaLdCJl-Bx0XHhUfQ8a-ANLCZFdn-VHCW1wC7ynncM_A9CbJRS3zqWtbOIXuGneSQgbq-SbRtJdlO32sjYab5b8kiyxehjQ5OftT5Omj1v5W5s2YVHjuQO71LoH4HsG1SfSFnnnM0kQ3feeqXMpe41DTxVoA4uUkablAL8FVryPJG7JElf6haeAvUSjEU8-Mi3tb4JDAZETHFZAIu7ZoGiuUHeItAVDLL6ZoUDNdtCQf6tRz1UD-ZFajdIOgRTujgpvLkgmFgbIrGoa11wXLfh4Iw5xrbU6Jd4JLnmEloKC_zwDLyOzawvADv-Etj5MIan8u4PEwTXvRg1on7JAK-kwyvpBjhimwEJAUw2niVtYAUH2R1b3TzniZjclJmyklPeeKb1CnHYv6fBDhgjUNXNAmXpI7zJVOpEyRIZCJLzYSfyqdNSImDQfHnWfxJahHp9tOO5KNioolB-5bsHBMz9s4AgDHNOyfLUmRaj6-MDUgsDcww6TdLR1I_y4mstvGphaBO3Y8nkbN8Jyvvqs_ZndRByEfDG7J_w3tj6jfyIGnIVGIu_UcFfj3MIm_SZppcjZenZ9nIukouUwpg-AIGVGh-PZRvOVE04TKpiTvGc29hHm7cze43QIpU_eNfV5-s5ldrYXscCzlBPFkZzHHxuUTsXBnePZKgJW3vsDkFXDuHsxtBIeByHkt57ELrqmrNlOmUIciiLI-UO4oKi2uxkdkAj8cw_A1eOOnjjnMaFvZoKt5DaIMzUA5y6jzDkSgUTkNBmOtqiRISOfk-kGKFAmE4fgxDPxzS5o1UPFP5rAPkIogfv21hE7Ki9Aei7sNZxciLzP5--r3rhLSDr6mX-3AG9OfZk277tjxbGkAmxJ7ToQk_g96-JnQpUPWNuCTA0gn9dHVCSaQhZae7G1B0Rd0eI0zY0-ZS35LndntOVZeAqtk1s_Yakl5Sq5HeWpBXl51dyRaeBXSKFMoA8aFKcLk55JLPIrslo2P-dqN5sKXCovbkz3jp1Dr_4sExNM5tVTsXKJz-L836EDYDqYrtIKpQEOLK1UcB9qYOLVpEscIhzLUCo2C0wEuR5DGn5WUNflOMilOjPpThzw6nsO2GUOYPCH2xdMSq5zpNHQI1GcoXdKU1yfgQpDNd9xHpTjVDMLBnMZQOB9YWsu7HAGo-XAU6I36e4PCQPM2vGEmBNnJAcxyaGXrF4WM0smPy6DEDA288Kn7CN9aWTMkYdLVtZ4jhtKR-j4KM-yyh1ZcM3lTiECnQwaUKYNleW41PXM5ioktgdRm3z2TPDP5xppaU--Oi4NZhvdXe4zw7QycwSOb-x4yIa_xhSW37KhXm1YuToIpb8zl6SrEgrrcOsJ8WacUEfMuyyO-NYUt0H8qrIvdBPRxNjEFYk-aa_XbePMDxIe3LErlCgWwiVJZsKXEHsfRLgQXi8CLlo3ASHfcNBn1Jvg443BfjF4xQKdonZDnjk7IQggohrzg-Ps3Qtimh82lbPe8bUQOGRDbgjF_baCk39pZc49HSE1a4vBGHblSMpJjK1DLBUxLeP9joZ1WwbKBq63woSVEVV_NsT_umgIL8W4zB2pD3P4MXERkMbzh70tQvaPTF4dXLcxN3qBMBOCaAv48OYMV4PTztVO9nfChtf81nvoANrs2zTR0XcCE9vCFLk_rEhdBc1fI04SmjTgZ_y6ExoWCAASEuRoSxbQ8ZIg3QmrIsnPbBi5mWAB
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 1122 80 KB
21 KB 672ms
311ms Script
application/javascript 54.218.137.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.218.137.60 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-218-137-60.us-west-2.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: nginx/1.16.1
age: 1733836
etag: W/"9304f57298c3834ff107ea7ccb547996"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 dt
dt.adsafeprotected.com/ Frame ED97 43 B
215 B 324ms
91ms Image
image/gif 3.212.141.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=783646&asId=70d1aa1f-585c-b93b-929f-b574a3fe684a&tv=%7Bc:pqtjxa,pingTime:-3,time:42,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:15%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:42,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B36~0%5D,as:%5B36~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sKdS65k+11%7C12%7C13*.783646-56311260%7C131%7C1321%7C14,idMap:13*,rmeas:1,rend:0,renddet:IMG.us%7D&br=c
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.141.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-141-148.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame ED97 43 B
215 B 322ms
91ms Image
image/gif 3.212.141.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=783646&asId=70d1aa1f-585c-b93b-929f-b574a3fe684a&tv=%7Bc:pqtjxb,pingTime:-6,time:43,type:i,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:43,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B37~0%5D,as:%5B37~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sKdS65k+11%7C12%7C13*.783646-56311260%7C131%7C1321%7C14,idMap:13*,rmeas:1,rend:0,renddet:IMG.us%7D&tpiLookup=ao:www.hawtcelebs.com*&br=c
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.141.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-141-148.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 18ms
18ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hawtcelebs.com_300x600_hawt600&q=17&m=116&sn=false&cs=149&e=br&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:32 GMT
cf-cache-status: HIT
age: 1439919
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e4feb595c0e-FRA

GET
H2 200 dt
dt.adsafeprotected.com/ Frame ED97 43 B
216 B 312ms
91ms Image
image/gif 3.212.141.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=783646&asId=70d1aa1f-585c-b93b-929f-b574a3fe684a&tv=%7Bc:pqtjxm,pingTime:-2,time:54,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:550,beZ:551,mfA:553,cmA:554,inA:554,inZ:558,prA:558,prZ:561,si:566,poA:567,poZ:584,cmZ:584,mfZ:584,loA:593,loZ:595,ltA:603,ltZ:604%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:15%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:54,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B48~0%5D,as:%5B48~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sKdS65k+11%7C12%7C13*.783646-56311260%7C131%7C1321%7C14,idMap:13*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:IMG.us,sinceFw:37,readyFired:false%7D&br=c
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.141.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-141-148.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 23ms
23ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?r=hawtcelebs.com_300x600_hawt600&q=20&m=153&sn=false&cs=149&e=br&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:32 GMT
cf-cache-status: HIT
age: 1439919
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e502bf85c0e-FRA

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.hawtcelebs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
17ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.hawtcelebs.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
9 KB 326ms
326ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=671257358546789&correlator=4355306483742141&output=ldjh&impl=fif&eid=31062903%2C31062346&vrg=2021091501&ptt=17&sc=1&sfv=1-0-38&ecs=20210927&iu_parts=44890869%3A3968751%2Cca-pub-3831894559014614-tag%2C6d45db18-88d7-43aa-be47-7fd2da06cb7e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&prev_scp=ti%3D53f6a350-39ce-4048-aaf9-630c8f171eb7%26bid%3D0.2%26bid-p%3Dgoogle%26bsc%3D67&eri=1&cookie=ID%3D2e3a6d588cf1e027%3AT%3D1632753690%3AS%3DALNI_MZPm4iAaOSarLHPqjyclmPzVTtdjw&bc=31&abxe=1&lmt=1632753692&dt=1632753692186&dlt=1632753690261&idt=408&frm=20&biw=1600&bih=1200&oid=3&adxs=1029&adys=524&adks=1734423329&ucis=a&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=253180117.1632753691&ga_sid=1632753691&ga_hid=1498244484&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

aa5bf6f5ab011dd415825f4de61175938a46803fd3daa6e473dffbdf9478abcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9326
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.hawtcelebs.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2FF5 0
58 B 30ms
30ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9ujnG9hRYbKCN8TP7_UPh9GAoAsAAAAAOAHgBAI&bg=!WVqlWh7NAAZNQyuQTUM7ACkAdvg8WnMoOUAdBQree0kEo9PAxzUdM7uCgfVntNsn8IYWKQM4LaedUgIAAACIUgAAAAtoAQeZAxPPZNkvEN4NAnsi_rLTmQEEgRaWXU8B29gVUkC5yEeRnyEMgGWNj3VVStXNQHZs5wzG7tP-zYXilHVvCBTYmnVuUtAVhOabqGGfficIhbSyB8icxPk4QWHoP_S3IxRzg35Km2CqJr0EqhQ0ka3XIcV47N7HuYSNKFsAr7tsls3T1wZRayX_EH2_5De6YCxlBCNv3u26xHZVhfAfcrFLasPa6sEWZ-1zEwA7CIGEfKY-gChqAA2XwrM6LGyY7DASkgo6aHHtKQMgxS3Z186lBbIzbPQ5GWKAp3n8x81tcS2lceRfn6UnCL6xchyWPhuArTAukActMdeBdFPNBa8UCQolVoPs5wYKlly7DLaLwWVYF6JZRIelZR6-nl64ed0OL8Yb6AtixCeQWMw-1Q7j-Pj1HjVMJAYd0y4mtAJzpDdAmaV2nO1yEPSngjBILADPbvP6pZXBJkD0HLjMA9lfMm9AgDUMMKJMWimJiSQLN29ty-RNROhYLbjlut5-eA-SKg9fj4TKTX1q829ICpYjAoruaWfleudkopE3GlHYa2zyQMPEjhq92WxXtY9Qbiq-jlrRJ5LQp5bwX3UATqRqtKnOMcbn4D027t7kKv4cVgEbgRy2K2VaIvwdKeDT_vluRMheEMYZAPMELCOz-OSlB2d14FgFUgOdIS25gclSubRiljSMPNQ5ZcBXffo65Wm3h6ZPFfEaJtv3lugoxdAfzCtfinZ8bUXaTqisCV1rcPwEf5iYZG1xhVPVO0J7Hl6KLi056gNRh-T8op22zt-MUGNYhRdXm_txkT75jLXvAeZeDGvn7lVFqCIyNLNXe_7S7l09-6lEUVIdQGD4PgzQrxMVuKU3Ho8K5GthNpzI1jSG_dRmHdCjpNiAEFI94WMl6tiqRQjmQTsgUalx8D1tmI5XjjBzGTT43WqSs-BrfHYxzffNRK7BwThk3d6QHBwQpbULZ0fCBatYkIDUJ8qx2ijGqSHgmO7lelR4CNRCdfmkzBprTcznje83wFyHpfaX_TtqLCiZY9e96bSN7a7e8HsOB9YF

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0DF9 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hawtcelebs.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 27 Sep 2021 14:41:30 GMT
expires: Tue, 27 Sep 2022 14:41:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 14ms
14ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.05&b=2&r=hawtcelebs.com_responsive_h_archive-3&sy=c930b04b-b65e-4cc9-a8b6-938425915080&ts=67&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=570x100&mlbw=4g&mlcs=149&mltp=53f6a350-39ce-4048-aaf9-630c8f171eb7&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:32 GMT
cf-cache-status: HIT
age: 1439919
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e50cdd05c0e-FRA

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A50E 640 B
363 B 37ms
36ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiZ88K0ATAB&v=APEucNV73rK-G3AQDbs_4kqnaAvWx-jGly4xcmwaNIREu47BeQTIklOKSDNYdfAXqOW2bpIgQ4DXQr8bz6X1tFdmZUgbPYGWPQIO-L_qUEEodV8Uy6edxxbe6NMNwItO2B7jBb4_5VjdQT8e8rNIXc8eHmfKW_Yw2zMwoSuHeuD5eq0a316JdJY0uXB-3cICTSx0Sm0oMQei7csvgrDA4SLVK2LrG3lpZg

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPvjgQEQ_aOOARiZ88K0ATAB&v=APEucNV73rK-G3AQDbs_4kqnaAvWx-jGly4xcmwaNIREu47BeQTIklOKSDNYdfAXqOW2bpIgQ4DXQr8bz6X1tFdmZUgbPYGWPQIO-L_qUEEodV8Uy6edxxbe6NMNwItO2B7jBb4_5VjdQT8e8rNIXc8eHmfKW_Yw2zMwoSuHeuD5eq0a316JdJY0uXB-3cICTSx0Sm0oMQei7csvgrDA4SLVK2LrG3lpZg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkPWCIDg9VzJTnZnWfuCKLqGvX7s6d5KZiGQqF1nfaRy9SKtKZbzy_iZnoOeyg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 27 Sep 2021 14:41:32 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 63E1 77 KB
29 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CkxuaGmKLkPqcJFlZZmGeJ3D75BE_d1klBVuIP48VWSJNOGSt0XEEU5NPrBjzqyU6OZhcJa2wA3n2WmzTtEdquxyodmFOCmRCxG-YZFlJEsmgAPkQ7jLwYpGwVxpFtWP-MTc28KJ3hAkO1ZbKc9H2Dh5PahA&dbm_d=AKAmf-D9VlTYCQOmG1T4slbu98wpxA_wNXTMD5T-h-s7iytditSwxF-s3xZihyq8nV6m_3oLenJEhSkG9UGx9hx2szFD9mDBGgmq-lUoKZsVONmUlVvF3bVG0qRjL0ANutWZD33oT3VfhZVOeabZ8ojMMXblk9HFEYgqDrw4sg3QvLFJlF0KfCuLGXp509py-YpenEUkLSBM_mzXHs1Z_fyPXIDJC5sUmex8j7lgTj3pBnm_uv3QtqJ-p3Ymda6DI5FTfp3EBoVHw66-rk6UK-SqubmK13rVAYWKKp-gD9j1Jg-JCfFA2GXFCLT9lkQ74PBSxvjIw0SpmLkWNgT9NFYMLrZ3o1KooTOnNooTDkzeiehKqXd5L5NjslfJwpa4SsSAEucepqm_Nt_6jNyg31skIEj3VQV7SDFeEs6-znYe2wlFzMWNJDuzhWsE7NEEYsoKj1pU5l-B8n5_SUnBXlRaVgRi8FTzO6ajvK1kfv1Usc7jkryEC0X9UOYY6Clp91683dCisFyQFC4N965JQxuffIU5lm0bGFFB8ZperbWabgomPDjYKfZUrm07TEEc7_3a8AHjcu1vCkFzecqSwr1NQBil_ca6i00FvnysZ3oS0KLz5WvbsS9rnHpWuS7uqG-7AvtS-EzPtr_1rC4tXuF7uh66MoaBYI4Fc0tXH0_w6O4gEgSsikvzQNnnEUTVWw6hJdEI8RR9crGPgoLVH543MA_PUvkwKfqgLjF8i3m0eRizc80zIJ8fVSpr8W2mrrX5L70A43rx9oivqfL_CL71qi1CsbQeKBCYO6AvoamGedEloVW5j6ryszAfX4MaCHWkoVr7PkW4tKklOm7i1DKHp2UCoQEl8aJJaXCtHPWFLd2iz7icIIATOH3hr7ei3pWG8xegHhes4hMjIzLUt0yh3D3pbxeHBJ_6GUk0Ec7ZuWMD-WPnABgKeJbqnx6cfmbUhONyy8fcA6Shbu8pWh1J_FlW0R3Sbeh5z33vFgS6xeZytZXEaM2rverLXSdmT_NqHAitPZg6c4QROqCFdkKzhAwRdMaDWjX9cMMMhg5p7R7pDNzvZ_x5PdvFyj4X3IuV643BI2Ye1PSJoJLTywkfglrjwbIwhQlFTEd5RB5H63novX6ABqZFJxZFIYNBN4uWY7C52fnCuxUR7_VhMZ9z9u3_FrW1aqZgXcHJzlTtC3weqVBsI-6dodpgCToaPnW7VaDICswZ1XIzS4g1Di9AIGGWpOn-ez7duDuB71ELCfwzPMKItEVu0br6vkeC9viyibhxlGtgjpptW1XiOjQWmHUGZ-SYKiA0HOmNul46Wdf8E2ZGmAyixXWFSqp0qp5YQYp_yu95q9MmWpXEZwx-s4WC2ItMr7cx9REOY92b9CCrIyiObRyXWyBBpvpgdTKK5Ybc8ZMXR0IC1Uo_SdHlCHAUBQ3xQ4nwiKnIqssVwe-kcv5XEpmd8GNQus_0Wp42-YFrX_Z7Nu0v2DqR15jc2P8WEjUulRuXHOqvBvojj79TK8cSVT-KlFG7P5rm-NFPsha4ElGRTxsZ1YqHPh4SsSeHjDKoJ6vOEAFjh9CrDx6C3SegHgnp-GMqgC4NkQn4Q1CUyi3AspcL3mA6dOTjChwdEAeW3UExu0mPIyGuVOVOySKk7nidXhowMYVO4s7hPZTIEOH4y_LWu0WRBN4bATohlJTSsGNllSNlcjJ-hp9gwjkR5sKsRaKsWsj-QZV85bADFLcsWAR0GHpwB5sOx3b33_VgXozQwXD-gmqA0jylPsEuB_kiS1EcRsybi9u-nQ3QrgaL_LNWo_gHdS0WN1H0Qgq-9OfZXwWk0mmj_2OGkFUVz_yLisxCydtxk__9qEJSdJffEreGNwfr2xXlMagzxyzFDjsk2mdCPUTQYIqnxMTSNubfJTnKMTTYJeXut1ZbarF6GrvLjKygyjZfWcVw61j7WbI9Qbqb_OhJRTvF300L-5rwmF-FaM8icE0CFzgPumkn65U20NqZKv_Y6XNts986jDi53_zFXC5_bBMCvraK0YTwlVTzFyxIzes5hhENURwIlCBwxoAZ5WQIwPjaHVbWVBNJFH-vpSEVA62be8ET8408Q3TQvKj1a9_doVeABybT0XwPESkLA2_ifha5kwvPLKD2MUwA59yzudG624gBZf0OH9GTbpCskMVYXRo-YljmtgKrkrITNO349kexpCq6eUEDRFt29T-F5W4COmv44kc8Fl9EQCB9CMv-taoJS2K4pLHEk--Q7L0w3MA3AiE8eDdXHuO0N6ktcGEgKCbJACpXEauF86jMFg9SoxKcLZ9EmU5k3WqDEGhT_38y5_lOn6Sz86_wgAMMNa0VYW1MI99GNcsTJN0flWp-FE6LNxuZ7lULojdSrdYQCCxlXapCwhgmCScbR_5F_h2z0eQTeyQzxcOMT9sfKNSVTHr36ZW73s4kyLzxYuG2FS9ZD5hLxJ61mcZPSsmvf30xvsonXitfoFQHDGcjdTf1LZNZtOVLA_MQvgJYBp0H0SKbBzMVH3R3k7Ky2t4lm0eF9kCKli_Uh161YVqZWGg42wU5tVpc0uv4dfRafTA1-GNUucxxSJ6tv7H5vECjMBSKaSjGXJhNACKr6uklbWNg-h9RGCWAeO8U8EedWqy4rn2gdvhby7GfKiSS4zK6ACVM4kFaRNJnVuviDC3qemSmM89jhIP3JL3FByYN2x08KIvtvAGHAysBhYi5NzpHrnlfj9cFr1XVOIPFuTxgF-bPki7HVvrre2In0kGFhQaZosbtaLYLQ-2cRhw0lEoK3n86uH6-8rTcjnGDp00U0PBaws_zdl8pKO7KaaHrzW1NpbSyFgYP1DsS1yksAPAVKSb5heJrSAaywzdca0spz1PBvPljLXXqpZ5cA-Pj_9dLWgzBCC1CCiT58aKrVrk_xWsWyfgLLYAFH0QP3TuCEKrR-tOphxStoYigJkJTU1pEvWB9rMDVzElFmcDOi9weFL6V0J5MQJLEjzPibyuHHkdqwdGQhX85UHNp0otAxxAKXZapUmL9heaX7__nEVBtfVRb3ADk4SD68Z9v1Fw41yMz3_RUkLeLeAg_BXF_ifD_qslR0X9nWP3dkFifHuwV0oCHFIjnwH0&cid=CAASEuRoN1Vkf3zRgo24YWZzQ82_Mw&rfl=2%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e2a11dd5fcbfb61624801ca856d9f2e48e9bf03516832b7395533ce2e1eeef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29585
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 63E1 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:37:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 63E1 128 KB
39 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Mon, 27 Sep 2021 14:41:32 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 63E1 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:31:07 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 63E1 0
0 15ms
14ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRCk1895ONkocaGh1QQUVpFHgzh7aQoGc08Nz73WgfeJ2K8oygAI_BMaOBSjGs8bcK8862ek0SfjCz9mMG5oFtqSvDTHg
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 63E1 42 B
107 B 28ms
28ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D7YG1RLeHYpoEDHXy4_pjHdPdZyi-Dt8bJqofnj96fAo87qxh8n2S2N4Th1xr8o8Y99GoqEex_JkA5gCQoqaz-XzchcUFNXGqjYKNmB2w8FSDN_Q0

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame ED97 169 KB
59 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
Origin: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 09:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19378
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59842
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 09:18:34 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/ Frame ED97 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/783646/56311260/xbbe/creative/adj?p=APEucNWCE1-MJCoDoVfdQoIZczgo1dLSA2cnepPr7V3ttSEhZ8hOe5E&d=CnkAoCZ_4GZSaXkB1_UuxP0fCqhU-h3a_PJRYmQSkwX4xL2UKcTMCey8ZNSTiYzlheeG4m14BZ-HHxAHJQxPuV_wQo_XKF5anLSaNle6DuIV3g2hSJUsRPHq25LrorXpksswRTCHm4ddF0xt5eOSHkG1zqv1COE4jGMDEukRAKAmf-AXqPmZ8jqvcYaZLFz6Fm9inYDTvQJf6k250f4nCsjdHM0rKJKVKyKieBIUi_AV8_myY1z7c8d7obw5rFpmzbh5aHPSwJCkTlgAzflW2fCyg3sgal5-HrrIYy7CNb8ca5WB4Au-Pn5At46Kw3fVZLU180ZH4m3q07HVvBkgRSojcZyRGannZd-tRDUGdcsueZtwc7fVaVUjmdiGLYX7rA_VRxdG0kS-uJeA6Y3XyXb2AF5irWmLc0nHXYCkTdghcl6W5Xf0jt-s0SzKPz_0VO-7Xl-mP5Dv9ILb_-9iv5sPyjVdjNoC2bppcTznBVxlgrPwZoKyo9Nwsmt-n4GVr538F0KopERgzI0XfanwI6UC4d9pA7Iz8DUR6dcwBSSogbXHtQnoekVaPCXP9qmSUTy0LyD4DVgM2uc4KXXHPbtm9IIhH40tEDgBqtz5Y9RGOS49KmKPDReNqb-sshbCyIDyyeyP_zh80PcXZLIrv2qjgf2Oiu8Q0riO7e8OtYQxs_5NA6bt3c0vHdmGFTgukYBTmTjBCRL_KdZZL7EhZvcKlfNc3jJk-CWTmXUkg92CjPsMvR6Tc2CPScpmOF4axPLVeS_vA3AY8XDijnvs7iT-_kjdii1jg44UrWYKG4rcHqmgEWbXpbbxx2PF18gsSaKFgbINUb-UZLzzxAOb5m6SVVbt10rNVH_jJInyElBiNgdyqgy3r9q0BdyxduBK0frtNlpy9H2xT7Lhou_k3rlpMml5nCyUu-Lp91YfB1UdEVQaML3GUKe9vXsIbVpmxoG5LqbtJ-YE2utwBYwegecs-V11mLnvKM-svpMwJz5p41iYlgExcMbXNzk2GzHBOWyEmCxtl5MC8UOCym7WGJZQ71rT_LesCtk8D4exB7rb41sRjp2kJ3xH2r3gTgKpJP0i2pdzdifkefql790WCJxXhc5bvz90gnZnN9Bt86iau7oNhNzWi_-dG1F7ZBlE9kO31MWka2RnRG-CkLHGNnS19iI0cDgCYUMy7r8A4A_NdLx1RjQOD6A_aCir7lQ3Fm2Us99q41cwm8By8ClZ4sWrrOYQyxRNAIFMgr3sd7hw8DV2Jbcd0r5vYQdt86tLP4JYzQ2pzTRAUzIY_SpBtECZfdgkTuq2GpEQFa9GEbsk-YB7iI6mv5JqkqHyQ64T02hYaHVtY1PAja0vqRDYOVl-Ayp70L264edXDAcn8n9XbMV1TNZrTBQNFleX5Zagt_mYzLC8yDJT9xawn4Q3OChnlKhDd5ejZ9p0A9U3sIsuhLjwAqKZFsVX4AOYG9NZMJJAico_owt4GEhc67urtOLE7vswLMog6hy6wf_m5LWuOnaLdCJl-Bx0XHhUfQ8a-ANLCZFdn-VHCW1wC7ynncM_A9CbJRS3zqWtbOIXuGneSQgbq-SbRtJdlO32sjYab5b8kiyxehjQ5OftT5Omj1v5W5s2YVHjuQO71LoH4HsG1SfSFnnnM0kQ3feeqXMpe41DTxVoA4uUkablAL8FVryPJG7JElf6haeAvUSjEU8-Mi3tb4JDAZETHFZAIu7ZoGiuUHeItAVDLL6ZoUDNdtCQf6tRz1UD-ZFajdIOgRTujgpvLkgmFgbIrGoa11wXLfh4Iw5xrbU6Jd4JLnmEloKC_zwDLyOzawvADv-Etj5MIan8u4PEwTXvRg1on7JAK-kwyvpBjhimwEJAUw2niVtYAUH2R1b3TzniZjclJmyklPeeKb1CnHYv6fBDhgjUNXNAmXpI7zJVOpEyRIZCJLzYSfyqdNSImDQfHnWfxJahHp9tOO5KNioolB-5bsHBMz9s4AgDHNOyfLUmRaj6-MDUgsDcww6TdLR1I_y4mstvGphaBO3Y8nkbN8Jyvvqs_ZndRByEfDG7J_w3tj6jfyIGnIVGIu_UcFfj3MIm_SZppcjZenZ9nIukouUwpg-AIGVGh-PZRvOVE04TKpiTvGc29hHm7cze43QIpU_eNfV5-s5ldrYXscCzlBPFkZzHHxuUTsXBnePZKgJW3vsDkFXDuHsxtBIeByHkt57ELrqmrNlOmUIciiLI-UO4oKi2uxkdkAj8cw_A1eOOnjjnMaFvZoKt5DaIMzUA5y6jzDkSgUTkNBmOtqiRISOfk-kGKFAmE4fgxDPxzS5o1UPFP5rAPkIogfv21hE7Ki9Aei7sNZxciLzP5--r3rhLSDr6mX-3AG9OfZk277tjxbGkAmxJ7ToQk_g96-JnQpUPWNuCTA0gn9dHVCSaQhZae7G1B0Rd0eI0zY0-ZS35LndntOVZeAqtk1s_Yakl5Sq5HeWpBXl51dyRaeBXSKFMoA8aFKcLk55JLPIrslo2P-dqN5sKXCovbkz3jp1Dr_4sExNM5tVTsXKJz-L836EDYDqYrtIKpQEOLK1UcB9qYOLVpEscIhzLUCo2C0wEuR5DGn5WUNflOMilOjPpThzw6nsO2GUOYPCH2xdMSq5zpNHQI1GcoXdKU1yfgQpDNd9xHpTjVDMLBnMZQOB9YWsu7HAGo-XAU6I36e4PCQPM2vGEmBNnJAcxyaGXrF4WM0smPy6DEDA288Kn7CN9aWTMkYdLVtZ4jhtKR-j4KM-yyh1ZcM3lTiECnQwaUKYNleW41PXM5ioktgdRm3z2TPDP5xppaU--Oi4NZhvdXe4zw7QycwSOb-x4yIa_xhSW37KhXm1YuToIpb8zl6SrEgrrcOsJ8WacUEfMuyyO-NYUt0H8qrIvdBPRxNjEFYk-aa_XbePMDxIe3LErlCgWwiVJZsKXEHsfRLgQXi8CLlo3ASHfcNBn1Jvg443BfjF4xQKdonZDnjk7IQggohrzg-Ps3Qtimh82lbPe8bUQOGRDbgjF_baCk39pZc49HSE1a4vBGHblSMpJjK1DLBUxLeP9joZ1WwbKBq63woSVEVV_NsT_umgIL8W4zB2pD3P4MXERkMbzh70tQvaPTF4dXLcxN3qBMBOCaAv48OYMV4PTztVO9nfChtf81nvoANrs2zTR0XcCE9vCFLk_rEhdBc1fI04SmjTgZ_y6ExoWCAASEuRoSxbQ8ZIg3QmrIsnPbBi5mWAB&adsafe_url=https%3A%2F%2Fwww.hawtcelebs.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fa99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fa99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:70d1aa1f-585c-b93b-929f-b574a3fe684a,c:pqtjwJ,sl:outOfView,em:true,fr:false,thd:1,mn:app16ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:3,fm:sKdS65k+11%7C12%7C13*.783646-56311260%7C131%7C1321%7C14,idMap:13*,rp:n,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:16,oid:01b09c9c-1fa1-11ec-a7c3-067f141e2336,v:19.8.245,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcb80c86da267703311d2eeb3bdb5af0dedf63589d7d6eee4ed81f4bad7537f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:32:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3143
x-xss-protection: 0
server: cafe
etag: 2416364338287085106
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:32:27 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame ED97 23 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

289d6e0a0907342fcc661d9944f30ab735754993b96f13f5b59ef4f5269b40fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9237
x-xss-protection: 0
server: cafe
etag: 9463376652360951579
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:39:38 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 95E7 1 KB
868 B 7ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 27 Sep 2021 08:58:57 GMT
expires: Tue, 28 Sep 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 20555
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame ED97 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0372e56e268f267324af013d400887d70337dc95d8297d655f783353aca80980

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9A3F 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hawtcelebs.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 27 Sep 2021 14:41:30 GMT
expires: Tue, 27 Sep 2022 14:41:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 18ms
18ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.3&b=1&r=hawtcelebs.com_300x250_desno300x250&sy=c930b04b-b65e-4cc9-a8b6-938425915080&ts=67&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=300x250&mlbw=4g&mlcs=149&mltp=53f6a350-39ce-4048-aaf9-630c8f171eb7&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:32 GMT
cf-cache-status: HIT
age: 1439919
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e516fb25c0e-FRA

GET
H2 200 container.html Show response
a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4847 6 KB
3 KB 10ms
10ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hawtcelebs.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 27 Sep 2021 14:41:30 GMT
expires: Tue, 27 Sep 2022 14:41:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 14ms
14ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.15&b=1&r=hawtcelebs.com_responsive_h_hawtfuterreshor&sy=c930b04b-b65e-4cc9-a8b6-938425915080&ts=67&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=1024x100&mlbw=4g&mlcs=149&mltp=53f6a350-39ce-4048-aaf9-630c8f171eb7&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:32 GMT
cf-cache-status: HIT
age: 1439919
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e517fe15c0e-FRA

GET
H2 200 container.html Show response
a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DBB0 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hawtcelebs.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 27 Sep 2021 14:41:30 GMT
expires: Tue, 27 Sep 2022 14:41:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 16ms
16ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.15&b=1&r=hawtcelebs.com_responsive_h_reshorheaderdesktop&sy=c930b04b-b65e-4cc9-a8b6-938425915080&ts=67&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=1024x100&mlbw=4g&mlcs=149&mltp=53f6a350-39ce-4048-aaf9-630c8f171eb7&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:32 GMT
cf-cache-status: HIT
age: 1439919
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e51882f5c0e-FRA

GET
H2 200 html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 63E1 169 KB
59 KB 328ms
5ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
Origin: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 09:18:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19378
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59842
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 09:18:34 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/ Frame 63E1 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CkxuaGmKLkPqcJFlZZmGeJ3D75BE_d1klBVuIP48VWSJNOGSt0XEEU5NPrBjzqyU6OZhcJa2wA3n2WmzTtEdquxyodmFOCmRCxG-YZFlJEsmgAPkQ7jLwYpGwVxpFtWP-MTc28KJ3hAkO1ZbKc9H2Dh5PahA&dbm_d=AKAmf-D9VlTYCQOmG1T4slbu98wpxA_wNXTMD5T-h-s7iytditSwxF-s3xZihyq8nV6m_3oLenJEhSkG9UGx9hx2szFD9mDBGgmq-lUoKZsVONmUlVvF3bVG0qRjL0ANutWZD33oT3VfhZVOeabZ8ojMMXblk9HFEYgqDrw4sg3QvLFJlF0KfCuLGXp509py-YpenEUkLSBM_mzXHs1Z_fyPXIDJC5sUmex8j7lgTj3pBnm_uv3QtqJ-p3Ymda6DI5FTfp3EBoVHw66-rk6UK-SqubmK13rVAYWKKp-gD9j1Jg-JCfFA2GXFCLT9lkQ74PBSxvjIw0SpmLkWNgT9NFYMLrZ3o1KooTOnNooTDkzeiehKqXd5L5NjslfJwpa4SsSAEucepqm_Nt_6jNyg31skIEj3VQV7SDFeEs6-znYe2wlFzMWNJDuzhWsE7NEEYsoKj1pU5l-B8n5_SUnBXlRaVgRi8FTzO6ajvK1kfv1Usc7jkryEC0X9UOYY6Clp91683dCisFyQFC4N965JQxuffIU5lm0bGFFB8ZperbWabgomPDjYKfZUrm07TEEc7_3a8AHjcu1vCkFzecqSwr1NQBil_ca6i00FvnysZ3oS0KLz5WvbsS9rnHpWuS7uqG-7AvtS-EzPtr_1rC4tXuF7uh66MoaBYI4Fc0tXH0_w6O4gEgSsikvzQNnnEUTVWw6hJdEI8RR9crGPgoLVH543MA_PUvkwKfqgLjF8i3m0eRizc80zIJ8fVSpr8W2mrrX5L70A43rx9oivqfL_CL71qi1CsbQeKBCYO6AvoamGedEloVW5j6ryszAfX4MaCHWkoVr7PkW4tKklOm7i1DKHp2UCoQEl8aJJaXCtHPWFLd2iz7icIIATOH3hr7ei3pWG8xegHhes4hMjIzLUt0yh3D3pbxeHBJ_6GUk0Ec7ZuWMD-WPnABgKeJbqnx6cfmbUhONyy8fcA6Shbu8pWh1J_FlW0R3Sbeh5z33vFgS6xeZytZXEaM2rverLXSdmT_NqHAitPZg6c4QROqCFdkKzhAwRdMaDWjX9cMMMhg5p7R7pDNzvZ_x5PdvFyj4X3IuV643BI2Ye1PSJoJLTywkfglrjwbIwhQlFTEd5RB5H63novX6ABqZFJxZFIYNBN4uWY7C52fnCuxUR7_VhMZ9z9u3_FrW1aqZgXcHJzlTtC3weqVBsI-6dodpgCToaPnW7VaDICswZ1XIzS4g1Di9AIGGWpOn-ez7duDuB71ELCfwzPMKItEVu0br6vkeC9viyibhxlGtgjpptW1XiOjQWmHUGZ-SYKiA0HOmNul46Wdf8E2ZGmAyixXWFSqp0qp5YQYp_yu95q9MmWpXEZwx-s4WC2ItMr7cx9REOY92b9CCrIyiObRyXWyBBpvpgdTKK5Ybc8ZMXR0IC1Uo_SdHlCHAUBQ3xQ4nwiKnIqssVwe-kcv5XEpmd8GNQus_0Wp42-YFrX_Z7Nu0v2DqR15jc2P8WEjUulRuXHOqvBvojj79TK8cSVT-KlFG7P5rm-NFPsha4ElGRTxsZ1YqHPh4SsSeHjDKoJ6vOEAFjh9CrDx6C3SegHgnp-GMqgC4NkQn4Q1CUyi3AspcL3mA6dOTjChwdEAeW3UExu0mPIyGuVOVOySKk7nidXhowMYVO4s7hPZTIEOH4y_LWu0WRBN4bATohlJTSsGNllSNlcjJ-hp9gwjkR5sKsRaKsWsj-QZV85bADFLcsWAR0GHpwB5sOx3b33_VgXozQwXD-gmqA0jylPsEuB_kiS1EcRsybi9u-nQ3QrgaL_LNWo_gHdS0WN1H0Qgq-9OfZXwWk0mmj_2OGkFUVz_yLisxCydtxk__9qEJSdJffEreGNwfr2xXlMagzxyzFDjsk2mdCPUTQYIqnxMTSNubfJTnKMTTYJeXut1ZbarF6GrvLjKygyjZfWcVw61j7WbI9Qbqb_OhJRTvF300L-5rwmF-FaM8icE0CFzgPumkn65U20NqZKv_Y6XNts986jDi53_zFXC5_bBMCvraK0YTwlVTzFyxIzes5hhENURwIlCBwxoAZ5WQIwPjaHVbWVBNJFH-vpSEVA62be8ET8408Q3TQvKj1a9_doVeABybT0XwPESkLA2_ifha5kwvPLKD2MUwA59yzudG624gBZf0OH9GTbpCskMVYXRo-YljmtgKrkrITNO349kexpCq6eUEDRFt29T-F5W4COmv44kc8Fl9EQCB9CMv-taoJS2K4pLHEk--Q7L0w3MA3AiE8eDdXHuO0N6ktcGEgKCbJACpXEauF86jMFg9SoxKcLZ9EmU5k3WqDEGhT_38y5_lOn6Sz86_wgAMMNa0VYW1MI99GNcsTJN0flWp-FE6LNxuZ7lULojdSrdYQCCxlXapCwhgmCScbR_5F_h2z0eQTeyQzxcOMT9sfKNSVTHr36ZW73s4kyLzxYuG2FS9ZD5hLxJ61mcZPSsmvf30xvsonXitfoFQHDGcjdTf1LZNZtOVLA_MQvgJYBp0H0SKbBzMVH3R3k7Ky2t4lm0eF9kCKli_Uh161YVqZWGg42wU5tVpc0uv4dfRafTA1-GNUucxxSJ6tv7H5vECjMBSKaSjGXJhNACKr6uklbWNg-h9RGCWAeO8U8EedWqy4rn2gdvhby7GfKiSS4zK6ACVM4kFaRNJnVuviDC3qemSmM89jhIP3JL3FByYN2x08KIvtvAGHAysBhYi5NzpHrnlfj9cFr1XVOIPFuTxgF-bPki7HVvrre2In0kGFhQaZosbtaLYLQ-2cRhw0lEoK3n86uH6-8rTcjnGDp00U0PBaws_zdl8pKO7KaaHrzW1NpbSyFgYP1DsS1yksAPAVKSb5heJrSAaywzdca0spz1PBvPljLXXqpZ5cA-Pj_9dLWgzBCC1CCiT58aKrVrk_xWsWyfgLLYAFH0QP3TuCEKrR-tOphxStoYigJkJTU1pEvWB9rMDVzElFmcDOi9weFL6V0J5MQJLEjzPibyuHHkdqwdGQhX85UHNp0otAxxAKXZapUmL9heaX7__nEVBtfVRb3ADk4SD68Z9v1Fw41yMz3_RUkLeLeAg_BXF_ifD_qslR0X9nWP3dkFifHuwV0oCHFIjnwH0&cid=CAASEuRoN1Vkf3zRgo24YWZzQ82_Mw&rfl=2%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcb80c86da267703311d2eeb3bdb5af0dedf63589d7d6eee4ed81f4bad7537f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:32:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3143
x-xss-protection: 0
server: cafe
etag: 2416364338287085106
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:32:27 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame 63E1 23 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

289d6e0a0907342fcc661d9944f30ab735754993b96f13f5b59ef4f5269b40fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9237
x-xss-protection: 0
server: cafe
etag: 9463376652360951579
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:39:38 GMT

GET
H/1.1 200
OK tag.tr Show response
red.vtracy.de/ Frame ED97 16 KB
17 KB 323ms
23ms Script
text/javascript 18.185.166.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://red.vtracy.de/tag.tr?tr_adid=k26225744_s6273635_p310386514_c156386358&tr_mid=0&tr_sync=true&tr_uid1=DC&gdpr_consent=&gdpr=&t=3898909338
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.166.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-166-223.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 41a55c175f841c63cd3170ff8f6977ed28cec9b48f174e45c4e216516f81b2e8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:32 GMT
Server: Apache
Connection: keep-alive
transfer-encoding: chunked
Content-Type: text/javascript;charset=UTF-8

GET
H2 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/ Frame FFDF 186 KB
39 KB 39ms
18ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/index.html?e=69&leftOffset=0&topOffset=0&c=uo8oqxoif9&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7071be3d22d9b3eb0b2ae2c200ab63c42b999ad93553bba9eca53c352adc613e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /ads/richmedia/studio/pv2/61879590/20210831060517841/index.html?e=69&leftOffset=0&topOffset=0&c=uo8oqxoif9&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 39169
date: Mon, 27 Sep 2021 14:41:32 GMT
expires: Tue, 28 Sep 2021 14:41:32 GMT
cache-control: public, max-age=86400
last-modified: Tue, 31 Aug 2021 13:05:18 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame ED97 0
545 B 75ms
48ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssdO7ycNatRFMOINVNxPn7u6polUhc2jq1uUl-BM634VLhG4tZGQaHJbaMC-kQWyG24m8R584ymZKBt7SkgB78zqT8cbtpqX4HMwi0jffXZ-cGU-O9fdiQyQwKSYhNAjnCKkqqnZbruze9edoY5rDt7d4fGUss&sai=AMfl-YTpEXwXAmGSiZbzbLmfe_99FzEerwQpnKGeiLtRRtP-afNBUzMzdmu4swfwMNxMb1GT5E24pojvkWFP0ewh_TuKRwzik-WZjdw&sig=Cg0ArKJSzDXUMZ9_psi9EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=159&cbvp=1&cstd=154&cisv=r20210922.63327&adurl=

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 14:41:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 m
secure-gg.imrworldwide.com/cgi-bin/ Frame ED97 0
297 B 144ms
37ms Image
text/plain 34.253.22.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gg.imrworldwide.com/cgi-bin/m?ca=nlsn294349&cr=creative&ce=aod_dcmdeu&pc=55748097&ci=nlsnci1614&am=4&at=view&rt=banner&st=image&gdpr=&gdpr_consent=&r=3898909338&C78=G1,DCM&uoo=0
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.22.126 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-22-126.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gg.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A50E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_dbm=&google_tc=

170 B
188 B

19ms
18ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_dbm=&google_tc=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiZ88K0ATAB&v=APEucNV73rK-G3AQDbs_4kqnaAvWx-jGly4xcmwaNIREu47BeQTIklOKSDNYdfAXqOW2bpIgQ4DXQr8bz6X1tFdmZUgbPYGWPQIO-L_qUEEodV8Uy6edxxbe6NMNwItO2B7jBb4_5VjdQT8e8rNIXc8eHmfKW_Yw2zMwoSuHeuD5eq0a316JdJY0uXB-3cICTSx0Sm0oMQei7csvgrDA4SLVK2LrG3lpZg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_dbm=&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 294
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A50E
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzgwYjRiOWQtY2E2My0yNjNkLWY1ZWMtN2M1NmMzOGFiYmQ4
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzgwYjRiOWQtY2E2My0yNjNkLWY1ZWMtN2M1NmMzOGFiYmQ4&google_tc=

170 B
188 B

16ms
16ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzgwYjRiOWQtY2E2My0yNjNkLWY1ZWMtN2M1NmMzOGFiYmQ4&google_tc=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzgwYjRiOWQtY2E2My0yNjNkLWY1ZWMtN2M1NmMzOGFiYmQ4&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame A50E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm=&google_dbm=&google_tc=
https://sync.teads.tv/um?eid=3&uid=&google_error=3

23 B
172 B

34ms
34ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&google_error=3
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiZ88K0ATAB&v=APEucNV73rK-G3AQDbs_4kqnaAvWx-jGly4xcmwaNIREu47BeQTIklOKSDNYdfAXqOW2bpIgQ4DXQr8bz6X1tFdmZUgbPYGWPQIO-L_qUEEodV8Uy6edxxbe6NMNwItO2B7jBb4_5VjdQT8e8rNIXc8eHmfKW_Yw2zMwoSuHeuD5eq0a316JdJY0uXB-3cICTSx0Sm0oMQei7csvgrDA4SLVK2LrG3lpZg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 27 Sep 2021 14:41:32 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame A50E 23 B
172 B 104ms
31ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiZ88K0ATAB&v=APEucNV73rK-G3AQDbs_4kqnaAvWx-jGly4xcmwaNIREu47BeQTIklOKSDNYdfAXqOW2bpIgQ4DXQr8bz6X1tFdmZUgbPYGWPQIO-L_qUEEodV8Uy6edxxbe6NMNwItO2B7jBb4_5VjdQT8e8rNIXc8eHmfKW_Yw2zMwoSuHeuD5eq0a316JdJY0uXB-3cICTSx0Sm0oMQei7csvgrDA4SLVK2LrG3lpZg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
cache-control: max-age=0, no-cache, no-store
expires: Mon, 27 Sep 2021 14:41:32 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1631 499 B
381 B 33ms
30ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQg-LRwAIYz_KTswEwAQ&v=APEucNWUr0Or2QvYswAOFpUKo2cDdvOutx79ak-Qa7YbNmEHE98eifMFOpqGVzcu3GFzmwBS7Bz6pTy_cD2btNulqGP_s-4ZKEQ8_Siyc_HFk8shY4OhsymtDlyeEnguh2QSeiIDQRb5YGTm4jeK7UBLTB2qZqf86IDRbhx6czSSwuqXF8HaO1YTP-QLlMZN4GsaRtQdkl5bvfvCa0xcBkOhLG7cQ-ejhg

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CMXlgQEQg-LRwAIYz_KTswEwAQ&v=APEucNWUr0Or2QvYswAOFpUKo2cDdvOutx79ak-Qa7YbNmEHE98eifMFOpqGVzcu3GFzmwBS7Bz6pTy_cD2btNulqGP_s-4ZKEQ8_Siyc_HFk8shY4OhsymtDlyeEnguh2QSeiIDQRb5YGTm4jeK7UBLTB2qZqf86IDRbhx6czSSwuqXF8HaO1YTP-QLlMZN4GsaRtQdkl5bvfvCa0xcBkOhLG7cQ-ejhg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkPWCIDg9VzJTnZnWfuCKLqGvX7s6d5KZiGQqF1nfaRy9SKtKZbzy_iZnoOeyg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 27 Sep 2021 14:41:32 GMT
server: cafe
cache-control: private
content-length: 313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9A3F 71 KB
28 KB 45ms
42ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6xpqm6HM2fwoQlhMjSLigvPIJDJ_nMe5TROmJuLBdckyVScUPHgR1foAXba8S1gIWpF7MnOSKjGsrAgkSZ1qc-Rt5QnRDSK_B4TpaS1jkJnrh8T0s1Qo8sYDyGvpOO-OoxBtTsKliVxeKYP58HH3YBmCVeg&dbm_d=AKAmf-Cauh8Cdsu4krBzmsMKIGijQtuhpjVwCukQVXjdCjCw1cCbp2U0b647sxNnAH7uDoJP1UUPPd9RVQqMHONkFfgH9t8FKmiSt5vRJlo31fWwz6GyHEJdNo3MYAPfkWUW0iwQe8_IzILahZHAKofI_hKmfrBfnXmRFfQiDlq5jenfBBOjhHMte16wWMWdpsNvcPjNttxNuUNJoO_bSBfbk57BAChrmhDiZh012RWuADY-WlVhTfajTw4NsTed_WMOnEhMWhAut9S3gLx_0mi8wcnZUJwbJtN-sQxa3fTVdVoMERL54lxfvSTwp-GXulU1pTQak3ShrMmCfVCs--Q-zAFLPOs1akk5D31DHc5xUHjneW30cfnrxk_93EaJzBIKVEfBp1eW-LUxKbR-9EZ_Rgi_tUBNCf182JpyY9dHfT73Oja03urUs6q7iKTbBmv3utpzDqLJZ9zk6lTiyZkgGU6aURjqbrFt0l-Z3jqBWVUvXK3tK2RAo3jv2rnMKyXB3ujtDR5XQRxkMEDWtkoWBqjkwCLmcM9o16Y8YhX1uzMTw1hFj65Eo0mIMWKwJVBG7VFj0HSD-nNB4AKDAPuoe-wLID4RbwKX6me0Ie8lKdv9eneDpN89D9AIzRLLlHfm1eSzD0yDDh7CJ-so6NLF9SicfcpeZesr2cSnw55YQUdWxy-ksWpBpEA-8ohAh_DRBBUuatM9mw_YQTVQW1JC7vUoxNLI8ZLPEmT6SPCzaeHr3PBCvcjuPvj1Vv2yPDv_O-eZAuvzRW36QWyvYPwCFrtXRjbQrGqQqsKAL_5L-HmnS6TxXvxf2D1O8T-oiYrTClDYrh4zY4voOissXKu4riMlwyVw5zsQClKed6oBloId8ILquNdi1W9_amr8PnS1iDF_Q-iGHRuYFfcFKfyV7oAQsFVvejLV1B_EnKM8YMa95SQFamDBJvMyv4WXDKlE5mZIjp3PgYf1ZkAJoeLiYRUTlAXAGMlNH_U_yzET1xLrMhMyYOVOARk_7IJDTDaWsGEpsOmEsHQnoAuYtVMxmWKj5oCNNGfCjvklSHEseVfvdqTNE5gO24uEAz8F2k0o1HXQVG5uEIa3gps4CWFWQ-GghlKGUSfiJT28rQ14W7Mvu1MYwjwHuZYX5ot7Hv5FgJ0byQTfYxRHpsiCYjFd0r5CUyoKI6odJje1TNNY_dLcudM2JWyps5-UwLnOuFZZUgTQYWkJ1KoN-M5whjnsY_lfUYJckNsjqxm3dmP3b5v5KF7_bMpKruXjQH9PVjZyntgbIOgdevf_mnW6hAwQSp73QNw6HPEyM6MS145xd1dtrROACRvkAaN8SBYiA2P9w7Iz6Y4dT5N-TNd0q8XEVVUjrq7gvT1G6hM9XGRPWyGOhtWceqTkJk__9xEv2K2Z7o9erbEqj4i4HoTNSsK3GpRgql7AjVKnTlAHvxKsCxFwdzAxCvAeQnIIdkTpsqdGBgw6LEa76Qe3FVdgggv8CDBqanzuwNYyfcSI1wMe1B6gekdgK8hUWnyplV7KgI9dKvqXNVezb2pJ9uXpEqZA8Re0o95-1tjX_qtpo3WBd78gjMuIVXsCUb54H6gya4lY9DVrcDxNcetZy2ti10_wKWbdM3VbC2InxAWgk9XgJu2PT-glw5aH30wRVSt8hDFAzititDTrCBEyB72ZCjcrq0y6SRTTV1w2rf3Jl2ey8IU-RUZidxYgGF8-GyyUqaY0MdjOrgnAieFBFiU_ybfnNIq2o2aDt5AugWPuv5ZVgapp2NNW8rstd390QUy4q5cM04ZcWmLnK-Bd0YIkQtWpIbtfiwIlNGXEQB3SbOgpWJmEhw7nayZ43ojt5KtX7hCx6jHK7uYlrJrnC0xQldNdacuPcwQ5nj3ySRW0JodSG9ddy4SzrO2tXcEVkbcbZnIc27AYG2mLQPd_0JZSLO2udSRryuUv342KYJoXmOQ2m2-k1HACxtwUr38GZhToxJ35x8dzFM8ThdOOWK8M0_a_Ahri_RfQbCyM9GpdcdVKl8dK493V80ktlQUCbaU5Cq1H4PhD-ni2RUHFMHhupgKvAvIDxYq_uwP6RFsEnpp88fMmhbmOWJDpUi4PIl2O135A8OFQbPJkoSpXnKM4rgzPZyrMEUlM87ls--BByy5u2rLyjUXY45Y4nwVINm5dKCpUZhkbI9et9sLgMz-yvAQ3iZm-mLVt1fgeGvcF3ByVWTENiWk05o0pc9d03wHIAygQ69E6q0vSq0o03qKRnAit4JsNS6OeHRC8mZPYWIRRb5FvapTnYmzvO0B1oGClAvWuuU6JtvXx_YlYW2biwlUSpnqbVganuBHfbgY2GzpoF2A-xTWKkPspBj6BkxK62oXm15AFiG_QpThJHacYpzD8AGosOJw0VKhe4e-8jk7vdncP9FCsdZqbQDiggUXY0S3k-ukdRVnI2aRxdshI9HkdG51uMxxuInZtCGcOPvWZrZ7_Qut3N9EIVE-i9Nkzea5g_TkFqbNOwsCY3Z7rgZiqwqLvr1mGUlzOAqdYnOMMZU_yfcDzGrQEfDcuK4b2ghfqZ3EQjJVAk2QgMe5brxA6QgA0DgG7IkhhC2dD9XprVx1IGqIWlHV4UBCLGQGexoR1fKVI4Gsa2IpwR6hqPsXP0yDrAnK5hoarBz6wNkOROpww-v-qYhpTeYGLPQo8DHSvRU1IUPdwKql5gbSHwnszl_xKWXMQjcWl9f7YeYHxFxZnTtGsXWPB_hlL5JXiHSMvPOAmkEoXCwwmCFg1ChPQgzT-pe79I7wsklat4FW9wEISHBF3CCLy5fVfQRaTt0Pchyb4naudRMhEBXgbBGv3DgIJv6wo1yvDV9CHHNXIF1KalxBb_jTjRLsqjk844AmgqOf9gdvvsGe124XDbDk6mMkNFIVpiGh41JHb3yM53ftv0huumb4uyH8hPdikrdWLzVN9_nzHezSwM9zx_IWz-xcnfGHxKFjhpYTWMEdOcjX8Cfn_ftHITdfm8evXYnRQaUOp52rodNol2X5fnJkaWvByEuY4-FetOz8L9pWAD76hMWUXbdXjGqbtYU1vsy1Y4qR846ZejHVWmERWYBp5CCXjctQgGf0WUsGpilR-ev6tJN9rAvABNbKdVm94Qwpnxc48WGjqz2MBtwVTXd3Sa2G32G0R-53sLDvhwuY2yKC5aSLVB-8D54561mO_da8M0grEqkyQ&cid=CAASEuRoid-snYNc0o7uF59BnwKRsw&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83aea769e65cb35558f48554b4cf703fdb85b58dfc499fe6aad2bac29dc429f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28851
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A3F 42 B
107 B 29ms
27ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CS98TdZ2BN83xm97zC71AS_3WaM8voBZzBX40kyY-VNFP1QW1j6HB6jHymj4oeiQjiA6_XcKdOmoYRUasOpLHlW1nLHlXuPMLLy27l0UT4B6uFQzk

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 9A3F 3 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:37:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9A3F 128 KB
39 KB 18ms
16ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Mon, 27 Sep 2021 14:41:32 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 9A3F 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:31:07 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8C16 499 B
377 B 33ms
32ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhimlbazATAB&v=APEucNU9g8IoI8s4GOYGCH2DcxUcSrPMu3guH-2LFLV58H3qpufeXRDkSx7QteO5jNs6K09JShiugoDzDFQTC24epAsNilyalqKKmk2exq1uDau5kP_titvy5C2gPAkuC6no7Zf3CAravS87DOKB7z1tx7zePKcD7CDBKJPfQmspv6TUlUENbEFOEW1MKTtIlbbsHp7poWA_WrEAlo2sRXxeLKpzdKmV5g

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CLOokgEQ4p3QAhimlbazATAB&v=APEucNU9g8IoI8s4GOYGCH2DcxUcSrPMu3guH-2LFLV58H3qpufeXRDkSx7QteO5jNs6K09JShiugoDzDFQTC24epAsNilyalqKKmk2exq1uDau5kP_titvy5C2gPAkuC6no7Zf3CAravS87DOKB7z1tx7zePKcD7CDBKJPfQmspv6TUlUENbEFOEW1MKTtIlbbsHp7poWA_WrEAlo2sRXxeLKpzdKmV5g
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkPWCIDg9VzJTnZnWfuCKLqGvX7s6d5KZiGQqF1nfaRy9SKtKZbzy_iZnoOeyg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 27 Sep 2021 14:41:32 GMT
server: cafe
cache-control: private
content-length: 313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 909F 71 KB
28 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxThCIEh-1Us0vlXvbqzvamJPOjIvBGgYZ84mqG24-xgD-9kGv5KGYb2Usp-GHk3XKlR3lM8-eRub5r2mYK7ZRisUdpcfnstCcwxSTvrHtox4aQY_TU3SMI5Q-Id8wey2caHgrqLHCQLiUAFU_CQwaeI-bHA&dbm_d=AKAmf-Dl9rGdYf90qlwDTMkgPXqEIT6D3yggdXb8q-jgSXjIo8latDjnSnInhEr1C-vIabcAD23PF4ryw0ItTFWt_dG9VwqaHw0LjdA0_Q-HzQnX5wHXa5gfbGUg-80Xcjl_cd3hjxGxm06NKzSveXVkb0QzTsvJB-Ol79kAgZS7ZDPucBlozPoQ_mZHPQhs39lmn8NeG9l0DwD2cEFi5qezuXnfHGK0S5jC65T2SDxauemfa8gWqg2KITzRHvfU2oTtejbcKfhy-PQUMmV1x2dFGYbxRvhn9VUm9LVn3Pblz_t_c4h5-rRLmm9D4nZuDaZhmYJYY3cee6dzW7BGp3EcIbWqKUGCCWtSCn2PmGREudxFslYSf0rBt9OI_BIaIAziVm-ual1KnbH1Ax1-OBjNRGve7FNLADCRsvz-nPTeRjEkzSAu7qXClLzrc49ecAtEk3anjGUbdp6cOm8t3L4HdRI4gXTdX_01zhukUCLF107G2VIlZmeD0Nmw8kqEQCFr1PRcEQkze0vW8NPJPJsLyYS_BXGF4x_Et8O0meq7mwEVP3n3URYnEea8WtpDVctvSboTMnDN5eiVV21SSOW3nAVZCF2g0y0uFG49GldOAf_ItpoiejLwZBhbbqSTfnZz5bNjCyCkP3FB-MwKtydMeqwMP3DaTS8WjqwVzLxU4y17svdDJslgkoRyeIdXO1JlQQf22inSMzyGS4z97EJYcHYwWVb8q01k_Eb6cBjL8zIGgd0NVYQak5mkfplY_uaVfn98ItZQqF1a6pBAsMp5rUTbdmrHAfyVDe02EOSuj_nc2OaGeglTog2Y0hqTtm9owfOdhVey8Jq9uUbOt28AH-_XUP1GEPJoIF4R8SqsiJWwxovvTzXlf9igVngQCj-LSSD4M8KJmo77OtnzycOc0alqNPpAwLNSrOCKVLPPl5WJjUzGAdX2Ng0BoY5V8Goy4YOWAXEEgtgcfPRA06UKANQ4Rp-wlbG-76l4-St0u9yd6PXFLEOWGDu7PETaM49_IfxEo_fBaf1O-cCAITswdbhMpqYEP45wZeSGHaxXM09OBQVMIY8vmSat5JtfzpUucQRTnabRCsp5ijDE3sNDKh_xtxCeO1nD5241uUm4g9KbFsatMYXd-TzlsEggw4QtVxPfqh6sBimikFS0sR-RGBbXm9W3OSclensHYrqkF7yzoA-6j1QSXewLaGkUvBAPRSuqZBaHiQEF65H9UBzvEGSKMvhp0vXT_GUKcDJ2MJow6VXsa03KcuKozu5T4YQRsH9m-56vT5fUvTM1vbsu4fry0IuzMFTucrb2tSwSWQMN7pCsefMr4ars_dxkiSd4dMdrY11e1RQVH5C77Hd3s0ryt0YsNoaifelcNUfd2nzXt1BcDsODLRet2cA9lgrdNG7pOPP53DsvlxRENMunbB8oPlErcp69a_eaBDMC7R40Q5eKrrrOjICzJQXT7VqC7mKbLv9C7H6zb3viwMkV3wnV1v41fb_5vpXH15t1OgFzpMBZJiQdTlxCqlefq2kMziWG_z-NyerhKieg5mEWrU0t5q0NW4fEAluHbALcxJTwbmr9QQkjVwPSzUrz4XjeHAxtVoz9zqrKp1Ib6Cfk59tyMZfs3c2kHTmB4kpvmztVPBfcENbe0VhWKbtTvTmDX5rq_2WSsqLcYgyt-xoo2rWGVa1z9h0YbZrz-jxqcpQ7xsk6UGY0FJKkGg-CbRlcsIhKucufJcaF4FDtNakxrzSEyAaFIZAHsxc-RVda31pktZ5YTlvepgDIdQEj8wQ5xE4sxxxpjq1fwNy2aDGubvEKLQ9kqmYRdaJ4-yB50UJLE3G_xLaFnaktCBUAeuzJnfD6Xld1OXrD65sDN-Dg3Pkdec5zyu1Ah84GcuYk-qq60014OjJmkRWAeb5Zas7xFoOV5-nqfidtbwDIeU5Rrvf-7bIO0kZ9xprxZnrJgAaXoG3NN2czu7MbWMUZR8LqnnNpOiBah1dcL0dwUenEALMC1sOao3W41tG5yVBQQSUGb178bVNsdwfW2hb6p4MvV9Fk_R4HvX6aKVItdcprcLcI0oyUSBne5_bnuluCD3Yd7llWioH-GRyO_AhauzOBE44Vzo_gIo5E7iZkoxgrbxwFdnNNx0-OOfNyjZliEKJg64Y4HpimoDAqrgigsTmZvGQi7ct6C_2CzSBmX16Z0M71Wdjk6Sit1-hx6QSN5VhVE5P2Tbn1MoYJy0WctraZNeyaIUpn4E0YNsu3ytDAiwsT1ky8yVqV98veEWG93yIQPBzCRIHdxugH-O3jgzu7aLAfhua3guF8eClWIw3B3ozi4VZS3mKTHDMVU8GSR6mXtD-rKc8zN3kl-w9N9dotortTM9Xw4pqtUPWQ9s0b7FhbWFk2zCyHlSm63Klh6YksfbVwAExxI8TiQLEec11AmsAFx3p0qfV4qfbVqtfRt6YMoXgbOwp6DadTI6H6mjI530ZE8AF9CvFn5ppBmIer3xCOfCAduT8Vzkm2dawMbzLpGUcyhrPRDhEQf1JB7vk9Z17XAs0shQbbkSszN7zyohzX3e5Ke2k9mGjNPbvfWKGOmQ2-k-4xgnKEodBkHAidNYPj7xDYG8JLSDv4XLHBtiRQNPQPvY3EA0BSd0jpIkk5BDD6C3-bq-cVi6k0f_VfCGMoSQlksrbHfCnXVw4U9oXeDpeqfmWPH4-9xN0dEIqbkLCU6Sw8qAx4TXH9YM87WAmrGV_-vxek9JSQJJiiGP-1T5kknGNrp_utecuCDlnRYc_Y7sIONnhxc9f7V552sZATBWYb18qiBfeViET7XKB1oY4Cdv3s3nztUCxcLMC93WrkZqz4OTF-minuWMj6fox4CNPpbXIWz_WZbxv5KCYb706XKHejqgedgUK1D17Vz-ATKhFY8Jlvh3Ffe193vPd2VKkiyEvhHUyPWPY7gBCejoqriptXb720rWyND1I4zeq-z5micaKmmMTqcklsCzja2OAYHNMnOntVzOdDdwer0l2bKJ0ji0uHuwCgP2QQ5xPkTG3yf3IzovHxplJ8pA6XdmY&cid=CAASEuRoj0qcEf8CsyuwUPRJuNlvkg&rfl=2%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2732637b72f4b2c9b7f5abab9668e896f66f5bd1ac85e032076ec8c1d4cb1234

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28799
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 909F 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:37:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 909F 128 KB
39 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Mon, 27 Sep 2021 14:41:32 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 909F 14 KB
6 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:31:07 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 909F 42 B
107 B 29ms
28ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dhyx4s-sEBaMU-DF537xADza2j_QbNVZe_SBr01MfzrogbQimdBw_2R2ZdvxA6GXoNVp81sXAMAqsUfn_6hFuLSQ-sREjAVdvNAoVJVz-dduQdWmY

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8751 363 B
273 B 40ms
34ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiah6SzATAB&v=APEucNWpThLXGBiqmEfeRwEUmeclsXRzReCxXxmKCkYz_gIohBEpJKqYFz7uT7kU3rjx9EiHoTp0E8iNOT2NTTMtvPP9dJCDj3DrB8U-BRiHhs86dSuwLScZPfu-0krpjoolnzk34bEwMzv-JM0BqDDO3rqo2JCCuSU6IpEwj1LCGviz2GNrLJ3oFH0c8fluqOwxJFOMNh8w78n74oAuhleRW3AlxuQReQ

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CLOokgEQ4p3QAhiah6SzATAB&v=APEucNWpThLXGBiqmEfeRwEUmeclsXRzReCxXxmKCkYz_gIohBEpJKqYFz7uT7kU3rjx9EiHoTp0E8iNOT2NTTMtvPP9dJCDj3DrB8U-BRiHhs86dSuwLScZPfu-0krpjoolnzk34bEwMzv-JM0BqDDO3rqo2JCCuSU6IpEwj1LCGviz2GNrLJ3oFH0c8fluqOwxJFOMNh8w78n74oAuhleRW3AlxuQReQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkPWCIDg9VzJTnZnWfuCKLqGvX7s6d5KZiGQqF1nfaRy9SKtKZbzy_iZnoOeyg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 27 Sep 2021 14:41:32 GMT
server: cafe
cache-control: private
content-length: 206
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 85F8 70 KB
28 KB 51ms
46ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AgnfNCk2TAinVSnsGpn08pKW8zT0htmwRSccw2aKykWwrZBWD3P9x7c7ZWDZKb_lA3KGeDI27P0E1LBVBjjDkogTKDqGsW-QaGvruzOs88HYdbEMD14Ot64ulmsKpJDV_1_B46Lm_X8fKw57H-ktSi6xJmFQ&dbm_d=AKAmf-CiEBC_pWMSGZXZxVogwVe4do42hVnauudplGzUOwF3rKgLotwNY_Y3Ko6gG7m7oCc3q-kOi1cxzXRar_LhltdHje6WrdNct2U92OuU21UeSvAxttHyMp5xXpNz7IQgGNCO4xE3IbCwgDHv9nB7p7b2kjUboLfy4pxXPfEuIEPoUjwu0kGZ2WkczYhfOmGnkuefUkQ19Jg0lZFFmrz4CmB3pVjV6zRHnfrrTN6LRb_8IOUC-POtHdyiU5XNHrVrlc6z61XBM98Ri-7GfPXBQfvcLOtauxh6Tp2ukL2EzGtjdmGRU5guLSAKp5tlZUk2rSo0wr3k53k6iMoc37DDFwlWamwyNQIguPDHzK_5Jg4GVmr2CZOFL8w5GvRNu--IRscSsR0G0j4CwfolDuGRVti_po2Tsg5UCZaAsJ_z1Ue7o8nsa3BHZsz4QEnLZ8qcHpYJ7_quZmT4utktdA9zyO534-AOqaYzoZTZEAtkdFxxYlI3wlJG1g30wJM7dQV-lCkfru2tEI5I5VEAFfBR5pWwCZeR2fAbv8uf-aKkX4bDbCAFsz1KN88cJRcY_T6pIpFJb1UQg1rFoeWDHIMyq_uY8we2EOJ-M8UsBqfKHjDET5zOuVfo3K6AL42L6HCLBXKeWXyyygqbWU9FEYYfXY8MMha-bkfBxd1In-JCzZj-gly8ZnLnDyn-x4UiiH1kNh_13EdnqSas_9SVEnH4H4gBQncDDxPMDcBX2hATzKEGOsNuMLEexgj_uNK7TKt19GrJQsM_XyibsMv6m1Wy2lJfHRqLIjgODUdsPrLplFpR65V5atkCP_cyyri2NLE96YMQmJWf8Ji-95WlnR0FMIu88BlZE_rjHY3TYIVXG1ED9ToQWCHC6wIHAgLvX7aQC6A7MOP8gxOHG9yRwcPePIJ38hPSfoF92Pwv6GR0iHvFkgl6oKnv-rusFVP6EwHOi0JpYVPJhRyACQgNHnZHOfIFFkNgxA8Z00qjTTpqbdYpLzqmRtBIvXRuW9vB7snMqJEqud5mMsAGIgjWZlex5wiGDPzDsuDdpotQFma7XVl7p-B3NDr9Sgq_2NzokYGpqO7CgZ-8SVyHAkYq0vzAzigeYg2cmdj-v6kms2c2G92pZ0G8VPzkT1tXLQFEVacjsSnTgasHlHr2YmKRU0C2_G8rztDDv7oHZb9kBwcBQqE02uLQxIchkP-eFazaQPKH90X_RA_1Fh1UvAeNI4dxrZkPAYw7HyGvVmpua0PYUMomHthlEZOEerItLUn0f0rWBXByve8WYtJs1kCUwtdG0FFmR5LPeIbtj9hBaUJ2B_Ztn8VcNgAe3fzYHklstw4QliQg0WYiq7VqSKIJ28__4fjxvGNY9QNAoU7v0841W_1xZVMdh-retmGTNrqHcNcF7fsdQd3KXHNNVjJdlRf9PvcxrMXK8LwXtjm9GrIbBJaMfHrme92N7RqBC4v4N9Za7YlthuHdJEOsRs-SYRtetvfiXJF3KfVRRgI51S5xacPzVnviLLLCzDHc3lRd3LHPG3YXU4H4sn3jfa-ljQPkuuzWEKArnHUCHGWlM-BY2ssRwd46uA-20DHF7kF7ru9IXg1iouqG7SBkhJMKeTotcHkzKouhLnMFGpyysA0Ib1yME2KjCRP0LVXlSD8AF4VdyAyIWxaRFt_hwZVMR6neEGTnhH9IkHeo4xZ5tqK3QOkMetoZerj24yVR1zPoxyta9DmqiW3FYcKJ7KMqlltfjRrS8HhoddeKfV_jTawpzJLtRB24krn_CmkbDdvxc9vPbGR9uSy9f6JqAAGSvcxVKBDgo4m7pUanEbskGZE51JevTtFtyen6ngidaBeS_C7LwzXNeqFDcT4T7qcuI9APcI-FkX127QeLyA731KLNF1OLf5khIpxat7EHozwoK9crufceImgOKXiDiJH0ymVlVs3dW-U27SFO7-XcCH14ZK8IH67NUQphzelXZH2-ZcLlnPehcq6poCs0d9HYGAC2FfVYwbA2v_TZQRS8s-uJ74PwzB940rT3XchEXs9GVuoblG8FfA4wWfg1MOXUgc6Po-mpL6Ms0tpPOkzsp0NoziJmQEdse0VXwA0eHnZd8ehE6tjQGwUdYffGarbjzsIemGCgiT3YQgcHMwJ5EL_VeAz8o6KkmVRsjMLiYvIm8sCwW2w4XxS7hi508ms4uLnXT_L2sRltYTH5rrYO2VgWmD71Q8UDiJokEma_J4zjZTFjzMRl6AxuEahdxyY03PEQiz3UfNRfCrpqC_ySP6w2qcyM_2zmUsQqylmnzFgrtz1TV460IK9dgDe0U4P2xM7c06-1PParcRfiRaTAesHpOKK4EO-ToE4BDgmNSrpmpKkVVyvIYIQ_QNXO_x1wXHyPWQ2jlvD491zEoTC3_YEnWrD_wPQcI8KhXDGXhYeYfWK7XOMkh3gMGeuAbFNF5Lh8lkTdl8LdmmBpXVXcPHyNpywcO3HJ1JUAFi2Gimg-tsKbi9A3ADEr91RX26Pb69Yg0-1Tz-HKwHdPC_b3fI8Y3M3g8VBopw6hhbiGW3epiVcw2AZULILTl8pU9Ibm66VkOoK9W_IR0vZB-quMJjnxmNplsF-erG7Oh0DvwWJLyJ8ne96zWOzJfSNktP30BzYSkeeIM4uO9tyI8eTOstzywOoF9YRG-_JZlUw4rzI-XagsHXn2CYjLobDGzTkLQjZEiI8PxUE4L36vIpLJ99ijeFsFuUTGjcjQFeZzsaUD0pgC2ywCTLktp6iuhFtmmYZOAAp1FQlvrILo9B7ZwJ-BNRFfclbaZHpYpmsFS54bXfqyijNius5K4n1abaw5QAI1vA5d4IIYUAKYWGNPd52CaZPTTyoG70826t-nB8A1po39VdyhKSbh5UP6_Pmamty_M_xKtsuB3u0dUgJeU4N1T6ZWi5_I042NJSrJq7S46AIt8q8n34Q-Ot3GEVuXVR0NMuO39tJ-0g4RKnJi2DBevQS02pUGuBJ0auPwE2K1-EuEDlmEWf3oTYZAqiDxx6S3g4jBA0Z7igoBFHDgiIDy7rXMIp5gWAU&cid=CAASEuRo-rJAHUC2udyShabffH5PNg&rfl=2%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d23c2cd600a4c9df2226698e97cdae7e216295458c0d61e2b64e04b2f2e56adc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28695
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 85F8 3 KB
1 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:37:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 85F8 128 KB
39 KB 26ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Mon, 27 Sep 2021 14:41:32 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 85F8 14 KB
6 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:31:07 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85F8 42 B
107 B 33ms
29ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D7PioxNV2IW2I5r_sPST4JICeIHuH5lTeN85uD_nSYq4s9uH9aV9PWUqgmFvHdTjTsH7R0Xz-QKm0ipGvwPr96PEK9G6eNXZNQASAYSYFNyt5LNYA

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

google_match.ashx
ads.travelaudience.com/ Frame 95E7
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEHqP2ia1TSuqoiW1lzOH8b0&google_cver=1&google_push=AYg5qPKNTW9Xa93VlIK0lCliK0cFsd0G211AQSlqS8z306LIoPNgLVBa1dJQ90rv2W4ijqGffGmDqyFtZGn1Y8ND...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=9LvPczokRBmk7ReC0sBXMQ2&google_push=AYg5qPKNTW9Xa93VlIK0lCliK0cFsd0G211AQSlqS8z306LIoPNgLVBa1dJQ90rv2W4ijqGffGmDqyFtZGn1Y8NDASCX0OQPkOmt
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=9LvPczokRBmk7ReC0sBXMQ2&google_push=AYg5qPKNTW9Xa93VlIK0lCliK0cFsd0G211AQSlqS8z306LIoPNgLVBa1dJQ90rv2W4ijqGffGmDqyFtZGn1Y8NDASCX0OQPkOmt&g...
https://ads.travelaudience.com/google_match.ashx?google_error=3

35 B
174 B

23ms
23ms

Image
image/gif

35.190.0.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.travelaudience.com/google_match.ashx?google_error=3
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.0.190.35.bc.googleusercontent.com
Software: nginx/1.15.12 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: gzip
x-engine-version: 0.0.0
server: nginx/1.15.12
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
via: 1.1 google
x-host: tde-deliveryengine-production-7f8fcb5db4-5qmpv
content-type: image/gif
alt-svc: clear

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.travelaudience.com/google_match.ashx?google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

google
d5p.de17a.com/cookies/ Frame 95E7
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEGvIZeJS4ds9DXyNgw6sm-I&google_cver=1&google_push=AYg5qPIrN25QqNd1KbiZAERK4nzUV2nlBGVRtcaxS0o4ugxMHMRP0I3JoPAqkxdcqKm0zHGuZ4eW1-gCFo4pV2oaIOrV8-K...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEGvIZeJS4ds9DXyNgw6sm-I&google_cver=1&google_push=AYg5qPIrN25QqNd1KbiZAERK4nzUV2nlBGVRtcaxS0o4ugxMHMRP0I3JoPAqkxdcqKm0zHGuZ4eW1-gCFo4pV2oaIOrV8...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIrN25QqNd1KbiZAERK4nzUV2nlBGVRtcaxS0o4ugxMHMRP0I3JoPAqkxdcqKm0zHGuZ4eW1-gCFo4pV2oaIOrV8-KUC5ZT
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AYg5qPIrN25QqNd1KbiZAERK4nzUV2nlBGVRtcaxS0o4ugxMHMRP0I3JoPAqkxdcqKm0zHGuZ4eW1-gCFo4pV2oaIOrV8-KUC5ZT&go...
https://d5p.de17a.com/cookies/google?google_error=3

35 B
134 B

27ms
27ms

Image
image/gif

213.155.156.167
TWELVE99 Twelve99

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d5p.de17a.com/cookies/google?google_error=3
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 213.155.156.167 Uppsala, Sweden, ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE),
Reverse DNS: 213-155-156-167.teliacarrier-cust.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-type: image/gif
content-length: 35
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://d5p.de17a.com/cookies/google?google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

dds
rtb.openx.net/sync/ Frame 95E7
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEAUs1CqJZm4InAkMFVpAZHo&google_cver=1&google_push=AYg5qPK7Wni689cUGDUUyz0zx61uu_8NkmScRHuEuBrDMDnH1mLlbWNBsygmykGSwYoVFo0lXn5JLPcqwjmQ5MnKEPaDywj7q74
https://rtb.openx.net/sync/dds?google_gid=CAESEAUs1CqJZm4InAkMFVpAZHo&google_cver=1&google_push=AYg5qPK7Wni689cUGDUUyz0zx61uu_8NkmScRHuEuBrDMDnH1mLlbWNBsygmykGSwYoVFo0lXn5JLPcqwjmQ5MnKEPaDywj7q74&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPK7Wni689cUGDUUyz0zx61uu_8NkmScRHuEuBrDMDnH1mLlbWNBsygmykGSwYoVFo0lXn5JLPcqwjmQ5MnKEPaDywj7q74&google_hm=izISa6qSwbcGeGpY2nFPAg==
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPK7Wni689cUGDUUyz0zx61uu_8NkmScRHuEuBrDMDnH1mLlbWNBsygmykGSwYoVFo0lXn5JLPcqwjmQ5MnKEPaDywj7q74&google_hm=izISa6qSwbcGeGpY2nFPAg==...
https://rtb.openx.net/sync/dds?google_error=3

43 B
145 B

18ms
17ms

Image
image/gif

35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_error=3
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: clear
content-length: 43
x-request-id: ms06cj9nhetsldnfj3se2qmm17p83ii6

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb.openx.net/sync/dds?google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 242
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
google-sync.rutarget.ru/ Frame 95E7
Redirect Chain

https://google-sync.rutarget.ru/sync?google_gid=CAESEGkxARm14AnK9qVsNM94EzM&google_cver=1&google_push=AYg5qPIhod6u8VZ32NP0mwHxYibD_As-VIrIY7QvNGUavQsnO0G4QOWh9-NyXnlfE994GsqGTZNMMDAO6pmsLV5YkNvpOj_...
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=aXE4em5hNVpJQWdU&google_ula=2046794&google_push=AYg5qPIhod6u8VZ32NP0mwHxYibD_As-VIrIY7QvNGUavQsnO0G4QOWh9-NyXnlfE994GsqGTZNMMDAO6p...
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=aXE4em5hNVpJQWdU&google_ula=2046794&google_push=AYg5qPIhod6u8VZ32NP0mwHxYibD_As-VIrIY7QvNGUavQsnO0G4QOWh9-NyXnlfE994GsqGTZNMMDAO6p...
https://google-sync.rutarget.ru/sync?google_error=3

35 B
398 B

162ms
162ms

Image
image/gif

80.64.106.147
RASCOM-AS CJSC RA...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://google-sync.rutarget.ru/sync?google_error=3
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 80.64.106.147 , Russian Federation, ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU),
Reverse DNS: s-fr2.rutarget.ru
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:33 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://google-sync.rutarget.ru/sync?google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

cksync
cs.media.net/ Frame 95E7
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEDwWNsJsMOaoXKj2u2oK3pM&google_cver=1&google_push=AYg5qPL2UIHhWndvBFj8T9D5tJXSjkc9xZHhIvEjSFoYKmDsyfnLr1gkB5h6d9NpjFgdZBdzQ0Ja18sZXG6WpyHOoyx0XhydkWs
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc1NzU1MjkyOTg2MDE5ODAwMFYxMA%3d%3d&mn_hm=Mjc1NzU1MjkyOTg2MDE5ODAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPL2UIHhWndvBFj8T9D5tJXSjkc...
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc1NzU1MjkyOTg2MDE5ODAwMFYxMA%3D%3D&mn_hm=Mjc1NzU1MjkyOTg2MDE5ODAwMFYxMA%3D%3D&google_sc=1&google_push=AYg5qPL2UIHhWndvBFj8T9D5tJXSjkc...
https://cs.media.net/cksync?type=g&mn_hm=Mjc1NzU1MjkyOTg2MDE5ODAwMFYxMA%3D%3D&gdpr=&gdpr_consent=&google_error=3

45 B
508 B

119ms
119ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&mn_hm=Mjc1NzU1MjkyOTg2MDE5ODAwMFYxMA%3D%3D&gdpr=&gdpr_consent=&google_error=3
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:33 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 45
X-MNET-HL2: E
Expires: Mon, 27 Sep 2021 14:41:33 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&mn_hm=Mjc1NzU1MjkyOTg2MDE5ODAwMFYxMA%3D%3D&gdpr=&gdpr_consent=&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

pub
cs.chocolateplatform.com/ Frame 95E7
Redirect Chain

https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEGexLC7PezEiPOpdRGqTRvc&google_cver=1&google_push=AYg5qPJXWqaxUq_1Y3LfXCRepvUojhaKRggo-KeH2wGsrP-o-FSFwFmG0Fkne2BDDy2Tp1BzXyupYSVXOPDTrL...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtODlkYzkyNzUyZDMwNDIwYzYyMjY5MTBjMWE4YmU4NzU=&google_push=AYg5qPJXWqaxUq_1Y3LfXCRepvUojhaKRggo-KeH2wGsrP-o-FSFwFmG0Fkne2...
https://cm.g.doubleclick.net/pixel?google_nid=chocolateplatform&google_hm=Y3AtODlkYzkyNzUyZDMwNDIwYzYyMjY5MTBjMWE4YmU4NzU=&google_push=AYg5qPJXWqaxUq_1Y3LfXCRepvUojhaKRggo-KeH2wGsrP-o-FSFwFmG0Fkne2...
https://cs.chocolateplatform.com/pub?pid=ebda&google_error=3

0
38 B

118ms
117ms

Image
text/plain

35.212.101.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_error=3
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.212.101.174 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 174.101.212.35.bc.googleusercontent.com
Software: CookieSync Powered by Vdopia /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:32 GMT
via: 1.1 google
server: CookieSync Powered by Vdopia
alt-svc: clear

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.chocolateplatform.com/pub?pid=ebda&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 261
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 95E7 43 B
135 B 18ms
16ms Image
image/gif 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESELVdBW6yWok6AFxJz5fp2BI&google_cver=1&google_push=AYg5qPJfexGAi0bDbNNt_yPeY_remhlyWlFh_1qG_9IsJpuMGSkqy3OToAUk62TpByROemqMmOUNDq4NyUThhD3WO0Kj7tarpRioiQ

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 14:41:32 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 95E7 0
12 B 17ms
15ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IKJjjjoRfF4dz_lX1uP2p6eUIKn7a15z9NaC76t7813YOj2rUAoOPt0EMvor6laYtAOlRdcg

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 63E1 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15924
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 27 Sep 2022 10:16:08 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 37BC 1 KB
783 B 7ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 27 Sep 2021 08:58:57 GMT
expires: Tue, 28 Sep 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 20555
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 63E1 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45e75e4f45e1e15bc43f5caeefbba3e174dd2fd06e4863ba6e0c45fede74fd81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0172 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hawtcelebs.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 27 Sep 2021 14:41:30 GMT
expires: Tue, 27 Sep 2022 14:41:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 19ms
19ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.2&b=1&r=hawtcelebs.com_300x600_hawt600&sy=c930b04b-b65e-4cc9-a8b6-938425915080&ts=67&cd=3&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=300x600&mlbw=4g&mlcs=149&mltp=53f6a350-39ce-4048-aaf9-630c8f171eb7&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:32 GMT
cf-cache-status: HIT
age: 1439919
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e527a945c0e-FRA

GET
H2 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 9A3F 114 KB
39 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
Origin: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 18:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73894
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Sep 2021 18:09:58 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/ Frame 9A3F 8 KB
3 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C6xpqm6HM2fwoQlhMjSLigvPIJDJ_nMe5TROmJuLBdckyVScUPHgR1foAXba8S1gIWpF7MnOSKjGsrAgkSZ1qc-Rt5QnRDSK_B4TpaS1jkJnrh8T0s1Qo8sYDyGvpOO-OoxBtTsKliVxeKYP58HH3YBmCVeg&dbm_d=AKAmf-Cauh8Cdsu4krBzmsMKIGijQtuhpjVwCukQVXjdCjCw1cCbp2U0b647sxNnAH7uDoJP1UUPPd9RVQqMHONkFfgH9t8FKmiSt5vRJlo31fWwz6GyHEJdNo3MYAPfkWUW0iwQe8_IzILahZHAKofI_hKmfrBfnXmRFfQiDlq5jenfBBOjhHMte16wWMWdpsNvcPjNttxNuUNJoO_bSBfbk57BAChrmhDiZh012RWuADY-WlVhTfajTw4NsTed_WMOnEhMWhAut9S3gLx_0mi8wcnZUJwbJtN-sQxa3fTVdVoMERL54lxfvSTwp-GXulU1pTQak3ShrMmCfVCs--Q-zAFLPOs1akk5D31DHc5xUHjneW30cfnrxk_93EaJzBIKVEfBp1eW-LUxKbR-9EZ_Rgi_tUBNCf182JpyY9dHfT73Oja03urUs6q7iKTbBmv3utpzDqLJZ9zk6lTiyZkgGU6aURjqbrFt0l-Z3jqBWVUvXK3tK2RAo3jv2rnMKyXB3ujtDR5XQRxkMEDWtkoWBqjkwCLmcM9o16Y8YhX1uzMTw1hFj65Eo0mIMWKwJVBG7VFj0HSD-nNB4AKDAPuoe-wLID4RbwKX6me0Ie8lKdv9eneDpN89D9AIzRLLlHfm1eSzD0yDDh7CJ-so6NLF9SicfcpeZesr2cSnw55YQUdWxy-ksWpBpEA-8ohAh_DRBBUuatM9mw_YQTVQW1JC7vUoxNLI8ZLPEmT6SPCzaeHr3PBCvcjuPvj1Vv2yPDv_O-eZAuvzRW36QWyvYPwCFrtXRjbQrGqQqsKAL_5L-HmnS6TxXvxf2D1O8T-oiYrTClDYrh4zY4voOissXKu4riMlwyVw5zsQClKed6oBloId8ILquNdi1W9_amr8PnS1iDF_Q-iGHRuYFfcFKfyV7oAQsFVvejLV1B_EnKM8YMa95SQFamDBJvMyv4WXDKlE5mZIjp3PgYf1ZkAJoeLiYRUTlAXAGMlNH_U_yzET1xLrMhMyYOVOARk_7IJDTDaWsGEpsOmEsHQnoAuYtVMxmWKj5oCNNGfCjvklSHEseVfvdqTNE5gO24uEAz8F2k0o1HXQVG5uEIa3gps4CWFWQ-GghlKGUSfiJT28rQ14W7Mvu1MYwjwHuZYX5ot7Hv5FgJ0byQTfYxRHpsiCYjFd0r5CUyoKI6odJje1TNNY_dLcudM2JWyps5-UwLnOuFZZUgTQYWkJ1KoN-M5whjnsY_lfUYJckNsjqxm3dmP3b5v5KF7_bMpKruXjQH9PVjZyntgbIOgdevf_mnW6hAwQSp73QNw6HPEyM6MS145xd1dtrROACRvkAaN8SBYiA2P9w7Iz6Y4dT5N-TNd0q8XEVVUjrq7gvT1G6hM9XGRPWyGOhtWceqTkJk__9xEv2K2Z7o9erbEqj4i4HoTNSsK3GpRgql7AjVKnTlAHvxKsCxFwdzAxCvAeQnIIdkTpsqdGBgw6LEa76Qe3FVdgggv8CDBqanzuwNYyfcSI1wMe1B6gekdgK8hUWnyplV7KgI9dKvqXNVezb2pJ9uXpEqZA8Re0o95-1tjX_qtpo3WBd78gjMuIVXsCUb54H6gya4lY9DVrcDxNcetZy2ti10_wKWbdM3VbC2InxAWgk9XgJu2PT-glw5aH30wRVSt8hDFAzititDTrCBEyB72ZCjcrq0y6SRTTV1w2rf3Jl2ey8IU-RUZidxYgGF8-GyyUqaY0MdjOrgnAieFBFiU_ybfnNIq2o2aDt5AugWPuv5ZVgapp2NNW8rstd390QUy4q5cM04ZcWmLnK-Bd0YIkQtWpIbtfiwIlNGXEQB3SbOgpWJmEhw7nayZ43ojt5KtX7hCx6jHK7uYlrJrnC0xQldNdacuPcwQ5nj3ySRW0JodSG9ddy4SzrO2tXcEVkbcbZnIc27AYG2mLQPd_0JZSLO2udSRryuUv342KYJoXmOQ2m2-k1HACxtwUr38GZhToxJ35x8dzFM8ThdOOWK8M0_a_Ahri_RfQbCyM9GpdcdVKl8dK493V80ktlQUCbaU5Cq1H4PhD-ni2RUHFMHhupgKvAvIDxYq_uwP6RFsEnpp88fMmhbmOWJDpUi4PIl2O135A8OFQbPJkoSpXnKM4rgzPZyrMEUlM87ls--BByy5u2rLyjUXY45Y4nwVINm5dKCpUZhkbI9et9sLgMz-yvAQ3iZm-mLVt1fgeGvcF3ByVWTENiWk05o0pc9d03wHIAygQ69E6q0vSq0o03qKRnAit4JsNS6OeHRC8mZPYWIRRb5FvapTnYmzvO0B1oGClAvWuuU6JtvXx_YlYW2biwlUSpnqbVganuBHfbgY2GzpoF2A-xTWKkPspBj6BkxK62oXm15AFiG_QpThJHacYpzD8AGosOJw0VKhe4e-8jk7vdncP9FCsdZqbQDiggUXY0S3k-ukdRVnI2aRxdshI9HkdG51uMxxuInZtCGcOPvWZrZ7_Qut3N9EIVE-i9Nkzea5g_TkFqbNOwsCY3Z7rgZiqwqLvr1mGUlzOAqdYnOMMZU_yfcDzGrQEfDcuK4b2ghfqZ3EQjJVAk2QgMe5brxA6QgA0DgG7IkhhC2dD9XprVx1IGqIWlHV4UBCLGQGexoR1fKVI4Gsa2IpwR6hqPsXP0yDrAnK5hoarBz6wNkOROpww-v-qYhpTeYGLPQo8DHSvRU1IUPdwKql5gbSHwnszl_xKWXMQjcWl9f7YeYHxFxZnTtGsXWPB_hlL5JXiHSMvPOAmkEoXCwwmCFg1ChPQgzT-pe79I7wsklat4FW9wEISHBF3CCLy5fVfQRaTt0Pchyb4naudRMhEBXgbBGv3DgIJv6wo1yvDV9CHHNXIF1KalxBb_jTjRLsqjk844AmgqOf9gdvvsGe124XDbDk6mMkNFIVpiGh41JHb3yM53ftv0huumb4uyH8hPdikrdWLzVN9_nzHezSwM9zx_IWz-xcnfGHxKFjhpYTWMEdOcjX8Cfn_ftHITdfm8evXYnRQaUOp52rodNol2X5fnJkaWvByEuY4-FetOz8L9pWAD76hMWUXbdXjGqbtYU1vsy1Y4qR846ZejHVWmERWYBp5CCXjctQgGf0WUsGpilR-ev6tJN9rAvABNbKdVm94Qwpnxc48WGjqz2MBtwVTXd3Sa2G32G0R-53sLDvhwuY2yKC5aSLVB-8D54561mO_da8M0grEqkyQ&cid=CAASEuRoid-snYNc0o7uF59BnwKRsw&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcb80c86da267703311d2eeb3bdb5af0dedf63589d7d6eee4ed81f4bad7537f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:32:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3143
x-xss-protection: 0
server: cafe
etag: 2416364338287085106
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:32:27 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame 9A3F 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

289d6e0a0907342fcc661d9944f30ab735754993b96f13f5b59ef4f5269b40fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9237
x-xss-protection: 0
server: cafe
etag: 9463376652360951579
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:39:38 GMT

GET
H2 200 container.html Show response
a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CEA0 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hawtcelebs.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 27 Sep 2021 14:41:30 GMT
expires: Tue, 27 Sep 2022 14:41:30 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

HEAD
H2 200 e.js Show response
live.demand.supply/e/ 0
44 B 17ms
17ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/e/e.js?gl=0.03&b=1&r=hawtcelebs.com_native_multi_native_home_7&sy=c930b04b-b65e-4cc9-a8b6-938425915080&ts=67&cd=2&mlbr=ch&mlos=wi&mlla=en&mlco=us&mldo=www.hawtcelebs.com&mlre=undefined&mlin=0&mlsi=570x600&mlbw=4g&mlcs=149&mltp=53f6a350-39ce-4048-aaf9-630c8f171eb7&e=lm&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FDSVY3B56DXVEWJHJ5FA2N6Q
date: Mon, 27 Sep 2021 14:41:32 GMT
cf-cache-status: HIT
age: 1439919
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "6f650c17b0b5779657ffe2617584f8e5-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e52eba85c0e-FRA

GET
H2 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 909F 114 KB
39 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
Origin: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 18:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73894
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Sep 2021 18:09:58 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/ Frame 909F 8 KB
3 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CxThCIEh-1Us0vlXvbqzvamJPOjIvBGgYZ84mqG24-xgD-9kGv5KGYb2Usp-GHk3XKlR3lM8-eRub5r2mYK7ZRisUdpcfnstCcwxSTvrHtox4aQY_TU3SMI5Q-Id8wey2caHgrqLHCQLiUAFU_CQwaeI-bHA&dbm_d=AKAmf-Dl9rGdYf90qlwDTMkgPXqEIT6D3yggdXb8q-jgSXjIo8latDjnSnInhEr1C-vIabcAD23PF4ryw0ItTFWt_dG9VwqaHw0LjdA0_Q-HzQnX5wHXa5gfbGUg-80Xcjl_cd3hjxGxm06NKzSveXVkb0QzTsvJB-Ol79kAgZS7ZDPucBlozPoQ_mZHPQhs39lmn8NeG9l0DwD2cEFi5qezuXnfHGK0S5jC65T2SDxauemfa8gWqg2KITzRHvfU2oTtejbcKfhy-PQUMmV1x2dFGYbxRvhn9VUm9LVn3Pblz_t_c4h5-rRLmm9D4nZuDaZhmYJYY3cee6dzW7BGp3EcIbWqKUGCCWtSCn2PmGREudxFslYSf0rBt9OI_BIaIAziVm-ual1KnbH1Ax1-OBjNRGve7FNLADCRsvz-nPTeRjEkzSAu7qXClLzrc49ecAtEk3anjGUbdp6cOm8t3L4HdRI4gXTdX_01zhukUCLF107G2VIlZmeD0Nmw8kqEQCFr1PRcEQkze0vW8NPJPJsLyYS_BXGF4x_Et8O0meq7mwEVP3n3URYnEea8WtpDVctvSboTMnDN5eiVV21SSOW3nAVZCF2g0y0uFG49GldOAf_ItpoiejLwZBhbbqSTfnZz5bNjCyCkP3FB-MwKtydMeqwMP3DaTS8WjqwVzLxU4y17svdDJslgkoRyeIdXO1JlQQf22inSMzyGS4z97EJYcHYwWVb8q01k_Eb6cBjL8zIGgd0NVYQak5mkfplY_uaVfn98ItZQqF1a6pBAsMp5rUTbdmrHAfyVDe02EOSuj_nc2OaGeglTog2Y0hqTtm9owfOdhVey8Jq9uUbOt28AH-_XUP1GEPJoIF4R8SqsiJWwxovvTzXlf9igVngQCj-LSSD4M8KJmo77OtnzycOc0alqNPpAwLNSrOCKVLPPl5WJjUzGAdX2Ng0BoY5V8Goy4YOWAXEEgtgcfPRA06UKANQ4Rp-wlbG-76l4-St0u9yd6PXFLEOWGDu7PETaM49_IfxEo_fBaf1O-cCAITswdbhMpqYEP45wZeSGHaxXM09OBQVMIY8vmSat5JtfzpUucQRTnabRCsp5ijDE3sNDKh_xtxCeO1nD5241uUm4g9KbFsatMYXd-TzlsEggw4QtVxPfqh6sBimikFS0sR-RGBbXm9W3OSclensHYrqkF7yzoA-6j1QSXewLaGkUvBAPRSuqZBaHiQEF65H9UBzvEGSKMvhp0vXT_GUKcDJ2MJow6VXsa03KcuKozu5T4YQRsH9m-56vT5fUvTM1vbsu4fry0IuzMFTucrb2tSwSWQMN7pCsefMr4ars_dxkiSd4dMdrY11e1RQVH5C77Hd3s0ryt0YsNoaifelcNUfd2nzXt1BcDsODLRet2cA9lgrdNG7pOPP53DsvlxRENMunbB8oPlErcp69a_eaBDMC7R40Q5eKrrrOjICzJQXT7VqC7mKbLv9C7H6zb3viwMkV3wnV1v41fb_5vpXH15t1OgFzpMBZJiQdTlxCqlefq2kMziWG_z-NyerhKieg5mEWrU0t5q0NW4fEAluHbALcxJTwbmr9QQkjVwPSzUrz4XjeHAxtVoz9zqrKp1Ib6Cfk59tyMZfs3c2kHTmB4kpvmztVPBfcENbe0VhWKbtTvTmDX5rq_2WSsqLcYgyt-xoo2rWGVa1z9h0YbZrz-jxqcpQ7xsk6UGY0FJKkGg-CbRlcsIhKucufJcaF4FDtNakxrzSEyAaFIZAHsxc-RVda31pktZ5YTlvepgDIdQEj8wQ5xE4sxxxpjq1fwNy2aDGubvEKLQ9kqmYRdaJ4-yB50UJLE3G_xLaFnaktCBUAeuzJnfD6Xld1OXrD65sDN-Dg3Pkdec5zyu1Ah84GcuYk-qq60014OjJmkRWAeb5Zas7xFoOV5-nqfidtbwDIeU5Rrvf-7bIO0kZ9xprxZnrJgAaXoG3NN2czu7MbWMUZR8LqnnNpOiBah1dcL0dwUenEALMC1sOao3W41tG5yVBQQSUGb178bVNsdwfW2hb6p4MvV9Fk_R4HvX6aKVItdcprcLcI0oyUSBne5_bnuluCD3Yd7llWioH-GRyO_AhauzOBE44Vzo_gIo5E7iZkoxgrbxwFdnNNx0-OOfNyjZliEKJg64Y4HpimoDAqrgigsTmZvGQi7ct6C_2CzSBmX16Z0M71Wdjk6Sit1-hx6QSN5VhVE5P2Tbn1MoYJy0WctraZNeyaIUpn4E0YNsu3ytDAiwsT1ky8yVqV98veEWG93yIQPBzCRIHdxugH-O3jgzu7aLAfhua3guF8eClWIw3B3ozi4VZS3mKTHDMVU8GSR6mXtD-rKc8zN3kl-w9N9dotortTM9Xw4pqtUPWQ9s0b7FhbWFk2zCyHlSm63Klh6YksfbVwAExxI8TiQLEec11AmsAFx3p0qfV4qfbVqtfRt6YMoXgbOwp6DadTI6H6mjI530ZE8AF9CvFn5ppBmIer3xCOfCAduT8Vzkm2dawMbzLpGUcyhrPRDhEQf1JB7vk9Z17XAs0shQbbkSszN7zyohzX3e5Ke2k9mGjNPbvfWKGOmQ2-k-4xgnKEodBkHAidNYPj7xDYG8JLSDv4XLHBtiRQNPQPvY3EA0BSd0jpIkk5BDD6C3-bq-cVi6k0f_VfCGMoSQlksrbHfCnXVw4U9oXeDpeqfmWPH4-9xN0dEIqbkLCU6Sw8qAx4TXH9YM87WAmrGV_-vxek9JSQJJiiGP-1T5kknGNrp_utecuCDlnRYc_Y7sIONnhxc9f7V552sZATBWYb18qiBfeViET7XKB1oY4Cdv3s3nztUCxcLMC93WrkZqz4OTF-minuWMj6fox4CNPpbXIWz_WZbxv5KCYb706XKHejqgedgUK1D17Vz-ATKhFY8Jlvh3Ffe193vPd2VKkiyEvhHUyPWPY7gBCejoqriptXb720rWyND1I4zeq-z5micaKmmMTqcklsCzja2OAYHNMnOntVzOdDdwer0l2bKJ0ji0uHuwCgP2QQ5xPkTG3yf3IzovHxplJ8pA6XdmY&cid=CAASEuRoj0qcEf8CsyuwUPRJuNlvkg&rfl=2%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcb80c86da267703311d2eeb3bdb5af0dedf63589d7d6eee4ed81f4bad7537f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:32:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3143
x-xss-protection: 0
server: cafe
etag: 2416364338287085106
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:32:27 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame 909F 23 KB
9 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

289d6e0a0907342fcc661d9944f30ab735754993b96f13f5b59ef4f5269b40fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9237
x-xss-protection: 0
server: cafe
etag: 9463376652360951579
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:39:38 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 80B1 22 KB
8 KB 9ms
9ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 27 Sep 2021 10:27:15 GMT
expires: Tue, 27 Sep 2022 10:27:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 15257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 85F8 114 KB
39 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
Origin: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 18:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73894
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Sep 2021 18:09:58 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/ Frame 85F8 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AgnfNCk2TAinVSnsGpn08pKW8zT0htmwRSccw2aKykWwrZBWD3P9x7c7ZWDZKb_lA3KGeDI27P0E1LBVBjjDkogTKDqGsW-QaGvruzOs88HYdbEMD14Ot64ulmsKpJDV_1_B46Lm_X8fKw57H-ktSi6xJmFQ&dbm_d=AKAmf-CiEBC_pWMSGZXZxVogwVe4do42hVnauudplGzUOwF3rKgLotwNY_Y3Ko6gG7m7oCc3q-kOi1cxzXRar_LhltdHje6WrdNct2U92OuU21UeSvAxttHyMp5xXpNz7IQgGNCO4xE3IbCwgDHv9nB7p7b2kjUboLfy4pxXPfEuIEPoUjwu0kGZ2WkczYhfOmGnkuefUkQ19Jg0lZFFmrz4CmB3pVjV6zRHnfrrTN6LRb_8IOUC-POtHdyiU5XNHrVrlc6z61XBM98Ri-7GfPXBQfvcLOtauxh6Tp2ukL2EzGtjdmGRU5guLSAKp5tlZUk2rSo0wr3k53k6iMoc37DDFwlWamwyNQIguPDHzK_5Jg4GVmr2CZOFL8w5GvRNu--IRscSsR0G0j4CwfolDuGRVti_po2Tsg5UCZaAsJ_z1Ue7o8nsa3BHZsz4QEnLZ8qcHpYJ7_quZmT4utktdA9zyO534-AOqaYzoZTZEAtkdFxxYlI3wlJG1g30wJM7dQV-lCkfru2tEI5I5VEAFfBR5pWwCZeR2fAbv8uf-aKkX4bDbCAFsz1KN88cJRcY_T6pIpFJb1UQg1rFoeWDHIMyq_uY8we2EOJ-M8UsBqfKHjDET5zOuVfo3K6AL42L6HCLBXKeWXyyygqbWU9FEYYfXY8MMha-bkfBxd1In-JCzZj-gly8ZnLnDyn-x4UiiH1kNh_13EdnqSas_9SVEnH4H4gBQncDDxPMDcBX2hATzKEGOsNuMLEexgj_uNK7TKt19GrJQsM_XyibsMv6m1Wy2lJfHRqLIjgODUdsPrLplFpR65V5atkCP_cyyri2NLE96YMQmJWf8Ji-95WlnR0FMIu88BlZE_rjHY3TYIVXG1ED9ToQWCHC6wIHAgLvX7aQC6A7MOP8gxOHG9yRwcPePIJ38hPSfoF92Pwv6GR0iHvFkgl6oKnv-rusFVP6EwHOi0JpYVPJhRyACQgNHnZHOfIFFkNgxA8Z00qjTTpqbdYpLzqmRtBIvXRuW9vB7snMqJEqud5mMsAGIgjWZlex5wiGDPzDsuDdpotQFma7XVl7p-B3NDr9Sgq_2NzokYGpqO7CgZ-8SVyHAkYq0vzAzigeYg2cmdj-v6kms2c2G92pZ0G8VPzkT1tXLQFEVacjsSnTgasHlHr2YmKRU0C2_G8rztDDv7oHZb9kBwcBQqE02uLQxIchkP-eFazaQPKH90X_RA_1Fh1UvAeNI4dxrZkPAYw7HyGvVmpua0PYUMomHthlEZOEerItLUn0f0rWBXByve8WYtJs1kCUwtdG0FFmR5LPeIbtj9hBaUJ2B_Ztn8VcNgAe3fzYHklstw4QliQg0WYiq7VqSKIJ28__4fjxvGNY9QNAoU7v0841W_1xZVMdh-retmGTNrqHcNcF7fsdQd3KXHNNVjJdlRf9PvcxrMXK8LwXtjm9GrIbBJaMfHrme92N7RqBC4v4N9Za7YlthuHdJEOsRs-SYRtetvfiXJF3KfVRRgI51S5xacPzVnviLLLCzDHc3lRd3LHPG3YXU4H4sn3jfa-ljQPkuuzWEKArnHUCHGWlM-BY2ssRwd46uA-20DHF7kF7ru9IXg1iouqG7SBkhJMKeTotcHkzKouhLnMFGpyysA0Ib1yME2KjCRP0LVXlSD8AF4VdyAyIWxaRFt_hwZVMR6neEGTnhH9IkHeo4xZ5tqK3QOkMetoZerj24yVR1zPoxyta9DmqiW3FYcKJ7KMqlltfjRrS8HhoddeKfV_jTawpzJLtRB24krn_CmkbDdvxc9vPbGR9uSy9f6JqAAGSvcxVKBDgo4m7pUanEbskGZE51JevTtFtyen6ngidaBeS_C7LwzXNeqFDcT4T7qcuI9APcI-FkX127QeLyA731KLNF1OLf5khIpxat7EHozwoK9crufceImgOKXiDiJH0ymVlVs3dW-U27SFO7-XcCH14ZK8IH67NUQphzelXZH2-ZcLlnPehcq6poCs0d9HYGAC2FfVYwbA2v_TZQRS8s-uJ74PwzB940rT3XchEXs9GVuoblG8FfA4wWfg1MOXUgc6Po-mpL6Ms0tpPOkzsp0NoziJmQEdse0VXwA0eHnZd8ehE6tjQGwUdYffGarbjzsIemGCgiT3YQgcHMwJ5EL_VeAz8o6KkmVRsjMLiYvIm8sCwW2w4XxS7hi508ms4uLnXT_L2sRltYTH5rrYO2VgWmD71Q8UDiJokEma_J4zjZTFjzMRl6AxuEahdxyY03PEQiz3UfNRfCrpqC_ySP6w2qcyM_2zmUsQqylmnzFgrtz1TV460IK9dgDe0U4P2xM7c06-1PParcRfiRaTAesHpOKK4EO-ToE4BDgmNSrpmpKkVVyvIYIQ_QNXO_x1wXHyPWQ2jlvD491zEoTC3_YEnWrD_wPQcI8KhXDGXhYeYfWK7XOMkh3gMGeuAbFNF5Lh8lkTdl8LdmmBpXVXcPHyNpywcO3HJ1JUAFi2Gimg-tsKbi9A3ADEr91RX26Pb69Yg0-1Tz-HKwHdPC_b3fI8Y3M3g8VBopw6hhbiGW3epiVcw2AZULILTl8pU9Ibm66VkOoK9W_IR0vZB-quMJjnxmNplsF-erG7Oh0DvwWJLyJ8ne96zWOzJfSNktP30BzYSkeeIM4uO9tyI8eTOstzywOoF9YRG-_JZlUw4rzI-XagsHXn2CYjLobDGzTkLQjZEiI8PxUE4L36vIpLJ99ijeFsFuUTGjcjQFeZzsaUD0pgC2ywCTLktp6iuhFtmmYZOAAp1FQlvrILo9B7ZwJ-BNRFfclbaZHpYpmsFS54bXfqyijNius5K4n1abaw5QAI1vA5d4IIYUAKYWGNPd52CaZPTTyoG70826t-nB8A1po39VdyhKSbh5UP6_Pmamty_M_xKtsuB3u0dUgJeU4N1T6ZWi5_I042NJSrJq7S46AIt8q8n34Q-Ot3GEVuXVR0NMuO39tJ-0g4RKnJi2DBevQS02pUGuBJ0auPwE2K1-EuEDlmEWf3oTYZAqiDxx6S3g4jBA0Z7igoBFHDgiIDy7rXMIp5gWAU&cid=CAASEuRo-rJAHUC2udyShabffH5PNg&rfl=2%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcb80c86da267703311d2eeb3bdb5af0dedf63589d7d6eee4ed81f4bad7537f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:32:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3143
x-xss-protection: 0
server: cafe
etag: 2416364338287085106
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:32:27 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame 85F8 23 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

289d6e0a0907342fcc661d9944f30ab735754993b96f13f5b59ef4f5269b40fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9237
x-xss-protection: 0
server: cafe
etag: 9463376652360951579
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:39:38 GMT

GET
H2 200 Enabler_01_246.js Show response
s0.2mdn.net/879366/ Frame FFDF 116 KB
39 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/index.html?e=69&leftOffset=0&topOffset=0&c=uo8oqxoif9&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/index.html?e=69&leftOffset=0&topOffset=0&c=uo8oqxoif9&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:27:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15257
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40237
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 10:27:15 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1631
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm=&google_dbm=&google_tc=

170 B
188 B

43ms
43ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm=&google_dbm=&google_tc=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQg-LRwAIYz_KTswEwAQ&v=APEucNWUr0Or2QvYswAOFpUKo2cDdvOutx79ak-Qa7YbNmEHE98eifMFOpqGVzcu3GFzmwBS7Bz6pTy_cD2btNulqGP_s-4ZKEQ8_Siyc_HFk8shY4OhsymtDlyeEnguh2QSeiIDQRb5YGTm4jeK7UBLTB2qZqf86IDRbhx6czSSwuqXF8HaO1YTP-QLlMZN4GsaRtQdkl5bvfvCa0xcBkOhLG7cQ-ejhg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm=&google_dbm=&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1631
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDIyMTlkOGYtMWZhMS0xMWVjLThlMTktMWVlNWI5ZTEwMTA2
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDIyMTlkOGYtMWZhMS0xMWVjLThlMTktMWVlNWI5ZTEwMTA2&google_tc=

170 B
195 B

18ms
17ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDIyMTlkOGYtMWZhMS0xMWVjLThlMTktMWVlNWI5ZTEwMTA2&google_tc=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDIyMTlkOGYtMWZhMS0xMWVjLThlMTktMWVlNWI5ZTEwMTA2&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 336
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 1631 0
445 B 41ms
8ms Image
text/plain 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:32 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C16
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm=&google_dbm=&google_tc=

170 B
188 B

28ms
28ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm=&google_dbm=&google_tc=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhimlbazATAB&v=APEucNU9g8IoI8s4GOYGCH2DcxUcSrPMu3guH-2LFLV58H3qpufeXRDkSx7QteO5jNs6K09JShiugoDzDFQTC24epAsNilyalqKKmk2exq1uDau5kP_titvy5C2gPAkuC6no7Zf3CAravS87DOKB7z1tx7zePKcD7CDBKJPfQmspv6TUlUENbEFOEW1MKTtIlbbsHp7poWA_WrEAlo2sRXxeLKpzdKmV5g

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm=&google_dbm=&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C16
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDIyMTlkOGYtMWZhMS0xMWVjLThlMTktMWVlNWI5ZTEwMTA2
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDIyMTlkOGYtMWZhMS0xMWVjLThlMTktMWVlNWI5ZTEwMTA2&google_tc=

170 B
195 B

22ms
18ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDIyMTlkOGYtMWZhMS0xMWVjLThlMTktMWVlNWI5ZTEwMTA2&google_tc=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MDIyMTlkOGYtMWZhMS0xMWVjLThlMTktMWVlNWI5ZTEwMTA2&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 336
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 8C16 0
270 B 30ms
9ms Image
text/plain 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:32 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55946/ Frame 8751
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm=&google_dbm=&_origin=1&google_tc=
https://pixel.advertising.com/ups/55946/sync?uid=&_origin=1&google_error=3
https://ups.analytics.yahoo.com/ups/55946/sync?uid=&_origin=1&google_error=3&apid=UP022297f2-1fa1-11ec-a5a1-06f6161f24a4

0
1 KB

23ms
12ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55946/sync?uid=&_origin=1&google_error=3&apid=UP022297f2-1fa1-11ec-a5a1-06f6161f24a4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhiah6SzATAB&v=APEucNWpThLXGBiqmEfeRwEUmeclsXRzReCxXxmKCkYz_gIohBEpJKqYFz7uT7kU3rjx9EiHoTp0E8iNOT2NTTMtvPP9dJCDj3DrB8U-BRiHhs86dSuwLScZPfu-0krpjoolnzk34bEwMzv-JM0BqDDO3rqo2JCCuSU6IpEwj1LCGviz2GNrLJ3oFH0c8fluqOwxJFOMNh8w78n74oAuhleRW3AlxuQReQ

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:32 GMT
Server: ATS/7.1.2.138
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55946/sync?uid=&_origin=1&google_error=3&apid=UP022297f2-1fa1-11ec-a5a1-06f6161f24a4
date: Mon, 27 Sep 2021 14:41:32 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55946/ Frame 8751
Redirect Chain

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP022297f2-1fa1-11ec-a5a1-06f6161f24a4
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVAwMjIyOTdmMi0xZmExLTExZWMtYTVhMS0wNmY2MTYxZjI0YTQ%3D
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVAwMjIyOTdmMi0xZmExLTExZWMtYTVhMS0wNmY2MTYxZjI0YTQ%3D&google_tc=
https://pixel.advertising.com/ups/55946/sync?uid=&google_error=3
https://ups.analytics.yahoo.com/ups/55946/sync?uid=&google_error=3&apid=UP022297f2-1fa1-11ec-a5a1-06f6161f24a4

0
1 KB

62ms
62ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55946/sync?uid=&google_error=3&apid=UP022297f2-1fa1-11ec-a5a1-06f6161f24a4

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:33 GMT
Server: ATS/7.1.2.138
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55946/sync?uid=&google_error=3&apid=UP022297f2-1fa1-11ec-a5a1-06f6161f24a4
date: Mon, 27 Sep 2021 14:41:33 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8751
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1FV2pBeDlORTJ1RkdQZWxxYW9nOVhXZXl2MlJYcnRMcX5B
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1FV2pBeDlORTJ1RkdQZWxxYW9nOVhXZXl2MlJYcnRMcX5B&google_tc=

170 B
195 B

23ms
23ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1FV2pBeDlORTJ1RkdQZWxxYW9nOVhXZXl2MlJYcnRMcX5B&google_tc=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1FV2pBeDlORTJ1RkdQZWxxYW9nOVhXZXl2MlJYcnRMcX5B&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F6A3 599 B
367 B 48ms
46ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhi7m7azATAB&v=APEucNWXr7k26Q3BJcipQHdJbKNiJHcO9EMPkL08uk15djgsnifaodq8UufSt73q_E7Xbpxz9Fd8SEJsyhcAnGcYdOMAJxVn0O70vr35v_V_HFjwXrtXjE2OS8Fv2VkxwSDbhNfnCGzI1g9xi1EelLlExB0eY_IcrHwOIgaQmFQgxHiD1HXkFHSvubJsYIj7p-zaPQAWjyBUvSMyDDu7wA7gN50PWHFUtg

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0dcc44d0d45a79942a50f0a78ee69e380cbcd8d6c02316c2af886dc634c8997

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CLOokgEQ4p3QAhi7m7azATAB&v=APEucNWXr7k26Q3BJcipQHdJbKNiJHcO9EMPkL08uk15djgsnifaodq8UufSt73q_E7Xbpxz9Fd8SEJsyhcAnGcYdOMAJxVn0O70vr35v_V_HFjwXrtXjE2OS8Fv2VkxwSDbhNfnCGzI1g9xi1EelLlExB0eY_IcrHwOIgaQmFQgxHiD1HXkFHSvubJsYIj7p-zaPQAWjyBUvSMyDDu7wA7gN50PWHFUtg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkPWCIDg9VzJTnZnWfuCKLqGvX7s6d5KZiGQqF1nfaRy9SKtKZbzy_iZnoOeyg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 27 Sep 2021 14:41:32 GMT
server: cafe
cache-control: private
content-length: 300
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 0172 71 KB
28 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BT5b18VKNre3rYWK2R2MBt7vwYpuJKn9iwQ5qhnceFk948LmupXe0_omv2-vlAkJhJXtkEJSCGj5JOOfUnIN5ih50A8fWHgzevPi2vCsAXBPyeI3_eoqJ-tL_JHAGL_QwlJzV2UyPMKDd6b27Vid4gtFexsw&dbm_d=AKAmf-CZoG0xd62wZlaSWo0OKVTtWcKPs_cNJgHKJPm49GAlb3icunXFBwGqlmEs_YBSLSe0nBx10iJfstuTSCwsPeKblwcJpHF6hPd0QRsjPDX0Gf840_NZDkxAwfaRPPpWc5Xg35L3QiWOPpEgmDuL8Uvr6eh1EPmqZcX1YhqgfVq0gJkTDwAUrfDZiBXFD1t2iHBccIBXTpKGzHNakraYYpNlnuOar6icp_qXg7oP9Rn1rKsiVGw3GS2WR0u-d5zIdkCX1ndA52hx7JBOg93RRdUhEo9cQZzQ6UeYnSjvS8vlosC8r0BoFnXAInYqj16YQUfbuXDaZfbB75q6qVnsFFILGfhaBk_ST1CwrYjDAlzm4IDUYRWej5BqOLIADUaQ_DUW-QozwB8WMgSZaqiQ62kQAWhH3yY3M_KlUgaVEtOfAQ85nCiCz4S7IJlQ5hUqgNu0R0wbIASLe7paiFld0TDUcLrR3Wyh7SyRrYmplAdhZPy160v2-MPMINi3MXqsg0yP8m9uZQXYQQoZ6iCym6lgBQS0FY-BuJDJalUi291tQhL-t9XVNoGCfQ-fRgs6FM0qPuqS7Y9nK4Sk7OvIFxdh9VgIbMMveziLXe9j8dSAijBlt9VPzLf6_IdENhK_KZ2jJcUhdN9C3WF3Zzg_YJcHA2hgI_AJxR6FsgWBvrc4h1GpYa8PUSI7sLsNIpnTd7B29hkJUm-5Ftvajs003AWu44dyTe3dV8hk-9uv9s_OXqWRXkUdlOTCcj63U8GyMp8UKcJ855G5qAAZ0oENN6faq7Y4EkJ4Kx4jPg6BIFRgQInbwLBlo5M8z-_H_wXwGuBgn8WpQaosDztPFBeiefJEeUoGGLLgt2M1MmA1SlL1aE4CMFc-rNUcChVO7KGrSzOJ6I8pISZ0OMkh69p9d-k1izlfT8xZFlVSybYu_NYtGwKojwvOZ49pCkUCD2IKnXPjinzBHygBCwI0QwjMAsKIri4jg5wxHEpUGGIFmX_lu6AfhL41jlK5FPinFJY1y0z3uzmrnAvO6oJBR5quohw-ijSRte0abVt3uGpWaYIBlds0JxeYG8LMoCuSaT7wrxMJpx11dg2DZV-ibFEtbthycDoKw41yjmwxaMbGImZfY8-JCDuLm4ucHHA8P2jC-GZof5wIJCXg_o97MEZsnvkArBBUVbt_xc4iGp61ARY2DxSPmvQ-R50SzYdQV_MvRKDZDsfimtdxW2_9nFkJL7ObXW3rky_xKAcF3dwCHJkSMhsS1a10Kzw5uBhij0IH8cuuKsPpHxbHTkDYebKQKKtdAgpF5K7Rw4BEgf38YUINAouvTpcjGNqhUfZgTVLrF66j0GnWxHqdul0h91V_fakbBSk3E2AF7BHzhUDsDfMzOGELBXnCEgRYYISJe4IYKESFUvCELxGVCGjlvlM-gBos3j3qRxdRTcfOmpEXZGWqruguWdMIoJ5snhgRM2pZY8yh7bq-A8WS9Rr2Iau3yBPPIb4EuYytPjR7bCEpjDoS3o5m4dJkP6zI7OmKteVc84ZvFCQqUlJfVfUtMvifyPmn9-UKouRvkuLRaPwBf-2FMPi0wpwYjZLnRdZdrufZxq8c4Q52uMn0ZttqzhI-ZbHQ9Vmh5UDQOPChYuyyyKhznXObXbyxH3X7qtoviYIpZPW5SKJ8Fdlb6yr5CakhIfNoTBYX76305LO551Im0aHeTGS0tOc5mbl8WUTmhbO17W8E5G1nlhu6RZz3X8zJSr048M702LS72pD81ZZ0X7OFsU_ZsQ6_k8KKeIVp4cg5DoeQbHtj_hwLK0Q8oWZxiHL03HE5VfkOvOAnzjllWAitVcrRzBsJkg0S75A9jfpvkZwOrcktJ-yADFYm_WXH3D4fEhBLwmFTzPzsygfy-gnf09XebmpfvzXWN9d5mwD_5RWp16M189P4CZaZHrIheraOX6M_YKW3969NSdmFKHvdrwTfHhVBNbvP_OTU7hp1cQkOZW5DBL3WaWiS-oz_glOTeCnXT8Q7nw4IbxYzMx0OEyY7huwOgbDGaw-aXXoS_TNtVfqzNAkWigKT6YIOjuHTFSmCGCZgUr61YF1ESwZOgYoD_XjvJMMlPAs5RlJCOOO2zS9e_rUECJLXLSILAYmtu8p3uO-z6m6Ys7QRIaYkpOYclDkmB8uEjUk_UpkRXzwtC7mXpPTYbMBCf7SEI4YUZ97gPllv7ppe39nojK4hNPUzTOrc1eYKZRKf43zV1qBtAQo2w3MIODLS8n4imS6uB2S5YpK1k2mweOkYw8RdAumLzPyG3al076GzW3pSdciSzXWyIKRBphz5z2MSY1GNqMT8QcJXnAY6vnIHdCgtxVi-KPUbyl5qNq3CU5HFrSw4Pfqh9aDIpEGeDiZtIFJjpi9erM29UTmcxDzalpYvnbbKBjr5Iwmfz3GU77oYssoDtk2Jo4rwq-juiTq52hJjPuMF04Lx4Oi5LZ_D1XOxPlkHWKLH6N0vRPyWOuxi7FWjZbdssv1HKCYp7pUq0ibzUjC3JOZSzVpV7dqIc97q6dtPDy9Weq-4xtoM0jN0qDOGAA1VaM_8Mk0dvq6Yluu5JMgmuF8uy3HkSBlfJu2sNuCKvvMP3QpY0NLbbJqpi7Mm_yWGiakRxcUPMjmh0Hh_ubhKPxw1KCAaEKU9a3Y3jEQrbt9N_BMqoIioXBBz3yexKsKvGItIW9bTU1tHpdjLX7_5goxmOdDzH7Fup_4plk6ldACX-T5jBe4rESeDgzhG-5DqgUicU8kAYsl3eGE4dVBn6QWHYaFFcs9g4dDHeO5MLHQkpbOJQL6-W9HKZLMzbijXkirVuk5dcJi9avuHUXanjGkNm3z20eh3yz3YDSzpjyZrdWnhFQskRdb81r5wij7TQnb8gRfwP5FKMl7thHnr7yoTxW0Vk1kIbuvuC3sNoirVJBez6xaqqCI7waBoLzEoncE7Ferdrjgj8igRs1Ja-NQ4KS2-yhaCQhukUErjlOw8Zf1z4Subs4h3YbwPYhAr1-XSnmr_8pF5vwAV46BBbeDGzmx6o6FWPCILyct_Gks&cid=CAASEuRorlijQrbWPeutPhnm2_Ek-w&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64ebc942a8912bf4ef18e6ccce68cb0305f42f10b1cfc249d4afdb712bc2f738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28774
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0172 42 B
108 B 47ms
45ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DuPAk-r_45DDhytEpgaAh74BXF1baCpojtzSh929yjzg2PSDA0nPBsvhawrJ4tfe6hm5GkjucYLUUYPl05B3Fh_5Ys2hQcPv3XJzwNtlE-Lm1bC8I

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 0172 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 246
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:37:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0172 128 KB
39 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Mon, 27 Sep 2021 14:41:32 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame 0172 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:31:07 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0172 0
0 25ms
25ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSJ-wJx9t_Gs09KIcuGpAx6weTV4MbLmY1mbN5VokrdWBJE1dhCvRc5qNsbdK2GDxQtQkpuilKYw9ji6G_b2YDfdi7_NQ
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 index.html Show response
s0.2mdn.net/8264868/1630000993483/ Frame 4B58 6 KB
2 KB 18ms
18ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8264868/1630000993483/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8535c4a8bfea8717b1817f396f8aa2bf19aafb01dd744e6918279c5db05c55e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /8264868/1630000993483/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 2379
date: Mon, 27 Sep 2021 13:48:31 GMT
expires: Tue, 28 Sep 2021 13:48:31 GMT
last-modified: Thu, 26 Aug 2021 18:03:13 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 3181
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9A3F 0
24 B 87ms
52ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvctrLjVYodrnCEPAziVHbIMXX_Q8nQt8GmM7ejBPfZeaddBCHP84jAFy93DOvUk4x1NX2jqKtQDV5dX4SOgEXaTnv6_0VoOXwkw8q8chMVeeXVZExsow8R207tUseV5HpWuy1uxo6hGXMP5VefiZJ1LJrF30oXMKEe5KQK6kqI1eUscU7eqfI2vzzCyIB_SirnrIZX3bp7rYprAYrRXCgAwWX0p8IB5U94MvsiAeLC282c3UE532E108PvLKo1ugUgEBzewUx_KNouZO6lFR8rASWPDB2IQ-wyaMOuXja5SW_AXPgpi3kfXfgrVTNCvolDTcyi0scE4VLS6WfgQdqeAmfFTMe2sHPKJZUZfaHRC6Whrjn5naTVvQwLXFjAA_tVDBb7SdLQzYoT5MV2AIaQs6y-8-kbbagRr9GIK28SOlQoycsDbP0L4raxtqGnzRAF6aBpBikN0BD98KTh3LoQWAFO4efUw6X1zeBAtHH2WUAA7C_8-iYncZHo_jPP56t5e3YjhvSHmDcm5kA0PGsA60GSCdNFIGLyxDqeSPiXoJR7Hhzu0pfBfk1V2lyueGnhxLM9ko8m9DSWZ1UktlN-xca_gDMjkcj_oAyBGsRPlrfOLn9Jg6Wkcvdrkdir2KZTpprEE3hfTfyg5iFXc6TrgQ5CEWD73t6oiPvPBYaGXmWjXRtErd16ZD96-_zn3nu2-Hxj3f0TwHLERZh-IOZh9-rfN02ntvZP1GkLdmnWHy8rgfms02uUczJBpXyd3eZhNYyMD4gYrDOr25WCune95n7aJWjpoV2B_imLLxg0a_hh6QTLOCgxNBz0oZFex1VH3uAUBV7WrdI-WPiUM4Yxw19-kQEp_X2Rn9euWxcIpMc2mr6TGbbgfxtQrrhVLjKM5qizyi8NLkDsprm5K0_A6MtWntPGVkuRK74WzxbDXgArTDzaAnquQX2NNC_Xv9OW2dqAiA6rsAmVInFV3B9ARganSKkCsXQHUJBDPoHB6xTknHYDKFZINuwoac3smxSX_2skp8uuKrW2YVJT7AMF89h7WGyYAkVq_1he9bjopfTiy1nabSl2suk0BhdujdTdfycr5IFuKZRAgAqVflxWlrLgAVxMo0rJmW9IzoTTD6SqxvPTZBMm0WEESjLQ1PcIuzBETu50CLfVWNbzeX9y-1ReBkaKgQpETMb2yuMKrzU97rCYvetbunlFLxw8s2IRRTZrJBBIMTOd7_9k1rPeTNGZ6f7vXeIP9BhC3pNU8S9nj4_8vpHM&sai=AMfl-YRrw6AwVWCO6DU957Y2Z5f-JDlHpe_8BWWGQSlhXGExhyZTFj0yX5XqbC-q-aOWe0V5B-H3x30QY1LStgi62SFylpictbjASVlFA5w8O9E4YutpVJbEHAb6mWX8vqHFGhJ_yaPnDQt3NjzNTEKYx9FV5IDCGsrKtlel_BbkzQr_xS4Vdpso24E&sig=Cg0ArKJSzDiFKIqHQxY4EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=109&cbvp=1&cstd=106&cisv=r20210922.78501&adurl=

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 27 Sep 2021 14:41:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK mtrcs_220434.js Show response
s79.mxcdn.net/bb-mx/serve/ Frame 909F 148 KB
57 KB 106ms
13ms Script
text/javascript 2.18.233.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8943b798efddc7a5ee242732dd0cb2f7f4d5c59417a97b3da42eae595bddf270

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:32 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=1800
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 58019
Expires: Mon, 27 Sep 2021 15:11:32 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/9758366/1630426111390/13-IWE-Edition30-Leaderboard-728x90-iRange/ Frame 1C5A 6 KB
2 KB 23ms
22ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1630426111390/13-IWE-Edition30-Leaderboard-728x90-iRange/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b234cfda107f411491f5d69483091b41edc43fd241cb46a908e21024c3a57938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9758366/1630426111390/13-IWE-Edition30-Leaderboard-728x90-iRange/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2018
date: Mon, 27 Sep 2021 04:46:27 GMT
expires: Tue, 28 Sep 2021 04:46:27 GMT
last-modified: Tue, 31 Aug 2021 16:08:31 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 35705
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 909F 0
24 B 79ms
49ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv7fro46P2Z1Mfwiy980N68wdfQht_7FZWXAGY0_SVKHWtwYzke28yI-66UlQZjmw5othX_ueL1OxDQ2Lkadg0kiAa6gUgK7EhSqmj-W4KZmmx7X9zBpbyPl3_ksi5aUWQPbp3fVJ4YQAKskosj7OzmRbszzxXC3wRfAasNa-at-Edcct6ySSL9AjHOClJZ7tiXr9e3atyOsQdq8Hg9CN0LOPZMTPanYffa2VORVFy6F2-F_xeZRp7HhouxmPq_FFMyw0KiuQG_sPvIKfHybspKe3a18kH8AJpPgBU_41Ovs-xC3-WrjXIwgKDB7jGG2wOXKpMvBANZ5KUBreCcUBTdV2HXF5uSpLyiCXsRtk6J6vvNQEvt_2J5IjQtoam5VCQ_qMZEgfUIT6LlfBOJv0wwlQ8EjJOGG-ZQfg99y0vmujjPWCXl0nQAVBzssZrYD7Nf2OdEV3uHDFNyjqUhBigIITFVpfvUjBsnyrLbV410k7mNSOGRHdWktd001mOTpb_xwi9GSMIY5gxmcJVeJSYH5t-d3CeDr-enG1Yx-pTffGPpB0YNbTm_euIEzUvEOecncgXzxqVWjGJqonKCcTi4Kncy1tMEyWFAIZ4Eyv5n-taffhzSFnpuvBINnXxtl3oIQF8Ejx1sfTsWBDpmJ5zLSZrYaH390RCbJruBzYnSmec0Rg6-XMpH0DFl1o_KrYUkyZubRQPF8x6ozrBXTKrGwgYGbRYxsmdQYVSJpRjWmyoYaiMZUXntgldJFcKXWuLz6upvN1mrUy870x4KYZ5cMADIRdMRYVCxVmfERdUPv2_nawcLphMnQL79sfpZVbIE7zUci1qbUqItQbo-8A3K5tlCD0KxmwPeY-akv7veQaLNioZz5NXtcpnq2SbLa1_OT1mQ8MxEkakZBQQKA2efQGUsMiLsord9PlZ-8LkUIAbthDpK6O7luqrvQg4wgYqBSoPxmcoeYscjmF_GSmpB5xIgIUVneBKadvKAdo8cxJC-tOF7Qmb6-_EYV_OsZwny1aThGQVP_JpoWSkh7HGCH9Y3zRmltM6yr_EuihmHSzWS6E6TpDTGLXICwL67Jr68OpQyvoA_PASUkpQAEwh6ov9zRH8f1IRIxRYPAOWv_rKWd3uAhUcl9dHw4Fs1zwolrmlmPsmiIgXS1QtiEE2pxig7FXNurFWNqw41SBv9pEvTHEIPsduo0Rpc0QtctuMRbAuefPUfsukjAX3PusBwIvA&sai=AMfl-YT6SAtxejREGdb1oRIYzDuuEfW81h0g1_UtFjMQgGlgpndWrttNebKQEOoWh9Ub5wAwW-UL8EAHGPreLNyHfy2fQ18Hx0-oaLRpR4iZ1ti09P1JWRswU8n3ANRR7tizXQ97MuQChwJ56m1uY3RQCV6asHrAPA&sig=Cg0ArKJSzJBFiE5wdl_SEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=92&cbvp=1&cstd=91&cisv=r20210922.61364&adurl=

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 27 Sep 2021 14:41:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

cm
gcm.ctnsnet.com/int/ Frame 37BC
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEPNM0kxmDiLhja2tOchkVCI&google_cver=1&google_push=AYg5qPJlSs5OuC9hFE5TUSfkK85dEKR5ZT6yzoW-QYQe3cYytaaUkbKNrJA_nF8Ra84-aJ5HJtBzmzRUlDP...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJlSs5OuC9hFE5TUSfkK85dEKR5ZT6yzoW-QYQe3cYytaaUkbKNrJA_nF8Ra84-aJ5HJtBzmzRUlDPrxy4cT4s-1lvS7Sh2&google_hm=OMbRQV4hT6mx17_-Wla-akk
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJlSs5OuC9hFE5TUSfkK85dEKR5ZT6yzoW-QYQe3cYytaaUkbKNrJA_nF8Ra84-aJ5HJtBzmzRUlDPrxy4cT4s-1lvS7Sh2&google_hm=OMbRQV4hT6mx17_-Wla-...
https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_error=3

43 B
313 B

18ms
17ms

Image
image/gif

35.186.193.173
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_error=3
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 173.193.186.35.bc.googleusercontent.com
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 268
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

adx
pr-bh.ybp.yahoo.com/sync/ Frame 37BC
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJJe-OjCxwyCergKJ653Pok&google_cver=1&google_push=AYg5qPKRuImU26Me_QxChJJUB3hdJJzbk_h2_itB6WHSRLb0GkXQjeiq-T6rOlNodIIlly0ODGxqfxa3p5m-UG1Pza5g1eE...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKRuImU26Me_QxChJJUB3hdJJzbk_h2_itB6WHSRLb0GkXQjeiq-T6rOlNodIIlly0ODGxqfxa3p5m-UG1Pza5g1eE9fz7x&google_hm=NzM5NzcxMDI1NzQ4MDI2Mj...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKRuImU26Me_QxChJJUB3hdJJzbk_h2_itB6WHSRLb0GkXQjeiq-T6rOlNodIIlly0ODGxqfxa3p5m-UG1Pza5g1eE9fz7x&google_hm=NzM5NzcxMDI1NzQ4MDI2Mj...
https://pr-bh.ybp.yahoo.com/sync/adx?google_error=3

0
138 B

36ms
35ms

Image
text/plain

2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/adx?google_error=3

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pr-bh.ybp.yahoo.com/sync/adx?google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 37BC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEG6SyJ71zBD1f99jg42GjaU&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVHYHMsF6hLiJXr1KpJ1sQAABE8AAAIB&google_cver=1&google_push=AYg5qPKi_o9JApUaOKQHTGeuDjw_xb7ODIcY1ky2p-kKGcEiG5pAybcpJfldkAD4_asx2Vm9sH-f...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVHYHMsF6hLiJXr1KpJ1sQAABE8AAAIB&google_cver=1&google_push=AYg5qPKi_o9JApUaOKQHTGeuDjw_xb7ODIcY1ky2p-kKGcEiG5pAybcpJfldkAD4_asx2Vm9sH-f...

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVHYHMsF6hLiJXr1KpJ1sQAABE8AAAIB&google_cver=1&google_push=AYg5qPKi_o9JApUaOKQHTGeuDjw_xb7ODIcY1ky2p-kKGcEiG5pAybcpJfldkAD4_asx2Vm9sH-fsIan_oR7EOZo6a4jTFLPROu_&google_gid=CAESEG6SyJ71zBD1f99jg42GjaU&google_tc=

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVHYHMsF6hLiJXr1KpJ1sQAABE8AAAIB&google_cver=1&google_push=AYg5qPKi_o9JApUaOKQHTGeuDjw_xb7ODIcY1ky2p-kKGcEiG5pAybcpJfldkAD4_asx2Vm9sH-fsIan_oR7EOZo6a4jTFLPROu_&google_gid=CAESEG6SyJ71zBD1f99jg42GjaU&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 488
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame 37BC 0
474 B 96ms
13ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPIdkIb0nZ2wZwe5Hi4mqTe3PvdrYD-SuVMdT3RGM2NJ_HjClZFJh7zTqHSSLrNbv7d0wpSMqcyrVjRX-H3A-kMTX1b2ANw7%26google_hm%3D%5BUID%5D&google_gid=CAESECd_2WLtGoWHdqOQ1UqZyhw&google_cver=1

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:32 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 37BC
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOUPwhsvqNYcPvx4tm4qNkA&google_cver=1&google_push=AYg5qPL6asrjDxqPyZut2A51uDH7g2GP-IHr6KGLPLZjpLKDLydtjOpGpbaFsERX5Q7LKdGpSB0iwrvYQRgt5claV...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOUPwhsvqNYcPvx4tm4qNkA&google_cver=1&google_push=AYg5qPL6asrjDxqPyZut2A51uDH7g2GP-IHr6KGLPLZjpLKDLydtjOpGpbaFsERX5Q7LKdGpSB0iwrvYQRgt5claV...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL6asrjDxqPyZut2A51uDH7g2GP-IHr6KGLPLZjpLKDLydtjOpGpbaFsERX5Q7LKdGpSB0iwrvYQRgt5claVL-vbyCHgtl7&google_hm=99b702b97cd180b9613d832a
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL6asrjDxqPyZut2A51uDH7g2GP-IHr6KGLPLZjpLKDLydtjOpGpbaFsERX5Q7LKdGpSB0iwrvYQRgt5claVL-vbyCHgtl7&google_hm=99b702b97cd180b9613d83...

170 B
195 B

21ms
20ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL6asrjDxqPyZut2A51uDH7g2GP-IHr6KGLPLZjpLKDLydtjOpGpbaFsERX5Q7LKdGpSB0iwrvYQRgt5claVL-vbyCHgtl7&google_hm=99b702b97cd180b9613d832a&google_tc=

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPL6asrjDxqPyZut2A51uDH7g2GP-IHr6KGLPLZjpLKDLydtjOpGpbaFsERX5Q7LKdGpSB0iwrvYQRgt5claVL-vbyCHgtl7&google_hm=99b702b97cd180b9613d832a&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 419
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rmpssp
sync.1rx.io/syncpixel/ Frame 37BC
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM...
https://sync.targeting.unrulymedia.com/csync/RX-cc76c41d-ce22-4396-a8d1-298410bfa19a-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKSDvXdPT2bB9Lxqj6PR...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKSDvXdPT2bB9Lxqj6PR1JKC-cavN0X6-e7QpBWNjwtM9sL1KSFxdDQ2dDU5rpJbEVSTRFBbDOmk_IsJlzuhP6jKMUFTvo&google_hm=A8x2xB3OIkOWqNEphBC_oZo
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKSDvXdPT2bB9Lxqj6PR1JKC-cavN0X6-e7QpBWNjwtM9sL1KSFxdDQ2dDU5rpJbEVSTRFBbDOmk_IsJlzuhP6jKMUFTvo&google_hm=A8x2xB3OIkOWqNEphBC_oZo&go...
https://sync.1rx.io/syncpixel/rmpssp?sub=google&google_error=3

43 B
172 B

13ms
13ms

Image
image/gif

213.19.147.44
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/syncpixel/rmpssp?sub=google&google_error=3
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.44 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
cache-control: no-store, no-cache, must-revalidate
server: Tengine
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.1rx.io/syncpixel/rmpssp?sub=google&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 263
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 37BC
Redirect Chain

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEJoxjdCqEikM7wy4FfrHohM&google_cver=1&google_push=AYg5qPISgghNTf90Cap6NeMwn3LYmXqCq8pq3h7cfeq9J15snScJ9QiqyeWtjBhO0sMbndfKANM6gmGA1UNYauNVB...
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTBlNmU4YmItYmQxYS00NGY0LWI3MzMtOWVkYmVlMmI5OWM5&google_push=AYg5qPISgghNTf90Cap6NeMwn3LYmXqCq8pq3h7cfeq9J15snScJ9QiqyeWtjBhO...
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTBlNmU4YmItYmQxYS00NGY0LWI3MzMtOWVkYmVlMmI5OWM5&google_push=AYg5qPISgghNTf90Cap6NeMwn3LYmXqCq8pq3h7cfeq9J15snScJ9QiqyeWtjBhO...
https://match.sharethrough.com/sync/v1?google_error=3

68 B
262 B

11ms
10ms

Image
image/png

3.126.175.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?google_error=3
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.175.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-175-244.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://match.sharethrough.com/sync/v1?google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 37BC 0
12 B 25ms
21ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JLE8RaEF7-_z2qjP15smqI-Km0-GDi0KAPnvJDXHy6rYhI23pXpLjxtAuwFubmAkQtwiQxzQ

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK mtrcs_220434.js Show response
s79.mxcdn.net/bb-mx/serve/ Frame 85F8 148 KB
57 KB 77ms
12ms Script
text/javascript 2.18.233.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8943b798efddc7a5ee242732dd0cb2f7f4d5c59417a97b3da42eae595bddf270

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:32 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=1800
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 58019
Expires: Mon, 27 Sep 2021 15:11:32 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/ Frame 1FC4 6 KB
2 KB 19ms
9ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc7add01ea1ad0ee504541fec6002fbfc220931c9bd13cdbc1c25699aaf51821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 2009
date: Mon, 27 Sep 2021 12:29:24 GMT
expires: Tue, 28 Sep 2021 12:29:24 GMT
last-modified: Thu, 26 Aug 2021 13:19:10 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 7928
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 85F8 0
24 B 53ms
50ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstWZJYXyBPdJL6wzPjkRAWb8lij-YY9q_jsnbLKwii8Y-t7pE84HK-91ihHS7GvqXXWTkBh29yke6lI-FbvOdytJ9-sY-vz-hXGKaHSbjxAK8z6iAZETXsT7-5YbWJn_KkYDShUALPcqqlyiAipeGTEYbqWbyGiNVAiLDIufxyPVWgNb_Wp001cQUf-TJAxeyAGSKFfPYrRrRoGjvEE6X1QKT0OE6fjxAR8MK3bkk5dshtI8fpPFvPfcxRs0vSedU4kC2Gn8bzxNQCtQfoIG7ptaAgJtcBOH0yudncgjYc3HYC8G5rXHGRHHf85PCVRh2Phren2v1MAr5-NJuGPNzwPJyjZKsvogIGx0kYrJExLhiAbjJ6dKTKX-JqVkRfUBShX78rR0lUMjMyLG51eTrnWvvyrA0-pO1m144cEVRfax-3_667kpkW8NS7Cw8QSLMg2yJlmVWhjtoTyM3oXywHg7SfZRlFlckNoIL8_MElG7Me_fIyPb3_PFAvcpDMd2bxJSGqcwvQ20pyvzGR5Kk-Ohc07ckLTwyAml2xxLEQGi746-yQBP0Oed7_RsMqOfup6i02iduTuJdqcG1bt5S6wDpq4rrSXxIrKp9KtQa32wKXDmfUu6gJjAafcGlZRyeHcB2miHXMQN8NBn7DLek2BduDCVAhewy2vthO3WgQOh29tYKlr5LP6k4psqtI9kM2EFex6_Dp7YFAVY47_m9YHTjlNsz9ZHxtD4kv6fSP5STsy_TLGK8bHhp5zrjzvJ_GZVZ7BSvlK__EPrw1ulZqPeoaNMceF-RiSMvi7ZRo3B8BB7TVQPfbnHm7dsQjd99_XoietI1FfJcnkBkKHK9TeapfREPSgDcxAlfhlbc0eBSvkCHNtQaViXK7lR48yD3Va9BIiKyzUyqYukakESPOTqjGaIzJwDUbrj_-oCoDw_RYWLrlMUtcZvYfxeW3wNUOmrM2J9QO5HH_nraRCv3Y9XNjujBAtflrY5--paeQIZRMOSOIdWqLPLtikq6pUcn-wXoILZiqONGQz5e7DtVa6DlZlWZzmOPzoQFnZOdMuwSSWJ8Smaddurcfo_31Wc37d_KSnH8pWWJZ9_KtUnZCCkJiLI7eaOlxFEoURKQMZSmnCJmHIXVymZPOshDDzC15mFjZNhIiB586VmyWxBUJ4QpoEVlrCOYItsGdiHLYoS7HbV0rTCsgbnxN025CvzVaZ2i5f1ZTjbrw8XAHhVjjHuVQ&sai=AMfl-YQUztEZYOfDKVqrj39Zvwl0KOi1-MvTfgCxR4iflj6W_FVYjXnn8XGhUPLlTQwk2BrpGKupWgbNQccx333bzrwmTbG-aP6VeBFZR8nlLpwDYNv-MkTdBVOQ7XscHSSy48vkXOUAG-n581wWeoVsOHVud3lzyA&sig=Cg0ArKJSzPFdklSdsxLQEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=98&cbvp=1&cstd=97&cisv=r20210922.30224&adurl=

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 27 Sep 2021 14:41:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 PublicoHeadline-Bold.woff2
s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/ Frame FFDF 50 KB
50 KB 18ms
9ms Font
font/woff2 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/PublicoHeadline-Bold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/index.html?e=69&leftOffset=0&topOffset=0&c=uo8oqxoif9&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63cba83244b405645a3f5cd0371cec21c71e6017e00b5d5d272b934b5e217bd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/index.html?e=69&leftOffset=0&topOffset=0&c=uo8oqxoif9&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 22:02:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 31 Aug 2021 13:05:17 GMT
server: sffe
age: 59917
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51380
x-xss-protection: 0
expires: Mon, 27 Sep 2021 22:02:55 GMT

GET
H2 200 SourceSansPro-SemiBold.woff2
s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/ Frame FFDF 84 KB
84 KB 26ms
21ms Font
font/woff2 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/SourceSansPro-SemiBold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/index.html?e=69&leftOffset=0&topOffset=0&c=uo8oqxoif9&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5304869a38f42eac3b02e3d2fec84206b34a3972a3d96defec167ae2cd28799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/index.html?e=69&leftOffset=0&topOffset=0&c=uo8oqxoif9&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 13:06:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 31 Aug 2021 13:05:18 GMT
server: sffe
age: 5681
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86124
x-xss-protection: 0
expires: Tue, 28 Sep 2021 13:06:51 GMT

GET
H2 200 b349715971fc02f992e4cc58b88ce41f.js Show response
www.gstatic.com/mysidia/ Frame CEA0 7 KB
4 KB 41ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b349715971fc02f992e4cc58b88ce41f.js?tag=client_fast_engine_2019

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac04af14591f59be711b015d623154f3cd61eab114e9ee33563a2b30d55202eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 14:00:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3166
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 09:11:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Fri, 24 Dec 2021 14:00:33 GMT

GET
H2 200 392eaa84fbb852be2a433bb8ce7c63b9.js Show response
www.gstatic.com/mysidia/ Frame CEA0 7 KB
3 KB 41ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/392eaa84fbb852be2a433bb8ce7c63b9.js?tag=core/maui_delegate_info_icon_v1

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ade00623053479123bc87a18900ed75320e4b0ac9239ef15ca4e4b8a2f295cf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 11:08:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 358382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2916
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 09:11:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 22 Dec 2021 11:08:30 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CEA0 4 KB
713 B 319ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 13:57:07 GMT
server: ESF
date: Mon, 27 Sep 2021 14:41:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Sep 2021 14:41:33 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame CEA0 1 KB
959 B 10ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:32:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 534
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 852
x-xss-protection: 0
server: cafe
etag: 14170629819630813772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:32:39 GMT

GET
H2 200 0d94166e1dc782c240bfe6a008bd11da.js Show response
www.gstatic.com/mysidia/ Frame CEA0 18 KB
8 KB 41ms
9ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d94166e1dc782c240bfe6a008bd11da.js?tag=exit_2019

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

956db4acb11c9ae376e6c74f836773456c5f9791a2586f37cfc7eb68ab669409

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 09:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 364020
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7699
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 03:50:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Wed, 22 Dec 2021 09:34:32 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame CEA0 18 KB
8 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite_fy2019.js

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:28:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 790
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7635
x-xss-protection: 0
server: cafe
etag: 15605042170853735879
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:28:22 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame CEA0 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/window_focus_fy2019.js

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1358
x-xss-protection: 0
server: cafe
etag: 15351394696698642166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:37:26 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CEA0 128 KB
39 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39662
x-xss-protection: 0
server: sffe
etag: "1632310973010379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="active-view-scs-read-write-acl"
expires: Mon, 27 Sep 2021 14:41:32 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/ Frame CEA0 14 KB
6 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210922/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 625
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6232
x-xss-protection: 0
server: cafe
etag: 15606800361334891596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:31:07 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame CEA0 0
0 17ms
17ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQDqYRXNPvZg0JZf3lVrlq18u4z64R6a0L-ngk6Zmkmkv8qd6IcBrTRG8i569ZBuDrF_a26ggBX6N4LmhYfv8UX0yBMTw
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 909F 41 KB
15 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15924
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 27 Sep 2022 10:16:08 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0B83 1 KB
786 B 11ms
11ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 27 Sep 2021 08:58:57 GMT
expires: Tue, 28 Sep 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 20555
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 909F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 393ef9d3e7f2d1b35d3917d59ca863213bae26f3458b178102e8b3b5c304cb77

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 85F8 41 KB
15 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15924
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 27 Sep 2022 10:16:08 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A8F8 1 KB
786 B 6ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 27 Sep 2021 08:58:57 GMT
expires: Tue, 28 Sep 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 20555
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 85F8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8b2ed98ef1667652996845a1fb2fca65bd11fdca0bc53a7e7d6ad0e9e51be49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9A3F 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15924
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 27 Sep 2022 10:16:08 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3239 1 KB
786 B 7ms
6ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 27 Sep 2021 08:58:57 GMT
expires: Tue, 28 Sep 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 20555
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 9A3F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fe838a387aa778e1645a242d4c439488b478814e74af738a57dbd59fd9df315

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 0172 114 KB
39 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
Origin: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 18:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73894
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Sep 2021 18:09:58 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/ Frame 0172 8 KB
3 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BT5b18VKNre3rYWK2R2MBt7vwYpuJKn9iwQ5qhnceFk948LmupXe0_omv2-vlAkJhJXtkEJSCGj5JOOfUnIN5ih50A8fWHgzevPi2vCsAXBPyeI3_eoqJ-tL_JHAGL_QwlJzV2UyPMKDd6b27Vid4gtFexsw&dbm_d=AKAmf-CZoG0xd62wZlaSWo0OKVTtWcKPs_cNJgHKJPm49GAlb3icunXFBwGqlmEs_YBSLSe0nBx10iJfstuTSCwsPeKblwcJpHF6hPd0QRsjPDX0Gf840_NZDkxAwfaRPPpWc5Xg35L3QiWOPpEgmDuL8Uvr6eh1EPmqZcX1YhqgfVq0gJkTDwAUrfDZiBXFD1t2iHBccIBXTpKGzHNakraYYpNlnuOar6icp_qXg7oP9Rn1rKsiVGw3GS2WR0u-d5zIdkCX1ndA52hx7JBOg93RRdUhEo9cQZzQ6UeYnSjvS8vlosC8r0BoFnXAInYqj16YQUfbuXDaZfbB75q6qVnsFFILGfhaBk_ST1CwrYjDAlzm4IDUYRWej5BqOLIADUaQ_DUW-QozwB8WMgSZaqiQ62kQAWhH3yY3M_KlUgaVEtOfAQ85nCiCz4S7IJlQ5hUqgNu0R0wbIASLe7paiFld0TDUcLrR3Wyh7SyRrYmplAdhZPy160v2-MPMINi3MXqsg0yP8m9uZQXYQQoZ6iCym6lgBQS0FY-BuJDJalUi291tQhL-t9XVNoGCfQ-fRgs6FM0qPuqS7Y9nK4Sk7OvIFxdh9VgIbMMveziLXe9j8dSAijBlt9VPzLf6_IdENhK_KZ2jJcUhdN9C3WF3Zzg_YJcHA2hgI_AJxR6FsgWBvrc4h1GpYa8PUSI7sLsNIpnTd7B29hkJUm-5Ftvajs003AWu44dyTe3dV8hk-9uv9s_OXqWRXkUdlOTCcj63U8GyMp8UKcJ855G5qAAZ0oENN6faq7Y4EkJ4Kx4jPg6BIFRgQInbwLBlo5M8z-_H_wXwGuBgn8WpQaosDztPFBeiefJEeUoGGLLgt2M1MmA1SlL1aE4CMFc-rNUcChVO7KGrSzOJ6I8pISZ0OMkh69p9d-k1izlfT8xZFlVSybYu_NYtGwKojwvOZ49pCkUCD2IKnXPjinzBHygBCwI0QwjMAsKIri4jg5wxHEpUGGIFmX_lu6AfhL41jlK5FPinFJY1y0z3uzmrnAvO6oJBR5quohw-ijSRte0abVt3uGpWaYIBlds0JxeYG8LMoCuSaT7wrxMJpx11dg2DZV-ibFEtbthycDoKw41yjmwxaMbGImZfY8-JCDuLm4ucHHA8P2jC-GZof5wIJCXg_o97MEZsnvkArBBUVbt_xc4iGp61ARY2DxSPmvQ-R50SzYdQV_MvRKDZDsfimtdxW2_9nFkJL7ObXW3rky_xKAcF3dwCHJkSMhsS1a10Kzw5uBhij0IH8cuuKsPpHxbHTkDYebKQKKtdAgpF5K7Rw4BEgf38YUINAouvTpcjGNqhUfZgTVLrF66j0GnWxHqdul0h91V_fakbBSk3E2AF7BHzhUDsDfMzOGELBXnCEgRYYISJe4IYKESFUvCELxGVCGjlvlM-gBos3j3qRxdRTcfOmpEXZGWqruguWdMIoJ5snhgRM2pZY8yh7bq-A8WS9Rr2Iau3yBPPIb4EuYytPjR7bCEpjDoS3o5m4dJkP6zI7OmKteVc84ZvFCQqUlJfVfUtMvifyPmn9-UKouRvkuLRaPwBf-2FMPi0wpwYjZLnRdZdrufZxq8c4Q52uMn0ZttqzhI-ZbHQ9Vmh5UDQOPChYuyyyKhznXObXbyxH3X7qtoviYIpZPW5SKJ8Fdlb6yr5CakhIfNoTBYX76305LO551Im0aHeTGS0tOc5mbl8WUTmhbO17W8E5G1nlhu6RZz3X8zJSr048M702LS72pD81ZZ0X7OFsU_ZsQ6_k8KKeIVp4cg5DoeQbHtj_hwLK0Q8oWZxiHL03HE5VfkOvOAnzjllWAitVcrRzBsJkg0S75A9jfpvkZwOrcktJ-yADFYm_WXH3D4fEhBLwmFTzPzsygfy-gnf09XebmpfvzXWN9d5mwD_5RWp16M189P4CZaZHrIheraOX6M_YKW3969NSdmFKHvdrwTfHhVBNbvP_OTU7hp1cQkOZW5DBL3WaWiS-oz_glOTeCnXT8Q7nw4IbxYzMx0OEyY7huwOgbDGaw-aXXoS_TNtVfqzNAkWigKT6YIOjuHTFSmCGCZgUr61YF1ESwZOgYoD_XjvJMMlPAs5RlJCOOO2zS9e_rUECJLXLSILAYmtu8p3uO-z6m6Ys7QRIaYkpOYclDkmB8uEjUk_UpkRXzwtC7mXpPTYbMBCf7SEI4YUZ97gPllv7ppe39nojK4hNPUzTOrc1eYKZRKf43zV1qBtAQo2w3MIODLS8n4imS6uB2S5YpK1k2mweOkYw8RdAumLzPyG3al076GzW3pSdciSzXWyIKRBphz5z2MSY1GNqMT8QcJXnAY6vnIHdCgtxVi-KPUbyl5qNq3CU5HFrSw4Pfqh9aDIpEGeDiZtIFJjpi9erM29UTmcxDzalpYvnbbKBjr5Iwmfz3GU77oYssoDtk2Jo4rwq-juiTq52hJjPuMF04Lx4Oi5LZ_D1XOxPlkHWKLH6N0vRPyWOuxi7FWjZbdssv1HKCYp7pUq0ibzUjC3JOZSzVpV7dqIc97q6dtPDy9Weq-4xtoM0jN0qDOGAA1VaM_8Mk0dvq6Yluu5JMgmuF8uy3HkSBlfJu2sNuCKvvMP3QpY0NLbbJqpi7Mm_yWGiakRxcUPMjmh0Hh_ubhKPxw1KCAaEKU9a3Y3jEQrbt9N_BMqoIioXBBz3yexKsKvGItIW9bTU1tHpdjLX7_5goxmOdDzH7Fup_4plk6ldACX-T5jBe4rESeDgzhG-5DqgUicU8kAYsl3eGE4dVBn6QWHYaFFcs9g4dDHeO5MLHQkpbOJQL6-W9HKZLMzbijXkirVuk5dcJi9avuHUXanjGkNm3z20eh3yz3YDSzpjyZrdWnhFQskRdb81r5wij7TQnb8gRfwP5FKMl7thHnr7yoTxW0Vk1kIbuvuC3sNoirVJBez6xaqqCI7waBoLzEoncE7Ferdrjgj8igRs1Ja-NQ4KS2-yhaCQhukUErjlOw8Zf1z4Subs4h3YbwPYhAr1-XSnmr_8pF5vwAV46BBbeDGzmx6o6FWPCILyct_Gks&cid=CAASEuRorlijQrbWPeutPhnm2_Ek-w&rfl=1%2Chttps%253A%252F%252Fwww.hawtcelebs.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bcb80c86da267703311d2eeb3bdb5af0dedf63589d7d6eee4ed81f4bad7537f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:32:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 545
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3143
x-xss-protection: 0
server: cafe
etag: 2416364338287085106
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:32:27 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/ Frame 0172 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210922/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

289d6e0a0907342fcc661d9944f30ab735754993b96f13f5b59ef4f5269b40fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:39:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9237
x-xss-protection: 0
server: cafe
etag: 9463376652360951579
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Oct 2021 14:39:38 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame ED97 0
23 B 45ms
45ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 14:41:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 300x050.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61707552/20210720070806802/ Frame 94CB 47 KB
11 KB 17ms
16ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61707552/20210720070806802/300x050.html?e=69&leftOffset=0&topOffset=0&c=M0PVzBjkE9&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71bd2c00a8e0d92f57751d493e0fb95b85dea5f27724d768b02da77b02051cbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /ads/richmedia/studio/pv2/61707552/20210720070806802/300x050.html?e=69&leftOffset=0&topOffset=0&c=M0PVzBjkE9&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 10851
date: Mon, 27 Sep 2021 14:41:32 GMT
expires: Tue, 28 Sep 2021 14:41:32 GMT
cache-control: public, max-age=86400
last-modified: Tue, 20 Jul 2021 14:08:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 63E1 0
24 B 52ms
52ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssEpZm8sRZvnPEtfR09nZMB8BEvTc5FmIxKuYh1bPxytva1fhVkgtbsgCGW9VC33S9jfR_MMbGDRq9DOmP9lGNiGAbmRQVrvAWEdKRULd39Rrp2FyDRxOWcF7UH7gljONOHXbHOvBMuFcK_ghv1lwHMxCjd7Otue6tRrFPnfWyehfN3UOMhS-LFkN2av99e5Rov6e0f8XEDfAVst_nVbjLNUCNqcR3vxp4zgjkWOLB8qvTpKCLjUIM5lJtNDglDgYEdBZoREDndUNGwu9Efd7dozeVPUUmNcOBZ-5LTtVEeoqms6GjQ5kvq2eClnWF08sdJJvxL3nOSGYle4jsbNa2fTjbes9DVg72FE7aaIOPFD16m4puZNiyC94jdf03RDAbcsQmvcywb_cpLjjBs7Zd81cVM42NYVmj8TZJKESAVvMEPhxo4hZqvh_9DwynRchfeQT06o4WixxhEt9nPODMKW4s6IRcANIg8h-NF0thIenPUajPpBJVN1h3BcowJDj6FBpGJ8DoykuSEv51IeKY9OzU4SC4uyzR194X1o3eTXiULv67tIxrn6Bwe1AyI4nb-aCiWcAzXBualq5zOYQ2lmigwEEl2mZd4L_GgKRAmlnDpJc_JH5K9IJ5fa_yBCd7PlUQp30_n2fTgvWBg_kC-HoiADktohnPPe7X6TyVuSzmHxMg-ZjHLCYi_she3hYOFBK7UBsmirJHZe_GFYS7C_mo_lCINb89-A4NCwVhOsSs3wHPFKUYeiffRKnrwDCtcpzjfd0baO6sE_YYzgX1FJcRkJrazTBD_RG6USZzkh8IGAimvw7DOjHoVanmNqmCysZvUUN3YQfDoGTMIcCN8nFR-Y5IusvceRP3WGbFhkvnmMUXshboSVE_MhncxZPbNz2AUNxXM-EZP0zv7JUmrJ_xAAJKtjZ-L1HRktdlZ9wrLneFC1-HDPsCC3Q9KZ0R3QCk2-LsWkG2rhZ92ayTMHlQtaJKOMGBzD2qNDdtJqx5LCNcon2iNl_syXDoqVADbgzV5H2oj8ssbJy2noAjjM5eL7YOQmXquNX4ydRcUFzaCMrCE3JtviRMmvGDy8U-K15rxu1za-kwCjvlUmKBg5OkT1CBzUmiklq7A6czJD_CfSJRR6pEdN2oKPy5sOI6NjjwkIspArbeiG3KhfXYDgF4zIwQfA_hQZ4lK_O880EOhWnYlHtaY2Lblz91Am8_WcWDAmKiymDjwanEszfVqvxvsEdI-ghQFo0k&sai=AMfl-YT21nRZq3DNRn5lkFBh7D-lOFoRoH3dOfhoOzzhcIgwIqAYy5fUFceIWFwI_2X4QAFEOTNDZBidrofrQ8QIN1UK45zpKTNKYNQ8niF1qfggC7IZZE1DFKKtRKuTF-oy53kRACaZWFDAKY0r_JGF5eqCPy5NUw&sig=Cg0ArKJSzDRp7u38p7CYEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=556&cbvp=1&cstd=551&cisv=r20210922.33952&adurl=

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 27 Sep 2021 14:41:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK c.gif
red.vtracy.de/ Frame ED97 42 B
251 B 10ms
9ms Image
image/gif 18.185.166.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://red.vtracy.de/c.gif?u1=1&u2=https://www.hawtcelebs.com/&u3=&u4=https://www.hawtcelebs.com/&u5=&u6=&u7=SafeFrame%20Container&u8=&u9=&u10=&u11=&v1=0&v2=1632753692995&v3=vi-25096020-643e-404f-a0bc-b919da1fab1c&v3dt=2021-09-27%2016:41:32&v3gsd=&v3aasd=&v3runsd=&v3ttdsd=&v3adfsd=&v4=1&v6=0&v7=1600x1200&v8=24&v9=Chrome%20PDF%20Plugin,Chrome%20PDF%20Viewer,Native%20Client,&v10=&v11=&v12=2&v13=2&v15=IF&c1=k26225744_s6273635_p310386514_c156386358&c2=1&request_unique_id=YVHYHJRglyBRaaShsrkEIQAAAQ8&gdpr=&gdpr_consent=&tr_mid=0&tr_uid1=DC&tr_m=&t=58337098575&source=js&ls=true
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.166.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-166-223.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:33 GMT
Last-Modified: Mon, 17 May 2021 08:55:24 GMT
Server: Apache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42
Content-Type: image/gif

GET
H/1.1

200
OK

tr_aa
red.vtracy.de/ Frame ED97
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A//red.vtracy.de/tr_aa%3Fv3%3Dvi-25096020-643e-404f-a0bc-b919da1fab1c%26adid%3Dk26225744_s6273635_p310386514_c156386358%26userId%3D%25%25COOK...
https://red.vtracy.de/tr_aa?v3=vi-25096020-643e-404f-a0bc-b919da1fab1c&adid=k26225744_s6273635_p310386514_c156386358&userId=7012623713859270801&tr_timestamp=1632753692996

49 B
478 B

17ms
17ms

Image
image/gif

18.185.166.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://red.vtracy.de/tr_aa?v3=vi-25096020-643e-404f-a0bc-b919da1fab1c&adid=k26225744_s6273635_p310386514_c156386358&userId=7012623713859270801&tr_timestamp=1632753692996
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.166.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-166-223.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:33 GMT
Server: Apache
Vary: negotiate
Content-Type: image/gif
Cache-Control: must-revalidate
TCN: choice
Connection: keep-alive
Content-Location: tr_aa.tr
Content-Length: 49
Expires: Wed, 5 Feb 1986 06:06:06 GMT

Redirect headers

Location: https://red.vtracy.de/tr_aa?v3=vi-25096020-643e-404f-a0bc-b919da1fab1c&adid=k26225744_s6273635_p310386514_c156386358&userId=7012623713859270801&tr_timestamp=1632753692996
Date: Mon, 27 Sep 2021 14:41:33 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1

200
OK

tr_cm
red.vtracy.de/ Frame ED97
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=vivakide_dmp2&google_cm&v3=vi-25096020-643e-404f-a0bc-b919da1fab1c&adid=k26225744_s6273635_p310386514_c156386358&tr_timestamp=1632753692997
https://cm.g.doubleclick.net/pixel?google_nid=vivakide_dmp2&google_cm=&v3=vi-25096020-643e-404f-a0bc-b919da1fab1c&adid=k26225744_s6273635_p310386514_c156386358&tr_timestamp=1632753692997&google_tc=
https://red.vtracy.de/tr_cm?v3=vi-25096020-643e-404f-a0bc-b919da1fab1c&adid=k26225744_s6273635_p310386514_c156386358&tr_timestamp=1632753692997&google_error=3

49 B
475 B

27ms
27ms

Image
image/gif

18.185.166.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://red.vtracy.de/tr_cm?v3=vi-25096020-643e-404f-a0bc-b919da1fab1c&adid=k26225744_s6273635_p310386514_c156386358&tr_timestamp=1632753692997&google_error=3
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.166.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-166-223.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:33 GMT
Server: Apache
Vary: negotiate
Content-Type: image/gif
Cache-Control: must-revalidate
TCN: choice
Connection: keep-alive
Content-Location: tr_cm.tr
Content-Length: 49
Expires: Wed, 5 Feb 1986 06:06:06 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://red.vtracy.de/tr_cm?v3=vi-25096020-643e-404f-a0bc-b919da1fab1c&adid=k26225744_s6273635_p310386514_c156386358&tr_timestamp=1632753692997&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 367
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tr_ttd.tr
red.vtracy.de/ Frame ED97
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-25096020-643e-404f-a0bc-b919da1fab1c
https://match.adsrvr.org/track/cmb/generic?ttd_pid=m82k10l&ttd_tpi=1&ttd_puid=vi-25096020-643e-404f-a0bc-b919da1fab1c
https://red.vtracy.de/tr_ttd.tr?&tdid=91e5044f-5df7-4a65-b60c-01f76a9ed948&ttd_puid=vi-25096020-643e-404f-a0bc-b919da1fab1c&ttd_puid=vi-25096020-643e-404f-a0bc-b919da1fab1c

49 B
421 B

10ms
9ms

Image
image/gif

18.185.166.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://red.vtracy.de/tr_ttd.tr?&tdid=91e5044f-5df7-4a65-b60c-01f76a9ed948&ttd_puid=vi-25096020-643e-404f-a0bc-b919da1fab1c&ttd_puid=vi-25096020-643e-404f-a0bc-b919da1fab1c
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.166.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-166-223.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:33 GMT
Cache-Control: must-revalidate
Expires: Wed, 5 Feb 1986 06:06:06 GMT
Server: Apache
Connection: keep-alive
Content-Length: 49
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://red.vtracy.de/tr_ttd.tr?&tdid=91e5044f-5df7-4a65-b60c-01f76a9ed948&ttd_puid=vi-25096020-643e-404f-a0bc-b919da1fab1c&ttd_puid=vi-25096020-643e-404f-a0bc-b919da1fab1c
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 375

GET
H/1.1 200
OK mtrcs_220434.js Show response
s79.mxcdn.net/bb-mx/serve/ Frame DBB0 148 KB
57 KB 10ms
9ms Script
text/javascript 2.18.233.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Requested by: Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8943b798efddc7a5ee242732dd0cb2f7f4d5c59417a97b3da42eae595bddf270

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:33 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=1800
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 58019
Expires: Mon, 27 Sep 2021 15:11:33 GMT

GET
H/1.1 200
OK mtrcs_220434.js Show response
s79.mxcdn.net/bb-mx/serve/ Frame 4847 148 KB
57 KB 11ms
11ms Script
text/javascript 2.18.233.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Requested by: Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8943b798efddc7a5ee242732dd0cb2f7f4d5c59417a97b3da42eae595bddf270

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:33 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=1800
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 58019
Expires: Mon, 27 Sep 2021 15:11:33 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FFDF 6 KB
5 KB 48ms
21ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff53edb2cfc88f849504a12cf0ec31bbbe0694eee9399847378391c8743db80a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 14:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4446
x-xss-protection: 0

GET
H2 200 WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js Show response
pagead2.googlesyndication.com/bg/ Frame 80B1 35 KB
13 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13388
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 27 Sep 2022 10:05:51 GMT

GET
H/1.1

200
OK

user-registering
ads.stickyadstv.com/ Frame F6A3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_dbm=&google_tc=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=&google_error=3

43 B
699 B

57ms
19ms

Image
image/gif

2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=&google_error=3
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhi7m7azATAB&v=APEucNWXr7k26Q3BJcipQHdJbKNiJHcO9EMPkL08uk15djgsnifaodq8UufSt73q_E7Xbpxz9Fd8SEJsyhcAnGcYdOMAJxVn0O70vr35v_V_HFjwXrtXjE2OS8Fv2VkxwSDbhNfnCGzI1g9xi1EelLlExB0eY_IcrHwOIgaQmFQgxHiD1HXkFHSvubJsYIj7p-zaPQAWjyBUvSMyDDu7wA7gN50PWHFUtg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:33 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1632753693201041-352
Expires: Mon, 27 Sep 2021 14:41:33 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

user-registering
ads.stickyadstv.com/ Frame F6A3
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTkzZDM5Y2Q5M2YzNzgzY2MwZWU0MWQwZTU1MGFlMjE=&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OTkzZDM5Y2Q5M2YzNzgzY2MwZWU0MWQwZTU1MGFlMjE=&gdpr=0&gdpr_consent=&google_tc=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&redirectId=-1&gdpr=0&gdpr_consent=&google_error=3

43 B
599 B

20ms
20ms

Image
image/gif

2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=141&redirectId=-1&gdpr=0&gdpr_consent=&google_error=3
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhi7m7azATAB&v=APEucNWXr7k26Q3BJcipQHdJbKNiJHcO9EMPkL08uk15djgsnifaodq8UufSt73q_E7Xbpxz9Fd8SEJsyhcAnGcYdOMAJxVn0O70vr35v_V_HFjwXrtXjE2OS8Fv2VkxwSDbhNfnCGzI1g9xi1EelLlExB0eY_IcrHwOIgaQmFQgxHiD1HXkFHSvubJsYIj7p-zaPQAWjyBUvSMyDDu7wA7gN50PWHFUtg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:33 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1632753693417072-359
Expires: Mon, 27 Sep 2021 14:41:33 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.stickyadstv.com/user-registering?dataProviderId=141&redirectId=-1&gdpr=0&gdpr_consent=&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame F6A3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm=&google_dbm=&google_tc=
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=&google_error=3

43 B
163 B

17ms
16ms

Image
image/gif

185.86.137.110
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=&google_error=3
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhi7m7azATAB&v=APEucNWXr7k26Q3BJcipQHdJbKNiJHcO9EMPkL08uk15djgsnifaodq8UufSt73q_E7Xbpxz9Fd8SEJsyhcAnGcYdOMAJxVn0O70vr35v_V_HFjwXrtXjE2OS8Fv2VkxwSDbhNfnCGzI1g9xi1EelLlExB0eY_IcrHwOIgaQmFQgxHiD1HXkFHSvubJsYIj7p-zaPQAWjyBUvSMyDDu7wA7gN50PWHFUtg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame F6A3 43 B
163 B 166ms
42ms Image
image/gif 185.86.137.110
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhi7m7azATAB&v=APEucNWXr7k26Q3BJcipQHdJbKNiJHcO9EMPkL08uk15djgsnifaodq8UufSt73q_E7Xbpxz9Fd8SEJsyhcAnGcYdOMAJxVn0O70vr35v_V_HFjwXrtXjE2OS8Fv2VkxwSDbhNfnCGzI1g9xi1EelLlExB0eY_IcrHwOIgaQmFQgxHiD1HXkFHSvubJsYIj7p-zaPQAWjyBUvSMyDDu7wA7gN50PWHFUtg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:32 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 4B58 236 KB
63 KB 190ms
44ms Script
text/javascript 2a02:26f0:6c00::210:ba2b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/8264868/1630000993483/index.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Mon, 27 Sep 2021 14:56:33 GMT

GET
H2 200 PP-Display-Ad-0-Percent-Campaign-2021-300x250-01.js Show response
s0.2mdn.net/8264868/1630000993483/ Frame 4B58 20 KB
4 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/8264868/1630000993483/PP-Display-Ad-0-Percent-Campaign-2021-300x250-01.js?1629879468740

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8264868/1630000993483/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bfdfd59ccdf43121deb42a194f4166f89db2f816466744a37ce89bc558a4628

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8264868/1630000993483/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 13:47:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3266
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4094
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 18:03:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 13:47:07 GMT

GET
H2 200 Fallback.gif
s0.2mdn.net/8264868/1630000993483/images/ Frame 4B58 16 KB
16 KB 9ms
8ms Image
image/gif 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8264868/1630000993483/images/Fallback.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/8264868/1630000993483/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6ad0f29ac94970678ee9f0c07a97a03206aef022753dd840ae7c040db2edca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8264868/1630000993483/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 17:58:26 GMT
x-content-type-options: nosniff
age: 74587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16471
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 18:03:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Sep 2021 17:58:26 GMT

GET
H2 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 1C5A 60 KB
24 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1630426111390/13-IWE-Edition30-Leaderboard-728x90-iRange/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1630426111390/13-IWE-Edition30-Leaderboard-728x90-iRange/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Sep 2021 14:41:33 GMT

GET
H2 200 script.js Show response
s0.2mdn.net/9758366/1630426111390/13-IWE-Edition30-Leaderboard-728x90-iRange/js/ Frame 1C5A 3 KB
929 B 11ms
9ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1630426111390/13-IWE-Edition30-Leaderboard-728x90-iRange/js/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1630426111390/13-IWE-Edition30-Leaderboard-728x90-iRange/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c823a8c62ce53897a22dbea1f0919194df317aec4943d199020a7b3ee316285d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1630426111390/13-IWE-Edition30-Leaderboard-728x90-iRange/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 12:03:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9496
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 837
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 16:08:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 12:03:17 GMT

GET
H2 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 1FC4 60 KB
24 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Sep 2021 14:41:33 GMT

GET
H2 200 script.js Show response
s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/js/ Frame 1FC4 3 KB
904 B 12ms
11ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/js/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76463ed3dda1b42bf09918e5a314970cd18d9d315033459b9eb3178d01438158

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 16:15:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 813
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 13:19:10 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 27 Sep 2021 16:15:56 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3BD7 22 KB
8 KB 11ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 27 Sep 2021 10:27:15 GMT
expires: Tue, 27 Sep 2022 10:27:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 15258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1881 22 KB
8 KB 10ms
9ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 27 Sep 2021 10:27:15 GMT
expires: Tue, 27 Sep 2022 10:27:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 15258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F457 22 KB
8 KB 10ms
10ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 27 Sep 2021 10:27:15 GMT
expires: Tue, 27 Sep 2022 10:27:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 15258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK mtrcs_220434.js Show response
s79.mxcdn.net/bb-mx/serve/ Frame 0172 148 KB
57 KB 10ms
9ms Script
text/javascript 2.18.233.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8943b798efddc7a5ee242732dd0cb2f7f4d5c59417a97b3da42eae595bddf270

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:33 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=1800
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 58019
Expires: Mon, 27 Sep 2021 15:11:33 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/ Frame 9B3D 6 KB
2 KB 13ms
13ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c63c68c8c4a9f6efa028bdec6e1e2f2675e70ca00bc0b3891bba2385b58c2191

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 2042
date: Mon, 27 Sep 2021 12:19:30 GMT
expires: Tue, 28 Sep 2021 12:19:30 GMT
last-modified: Tue, 31 Aug 2021 16:08:36 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 8523
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0172 0
24 B 77ms
76ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstLxkiujtyYmE8SQs_2Lsl86KAI1ktsHhuYvFkkGJieHgz7Q4S1ncPUNUhDee0fTcIO_i1xKWs4MUDT8efHZcKvELiB_kf7Jup32qK5bWKvuGDhA9dyZgZ1R-N0l609mVHzMj2-XfwfjbjIC5GMEaWwgFbzstn-PayyFHVVvAdkglGYUENd3jTjfE4wq8LcsiUzlkuhLP5Cdq4gsN1dJ37MIH8OVT4rCze9Rg0IcB3FPuQRnEqrcs9Dc_a--ta6K3eDUCj5G3Ij2cwE287yNjjXCUCZaV-kbKvtrwuNhheGiUlkBRQeo0e-hrWZECKAWuYMcdnMrlbONs-IvwpaRU0Q2_pvIt98nn-oHi-NgWu5yTsVSpolCBOJSJMs2UE8JloguOpBPv2vqaYxb22oui6k0slV9R3aqJLx4nUNYw2rOH0MDUYHn6qc1kGFunJ-ISK8ukQuKGAtNDJT-qhUXYvpIMcxOg74X9AlRjH4yIi0DSGKnTNoZuTkOB63lwgY6MBBkss4qxdx_QIXS6w0NchvbG3Bv_1NLm7tLMwuzdQI5C-_lMT48wZ442WyMcxAdy6y6vhec5wrd6-RYB0Hvob8QqLGLOeU9ycMA2CQDLgt_pEA4ETwsPiktdWzy3iTobSf8u4RZAfl59lqDdtSeegtDpjfM-OfV_RtgxNjrruzBuHxcCM2WEvyq5leodB6cEnowZ3YZPCsObczVb154iQ5_wZMBqy0VCGU1gS6_y5qBVYQTvavseXR1D3-_GjM3xKsZ7f_LUHXuHVvwNTs31-4rqnPNcz90jClOhUx59kTwBIrJf8d27Z0Bw8ir9LK9yBunVUp01QnXCNWo-ejN_fC55E7ebYJrdtAr8StRn5Xvxk_a7zECiDxF79UeH2pNYbsek0vEN2Kbr8mFG_ze8lHDDKTkZzwhTwk6SVsr_s_S2SpWH8CC2ALfBq-Y6Z8VN9F8W2tq4fs8TaROIKYogitffUmiNzMZ4xHCCBgk2yL9NaCu5bMTrWAQkvJeIdm9KzhIn-N8idaiVfwV-pIWe7Rpc2u4UUfeePwC1GWJxqhAlljOqueiReljYI0JQzOKmhpnpiFzO3c8uWaUtwj9YJUHZ91BrQuTo8mvDWEKhGPyZrwucVHC5_tceZyjl_nSRr3PuhdLVJFhBbIZlPKnqvPxonmEptHv6np_nIHjdMCHk1fB_4MJdhHgE3n-hGOamZcGQiyEmXSYiOPQy_izN4p&sai=AMfl-YSUg30AdZEavyHhvs1srIGsCmGnVM8KpTGeLkcFxciV96HZAmIRJSztwsBj92kGMf_icXBNt5FoIdUgv2RqdaUm3i498V2rOwfX9G1fM2UAPj6KdK7pq27eUZGplWM8mnPbbMsOaVHlj7RDE1cjVGlcBjq9yw&sig=Cg0ArKJSzCZRx94jOaToEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=108&cbvp=1&cstd=107&cisv=r20210922.80376&adurl=

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Mon, 27 Sep 2021 14:41:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 1542148218280781428
s0.2mdn.net/simgad/ Frame CEA0 399 KB
400 KB 12ms
10ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1542148218280781428

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

298d56b5ca4823f5e3396f4237da6b3e9652b6319413eae6b45bb5936f47e0fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 22:04:58 GMT
x-content-type-options: nosniff
age: 59795
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 408958
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 12:05:56 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Sep 2022 22:04:58 GMT

GET
H2 200 1542148218280781428
s0.2mdn.net/simgad/ Frame CEA0 399 KB
400 KB 35ms
33ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1542148218280781428?w=195&h=102

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

298d56b5ca4823f5e3396f4237da6b3e9652b6319413eae6b45bb5936f47e0fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 22:07:41 GMT
x-content-type-options: nosniff
age: 59632
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 408958
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 12:05:56 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Sep 2022 22:07:41 GMT

GET
H2 200 container.html
a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CEA0 6 KB
6 KB 9ms
7ms Image
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3108
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/html
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 27 Sep 2022 14:41:30 GMT

GET
DATA 200
OK truncated
/ Frame CEA0 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38354e6a0119fe113356e1506a115ca148a6b9ea22cf88136baa9167d6fde794

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 10078418037007043648
s0.2mdn.net/simgad/ Frame CEA0 193 KB
194 KB 37ms
36ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/10078418037007043648

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

311e59af2826f6512d4be9e3c4aab22fc5748c2c85ec695a2295408f013339f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 05:50:16 GMT
x-content-type-options: nosniff
age: 291077
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198117
x-xss-protection: 0
last-modified: Wed, 19 May 2021 16:41:57 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 24 Sep 2022 05:50:16 GMT

GET
H2 200 10078418037007043648
s0.2mdn.net/simgad/ Frame CEA0 193 KB
194 KB 13ms
13ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/10078418037007043648?w=195&h=102

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

311e59af2826f6512d4be9e3c4aab22fc5748c2c85ec695a2295408f013339f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 04:48:19 GMT
x-content-type-options: nosniff
age: 553994
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198117
x-xss-protection: 0
last-modified: Wed, 19 May 2021 16:41:57 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Sep 2022 04:48:19 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CEA0 0
0 38ms
37ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CmUxUHNhRYcDyBIWUlQfq9oSoDd-ijqpli8q15p0Oqtu_oNQBEAEglZvKIWCVgoCAmAegAe7JlO8CyAEGqQLfnzmW4aKzPqgDAcgDmwSqBNQBT9CNnv8SVi-iVijmny0zE5vwKNPkD-kKmZkSVUnYNh-QpLcORRVyPwh_ZHf5b9x87vOCPJ_mhIRnrUFF3O3yWojsV1b-OZa2agE1kP-X1shY_MopNuiC1Epo30RVONr9JuAezxvxtZAxR7fDYW1Cv0Fv9K0hHP8GnhigkSBai-cr0jk73oc_pQRbQk9ITyZ5HzTAzuZSsf72e17P9B3MLZ6pc3MjV147MX8zqx97b32t5-f7Do1Tv1QF5krQdNg3fmtG4H9iJLIUDqjv9HDU8XgqV2XABIrxtYPAA-AEA4gF2uStjDSSBQYIAxACGAGSBQYIGxACGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB_q165ABqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAfIHChCErgwYzeS5sQHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTk5Mzg1NjU4MjIwMzQ2ODCACgPICwGwE4XlwgzIE9i53d0D0BMA2BMNiBQB2BQB0BUBgBcBshceChwIABIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=icLn-PVz-e4&cid=CAQSOwCNIrLMRrO6tsVV7a3915FNytDJn-ajuNsvV06DvHZvrMKWJWbvhaGx_7GEEUJ9SIFRU6winvaNGXS6&template_id=509&vt=10
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame CEA0 0
0 42ms
39ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C3FFaHNhRYcHyBIWUlQfq9oSoDdisnd5irPqnl-gN__WQ49cCEAEglZvKIWCVgoCAmAegAZ_tz9gCyAEGqQLfnzmW4aKzPqgDAcgDmwSqBNIBT9CIKtrqFE2CMOk5Z-C4mxk6lrWi49bHRBgPZfWSq1pf6ylyIYyL3TBqO6WpZsagwzaYpcZQ8ZjtZZq0GCjJDYy40KSbL_65ncH4M54Uhz5jjJXvYYdOtr9lrbtRLWbscBpTPsPLkPhylpgcku4wpZvqkJVOb2ZxTY3B90Fv69QlTsNES8WOshrwm-EQzLOgIRN3AXdF-Vo-qP6r0rxMf3ZiAI26rptVCZvL34DGfPrfucvOmysO1BRLlx0ZWteSgBbSzPsauoOKdx-3jMqfp8p3wASJ2LOAxQPgBAOIBbL90NQwkgUGCAMQARgBkgUGCBsQAhgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAfJkrCnAagH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwoQ5IELGMPOjKoB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05OTM4NTY1ODIyMDM0NjgwgAoDyAsBsBOYsM8MyBPwqpQJ0BMA2BMN2BQB0BUBgBcBshceChwIABIUcHViLTM4MzE4OTQ1NTkwMTQ2MTQY_fkT&sigh=HVnFd823K7o&cid=CAQSOwCNIrLMRrO6tsVV7a3915FNytDJn-ajuNsvV06DvHZvrMKWJWbvhaGx_7GEEUJ9SIFRU6winvaNGXS6&template_id=509&vt=10
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CEA0 42 B
109 B 53ms
48ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AjJx-jq3jX0ZTI_cJHmqHmSy9DfmYyMUuXDYqd2_is5VGtIUN0lLzsFk_v5dmoWJU1KvjtMqE-tzN3V0OAT4hlRaYTuvOe5pSKJdERE1IxsucjXe1CdMgO6cPv9jqqcTeQlbAaCwUuNaL3POKZpvpmJ8fPuQ&dbm_d=AKAmf-DhiV85JJM-5N8V7B1ZPnnPTDQNMcwhLfKfVE4TOpQTV-17JZ3et7xWj7GBNz2fdi_-vA1KWsPSMkfm1nf3lIlqYwmYudAoChvkc4NW0ac-qajfp7ZG49H26VkyMLHGAGGDgrRDwgK0WXndtd6TTBtb23QEBvl1kHByBa9fse3-ZebFpeDKJL02N3ft4xUytR_oTGbVMUeLgAi8ZnOXKgj8S750WQJf0RbYOar_wcCAxuuCyOoXD2NUP0zutRn3iZH3dshcTZ8Z32AbeED4UE4eCdsWlvGmDNYOpvAt2UBxC7mETgBJpkM88tjc1Eipmcc8PjjlDYVmol6E30ZCs1nHMfFUNXpJe6TRx4kz-nayLg3cqazFrg-kZ7_Bk2fJuJOz_hzQF61u1Yn-H324sTJHzgfsbTu_wJYXauDTMzU3tyyCrkgNQhS3ffLYRlhpB5RSJJBL1kCqmhZgqu3faBAXaxIBuxOvzbjm_achsdTFN-7Y0lB4pf5LeeQ9PcqveYDG0S4N4tggziGu3E0yRI0I81AxGTpe4eZLbLrwAjCPfhduLSxxbajI6KG_2hSXRudzaEIQ2TET5uWBb7raOaXX8tfrlg0XaGV1iSjEVr9Aoou5z7m0EgO3lkdWuAzstFbAjEztl1Y0EZFUgr3Y1KIZ6A-wQN35WnaPXdQxlhULgOAFPAeQJyXr_nxBs0iwUH5lEeFnfoafQvIjG_j3LPcqbY4B2rQ6XwaU0T72q9UeB7sk1rmGVs8cXcIZ-FDWOzAMqmi93xb6y6IdwKKqIPKp5AAyvJwOhLYRWWopjv8k-cTAi5PAgTx7nf-qutET7fiovAu1hY9dhGQ9hQtn-sZDtdp14efY_V5ZHXK81EYfv9G-rBIsZjM6XWKrh1abPXATnI-rnk5nlCbQEzYXgHPQmT52et0edO_so-QRPFdibJEcqV4sOuu-hz5dhVTCURCM7gvHMWOpnR_GCW_Po_Znj9fJo8WSJ9nlvdbPTglyogT45GfpJpjaJaTjgp3vkAvzhh1HFDmCYG0JyfbuLLzdgn3uaarlgg_UV8-QW5KzHmq0d0ikaqu7RfbJs57gUu6El8CGYp_lGD-dBmBxTVKXNBb59DHocqWkSW1o6ncIOAvSqtfNu2OkFbSx4GBdMZODrLZBNl7rIX7-MG0PkPx1X25z99oE-YGdo4RAB7yLd949phxSxfYTzb6-KigoDVIDn3ncDic74gGGgQSfSSjI5xPVxIBQ55HjRjdrcO5CPbGHqdKsZ-wu-U2zhP53uY5e0oRp8d4z17baSE_l2x5_fduw7SB_6tYt8cucSq_fFYu-EbFXZKAIj7urLm7T-EYPMNCWvhdLbbNwdjMvZvzOY3jjoaO5vSS6VkyKC5CUMaOtnDmJv72G9b3hyy52Kdp4L0pxOP_A0iNDNQj9lAcgwhanbNPbQy6UX9F815X93uMBklHEcNUJ9DOpJud1RybEaUn86ImhDifIA3Uv6NsWEjH0c1y6JldIQxSXkHCElcA5FnHUNzJWAWbS-OgWAvuofciCifR36kLaju1mK1CuGFnErd-EDvW4Lugh0lZWfQvVrX2j6PDanOHKGdVsdd26B0tnfzKfiRurxh8Q5opWEZXAQ7vqlAXkAI3WizKu65mQBIsZT4WAG7QumPNNYEHxIQr7uBtZSepvuUry0GQQFUro5ILi7ZHvjytJD2vs2VsGCfhZOYOyPYPlpSbCdAGxc6aI4arVJADsr2keiGLTaTe8kOxTCT1OBqfkwMMgT1OR8nO-CtvzPNG4dZ8LlgPerD1ToSbUVGZNBb9x3qRzpCe0DVkVi86t-Kl3mR95ZHSZHWmNF9MNLP8uBaS6L6Tp-3CMTfDMix--a6-T6A5kgjHUSBvzwF3C6gfKAuhC5zLaG-6IM6Bwjhnn_QsiAyr-HA1KoIwFA3O2uCS57RgYhtb2FUHCBJp1eqAqyyrkGDbqYZC-hoPnaBuDKeoCl7IwrNiMMJ3G-CBsfYpkBDr-6qcZuKr7Xt0CiTyh6wZGIASBppQz6GQ52UTtNLEkoIsTELqCEwcoSMgrJQ3HxWt5C6QzxAes8IcPJ7AN3qv5hiOe0Pch5UFELEd9y-Q5XYoxN4KH28hCSkThVroNWeiaBWHCiFGjIBvSGvBgCu0plIE9DIGhG1Fh35jorF9QnjPtgvsiiFXu4gF32cwZv3xFY7olXjh_2W3vyX663nTMZBjYFtvAKNTaCRiDLuo9DYbrlUcriDSriDNDmZv8j2B8ReyMfKLQQ4oVnOqIu5q3voWX8SfrsDIJvOscIQCoMi33VqIDmeT5Ck7QveRkGbcQnmUxW-HRFMCCPPAAIHkYbRiP21HARyIrlZjNW4pNd70fw-Yexez01PXrHYPOOybCueXf6ag6cR30Sa4egSgQX5musMzq0nKeuI-jRpuZ1PNASYYYSoG_zd_Ry2RtejIBXsPJq0GBWsDH3n4Uh6Dvl8pQ8e51wLBOIpppskx-dhTe_OH6cw1FwHvKgMVQtAXnCAE8p395lu57VrAzLE5Wl4TLCjk-dPDW3GIFmQ-n91fpde0t4sv-vMOYMi2ZVRfJ-82ncdrADXtlv8IhzUr2NPVqObBieGOa1w_fSw2sU-upiLSW0EAVSVFK2X8RL_xERPdXby2dtkcWPv4CIcmAInAdJXBBB8AzAEZt0N6FarTsVs9J3XkPGaQKLnB_j5uMSbI4lZHGo84_hFfFQqWvtDA1RO_qMIYXGvu2XYyID0e7AigtFV6yUus36deCRm7E_ExMuqs3wCKsJzUAyR6E384Fn8c-j1O9zh4bKzkL4522Dl619PnQPGAeLo2s7JsUR_rdPz3260_9dhlDmbee5ib8wN7LNLWeUIjmJDEwz5zO91T6jtK2NkshJ4ilvDWb9lBJzUbVYZ057b-MPlEoYc8ye8KlcXS6Y2ij1iouCnFgYP1Jahy4qbdsRRfvsEJ9RLgAvWgUF0dmBFcxcJzdYkQMWiusj7crs5dSNRCyKdjwm0RKzxl7prsO6tPQvxqRHUwvCH4sfd7ttxkWX6jAJPvqlUQ&cid=CAASEuRohi-RN1ARfPGThD_Hue2vwQ

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CEA0 42 B
109 B 69ms
67ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CpI8bJKS205JQOCROmPUi4DOlCD0UVxAM2xfc5DOGz5D-01YwiOZ1Ffh-1Ljvv2VG_yLxhO4duB2PUUjCAoY60uOC3TcLdDvxCR-nBpW5ErkfP-nbUjBMgbXThZJn7upAL-B-29GK93MbrXcndHecdR57jRw&dbm_d=AKAmf-BuhpmfOILtt7iiTN3qyCadzfvP2XK8PuEVCNqeR-CRaHNcodegqXjgpKDU3an7hbDKnbTcQod_iMS6pn2PXUB8WR-0mZFvArkig1gJyuW4GFqgY3lUoVRF0r5e4LQSIcmClIWHnkWXW-hrq-GajbfyZJIeayCSI9n9B7qRFbTvKuepsz7dlzJ-W8t7A2X-hNl0f4e93f9WyEJ7BzPJUidSCAl3o10YsQMnX5u7BpnGLPP3At9xtWNXHdtIs9K-oOiFVJS61fxzEXlpVr0zIroM_0qRJQH97EIJTG21SdB5JTTexC7MhXFnzDclxt0VVG7V9L9yf1srq2hZiveBoKITlsM1o4T7OcqT12hp6mZo8Vteemv67No0BCY2Qk8hlvYH_eldZ--yImIRF-APluJBkpzjihX9DfQJtI2qX5YFEGh0O_jEQb-TC-RgVZHhgMH-opzOmhSS5GeF7UHRxH6SXqkdoVQsfEQxvGR0f-TrrsiseGxlwVvU2mh4IBVfR_e6eMORP9sF5BAFLsY1b0SM-yq4eNwqhuRlMKBErbwY0ltvE8LqGYhQVtSbv9P29f-plvFje3swQYT80PRJ2EAAHmDxXsBcC3mua8GIxsb74jqrjRqpx2z9LH0MnhfHIQEeCLWq0HzdqD1nVChmjHH1_eB72OalDHOPtciANjiMeY_V2sVmlhqz50w3PoNzr7ZgtGgsoEU4gtcS3ORM1aNbnPWzerJ_O9sTpR171TWc56W5O5M61qWWOiXXZlxlpHmRaUTSXN8JmKp7gqwEnJptW4ayXpU-zqZeD9cnlZknDiRA_Zck4ORzt9-2g_lQjgq9Nbz1t29Tm_-MBKouSePXePr71zLg0eWLJ63YXGj8_MidOPKeWl_t_s8e3ooM5RW6VsKg1Gzff6oRAFUeOJiyd7e4TUTvhZs42FwkaHunCkM6PyUjPPhlnumDZg9boo_uO8C2eZ1OfWKP5QpQTpCYA6M5Lh_CxnFOHuiluZwtGvOR0cimykbKyXSa8KQf9KeQ1OMYdEV8xK5lmyG2g-SHqfvhcKhGXjBsaCD8ewQzHjAKMGt3tk-iNm0aKwXUgniCmjHOjEitc4M9EdP9jl5vGqke57fXThYFqe9VJR2RrdxANDGOvOhxrLCB9G0GgXP471sbvL0TsldDsf8wBgtv26ZdfiXL0XFjTeERbnn_Eimmg6zkNiLKX49VapA5HiQSDhyRDrNY1WNaS_-1ofnDmxHYtWCs7VTeB9qMtv3u8haq7meAL9LTCwh6Z4IZipPydyBZG45VY90zqxVvzyb8JyoMA8dmdolfLrBkNoDNBSGJq4MnRA5kxsNgyv5cGVceO9ywzEwfZGpLYSxep9FpalBQT8qULyHI8nnsJJTGx39nc2Y9uK3htP_5XZV4Wb6wRndXaUgKDblVZT6LL7-BjtlpPR14KZ_8j1G4kFK4h6xRAjfSzImW7uL7137zixxPp7CAwC_KZdJ4waYH0ZBXsHrx7lx0fZsgFmiEAkz3liXMhcAXiL-ul-n-eWDKn-YVt7p8KCkT-b_Xys4_ihdN1DlVXvL5doltAshhSwJJsIRJTTnYD1pJlejhnJRvR2ey6878hhGGHODgZieL8pU4hkgyuIg7ZmO1_UHNZpmtVLmgfkfocSANdepT_ibpCTbpullwVpqBWNqHvNQYMp3bLg_lysenPfo4B4W8pL1aAawgy35IrLBsv3OF_lNXTE9hbCg4kWK1NaW8uUpLBPkFt2IFurGoaFqa5nD0dr-4_JD9JR_kVDxyYz-_btfu2xsgtonirh-dDBvPcnz1A2xFZ6NYpU6ARSr6HJxRwUrXkrhv9gH5ZKAAiJe6RGlgMbO3leMdlgGneMFsDlZSv3h4CFamH0FRQj_OMPGBKBu4MXyngPutwVH3xrtbuQf_0v2V5CdkwwESoO3p6sXtPfQq0iITMrmSu4mjx9A-RriwI8BrFyO6Ay7ps3HjZgXbcgpT954n_DqS9937ekri7sYOH0xjC4QpkFjFIKzfTngsDaePIB5fYRrLODVlnLHDxOHDKXavqA3Ise_IF2qRxPHirXLRfKRPh9oxZCo3pqqHT1s4Iw8hi8IeCkRT5QhehrhP2xoI1gTWW32cGNJs0Tk2iExstrW99WCA75TTc74S9rDcg1n5hN8n2v_3N0Fqp4RupxvxRigVU4tjRfMN-CL7krhn6u8P37AXUKv02G3rDnLcUSZ-Tn6ZpabGSVWxWauykeMDDB9oSuXeFq_FCKECeeIOTsHuEEQdTnLO-c4I0R6vbIVifkFYS3mkBxOOyx9Szp_60nwN8quhw73L57rccRbHQ5UrZDv4BqjDo81XwxI-xT9a4FPvtEt-eXncOZEqx0vnbhuANRcgSbV7gRs_EmGFNMiU_Ufc2vSGGNsx1iYe1gArYYW8SGfksIMgJot-iy-yRK_wxr7SxCtg2WE_YxOKyz_ybsANLkyzpKPwOyP6rqWlSZgFjlvxrzeFyo66U0Z0puD3MY11gYFM1wduMSxU_eGkwPFPOJX0W3Z63Q0Dz0Tq-2lkoivmco6egNSu0_B8KjMcHNuevO-piZhWLd8RVUJih6k4MDVRV0Hm8PG6pTQYeyUDippp8Y7WG9odynTLxGm9pp2AAjhfYo3xkuYJVHum8CVF3uIRSXtL7MxwUfgTZLcJQoorfW7pRtB2ub6xUbuZYJ0JIsCGnIkDGG8HQD0KUdIxVaSawuv6foF5Ftxs1b5BWTbC7ePTn9lfi4yKBbQc4aa3WiL7e93f2iJ7Kwbpm-ZcxNKCSreCWMOVBUAqbbC0krRBkqxVz-g_g2SiL_ne0lItQzw9lN5rErDrF4xE8JDK070U_O-KdWAJCMOVDkF21EdIk7Queqj4SmqK14GOwzq4pdCHy4ki3hg_ThO-HVQYNcXumPZHL7aVnLTHezCNUnPT4yCmpNtntd0EA1xQjyfbLdrymT2v0-pJYA&cid=CAASEuRoVldGPmJzqA3P465vcR_zNA

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0B83
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEIYgjjlJ4uM8DjjVJZXI2GQ&google_cver=1&google_push=AYg5qPL6Md_XN0awegOFjuQhUBtPPDr-zmwDSMCLItffObv_qoZJKwyZHzPOrJUoOFLugU1l6ahR6pL4KfHrHbR88p9oHGejkI4
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzcwNjk1Mzc0NjI0MjYzODcyOQ==
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm=&google_sc=&google_hm=NzcwNjk1Mzc0NjI0MjYzODcyOQ==&google_tc=

170 B
195 B

18ms
17ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm=&google_sc=&google_hm=NzcwNjk1Mzc0NjI0MjYzODcyOQ==&google_tc=

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm=&google_sc=&google_hm=NzcwNjk1Mzc0NjI0MjYzODcyOQ==&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 336
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 0B83 0
104 B 214ms
62ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHpS7llkKQMAV0_DrgrYoCo&google_cver=1&google_push=AYg5qPIkI6bJ7ClrZluAQ4EQQDMhtecoF33_s68rn78i7Mkd_pZU2bDuTBhFzx3zz6XlcH14osGJQJYELA5qcLETnFJRF8Wovw
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

200

match-result
tags.w55c.net/ Frame 0B83
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOrz3hdBdEtKIgKOCqhkOBY&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOrz3hdBdEtKIgKOCqhkOBY&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bURPaGlUOFQxTXVST1o1&google_gid=CAESEOrz3hdBdEtKIgKOCqhkOBY&google_cver=1&google_push=AYg5qPJQZ-kNKBqyQgR33YB60XQtU0VySKy2XLOOyx_Tj28...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bURPaGlUOFQxTXVST1o1&google_gid=CAESEOrz3hdBdEtKIgKOCqhkOBY&google_cver=1&google_push=AYg5qPJQZ-kNKBqyQgR33YB60XQtU0VySKy2XLOOyx_Tj28...
https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_error=3

42 B
687 B

101ms
8ms

Image
image/gif

18.194.125.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_error=3

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.125.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-125-59.eu-central-1.compute.amazonaws.com

Software

Retargeting/8a430fa#rel-ec2-master i-036989daef33ebbfa@eu-central-1b@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:33 GMT
Server: Retargeting/8a430fa#rel-ec2-master i-036989daef33ebbfa@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1x1.gif
imagesrv.adition.com/ Frame 0B83
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFutXn4o_nmRZ5TuFjBbFAw&google_cver=1&google_push=AYg5qPIHOgEBiMg93QOfFE5Rdc0ZI-7XrMiewACSNdulfQSQRWKcHKikYNbFXM1za9l_q5JlQYG6qClzrAU3BW...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxMjYyMzcxMzg1OTI3MDgwMQ%3D%3D&google_push=AYg5qPIHOgEBiMg93QOfFE5Rdc0ZI-7XrMiewACSNdulfQSQRWKcHKikYNbFXM1za9l_q5JlQYG6qClzrAU3BWQ9um...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxMjYyMzcxMzg1OTI3MDgwMQ%3D%3D&google_push=AYg5qPIHOgEBiMg93QOfFE5Rdc0ZI-7XrMiewACSNdulfQSQRWKcHKikYNbFXM1za9l_q5JlQYG6qClzrAU3BWQ9um...
https://imagesrv.adition.com/1x1.gif?google_error=3

68 B
178 B

62ms
10ms

Image
image/gif

217.79.188.11
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imagesrv.adition.com/1x1.gif?google_error=3
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.79.188.11 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: imagesrv.adition.com
Software: /
Resource Hash: 5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 27 Sep 2021 14:41:33 GMT
last-modified: Fri, 24 Jul 2009 13:46:10 GMT
accept-ranges: bytes
etag: "3122740758"
content-length: 68
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://imagesrv.adition.com/1x1.gif?google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

google_match.ashx
ads.travelaudience.com/ Frame 0B83
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEHqP2ia1TSuqoiW1lzOH8b0&google_cver=1&google_push=AYg5qPKNewlinsVb2mpK6G-g9gglBhZ-13tzkF0OLhxLBXq5bO-30Ej2pZKGpTCnl2kxynx0BkiVtc0B2wX3AHYl...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=9LvPczokRBmk7ReC0sBXMQ2&google_push=AYg5qPKNewlinsVb2mpK6G-g9gglBhZ-13tzkF0OLhxLBXq5bO-30Ej2pZKGpTCnl2kxynx0BkiVtc0B2wX3AHYlIAedHsk9ISQ
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=9LvPczokRBmk7ReC0sBXMQ2&google_push=AYg5qPKNewlinsVb2mpK6G-g9gglBhZ-13tzkF0OLhxLBXq5bO-30Ej2pZKGpTCnl2kxynx0BkiVtc0B2wX3AHYlIAedHsk9ISQ&go...
https://ads.travelaudience.com/google_match.ashx?google_error=3

35 B
114 B

43ms
43ms

Image
image/gif

35.190.0.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.travelaudience.com/google_match.ashx?google_error=3
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 66.0.190.35.bc.googleusercontent.com
Software: nginx/1.15.12 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
content-encoding: gzip
x-engine-version: 0.0.0
server: nginx/1.15.12
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
via: 1.1 google
x-host: tde-deliveryengine-production-7f8fcb5db4-fz9pv
content-type: image/gif
alt-svc: clear

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.travelaudience.com/google_match.ashx?google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

goog_rub
px.adhigh.net/p/cm/ Frame 0B83
Redirect Chain

https://px.adhigh.net/p/gm/rub?google_gid=CAESEOzb0JLQJSMw8h9cx7dbV0U&google_cver=1&google_push=AYg5qPK48g5zp3sIaVu0vHVG6yl7EthfpG5a8CEcxFDI2QcOEEm2OS__U8RCCrPkri1JdoQcHJdBtAPSQKiriBl--979QukcF-0
https://px.adhigh.net/p/gm/rub?google_gid=CAESEOzb0JLQJSMw8h9cx7dbV0U&google_cver=1&google_push=AYg5qPK48g5zp3sIaVu0vHVG6yl7EthfpG5a8CEcxFDI2QcOEEm2OS__U8RCCrPkri1JdoQcHJdBtAPSQKiriBl--979QukcF-0&b...
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPK48g5zp3sIaVu0vHVG6yl7EthfpG5a8CEcxFDI2QcOEEm2OS__U8RCCrPkri1JdoQcHJdBtAPSQKiriBl--979QukcF-0&google_hm=-QO_PgJtdBMAAikABlF8J7Qy...
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=AYg5qPK48g5zp3sIaVu0vHVG6yl7EthfpG5a8CEcxFDI2QcOEEm2OS__U8RCCrPkri1JdoQcHJdBtAPSQKiriBl--979QukcF-0&google_hm=-QO_PgJtdBMAAikABlF8J7Qy...
https://px.adhigh.net/p/cm/goog_rub?google_error=3

49 B
326 B

76ms
76ms

Image
image/gif

193.232.148.158
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.adhigh.net/p/cm/goog_rub?google_error=3
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.232.148.158 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: smtp19.sender.ltmse.com
Software: nginx /
Resource Hash: d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: nginx
x-backend-id: f19-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: image/gif
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://px.adhigh.net/p/cm/goog_rub?google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

pixel
cm.g.doubleclick.net/ Frame 0B83
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEC7u_98JPDJg0jqJEVw_Oes&google_cver=1&google_push=AYg5qPJf6lGcYlsnaEoHxQxMKJup9TX7J2EKoOKrUVDZpKVIzN1CYIqztW_6Jq4JhF3oS7hHqChO0c...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPJf6lGcYlsnaEoHxQxMKJup9TX7J2EKoOKrUVDZpKVIzN1CYIqztW_6Jq4JhF3oS7hHqChO0cLWqLNK09NM20-zsXU4sFA&google_hm=MTYzNDMyMzE...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AYg5qPJf6lGcYlsnaEoHxQxMKJup9TX7J2EKoOKrUVDZpKVIzN1CYIqztW_6Jq4JhF3oS7hHqChO0cLWqLNK09NM20-zsXU4sFA&google_hm=MTYzNDMyMzE...
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_error=3
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=&google_hm=MTYzNDMyMzEwMzE5MTg3OTk5NQ%3D%3D
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_error=5
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=&google_hm=MTYzNDMyMzEwMzE5MTg3OTk5NQ%3D%3D
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_error=5
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=&google_hm=MTYzNDMyMzEwMzE5MTg3OTk5NQ%3D%3D
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_error=5
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=&google_hm=MTYzNDMyMzEwMzE5MTg3OTk5NQ%3D%3D
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_error=5
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=&google_hm=MTYzNDMyMzEwMzE5MTg3OTk5NQ%3D%3D
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_error=5
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=&google_hm=MTYzNDMyMzEwMzE5MTg3OTk5NQ%3D%3D
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_error=5
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=&google_hm=MTYzNDMyMzEwMzE5MTg3OTk5NQ%3D%3D
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_error=5
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=&google_hm=MTYzNDMyMzEwMzE5MTg3OTk5NQ%3D%3D
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_error=5
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=&google_hm=MTYzNDMyMzEwMzE5MTg3OTk5NQ%3D%3D

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0B83 0
15 B 36ms
35ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KJXefEV1Kurz6DA0-C2qZTHBl1LiXXwPQwD4PP-AWrALVMOamOYjbR3ls404dYzV7-oWRL

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FFDF 17 KB
6 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 27 Sep 2021 14:41:33 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 03E0 1 KB
792 B 28ms
27ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 27 Sep 2021 08:58:57 GMT
expires: Tue, 28 Sep 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 20556
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame CEA0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dafea843f461ff0e7c9f328cb4c2aaef2ac9fb2437deb0b151e44c59b19ef1aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200

match-result
tags.w55c.net/ Frame A8F8
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOrz3hdBdEtKIgKOCqhkOBY&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEOrz3hdBdEtKIgKOCqhkOBY&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bURPaGlUOFQxTXVST1o1&google_gid=CAESEOrz3hdBdEtKIgKOCqhkOBY&google_cver=1&google_push=AYg5qPLgixw-o2mieTYsi45_YIbyz_BaLtL-pnTxzSSpjj_...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=bURPaGlUOFQxTXVST1o1&google_gid=CAESEOrz3hdBdEtKIgKOCqhkOBY&google_cver=1&google_push=AYg5qPLgixw-o2mieTYsi45_YIbyz_BaLtL-pnTxzSSpjj_...
https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_error=3

42 B
687 B

100ms
7ms

Image
image/gif

18.194.125.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_error=3

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.194.125.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-194-125-59.eu-central-1.compute.amazonaws.com

Software

Retargeting/8a430fa#rel-ec2-master i-0066ec59cc187b8a7@eu-central-1a@dxedge-app-eu-central-1-prod-asg /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:32 GMT
Server: Retargeting/8a430fa#rel-ec2-master i-0066ec59cc187b8a7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://tags.w55c.net/match-result?id=8bb138bc0446417c9a4df9a0136d0caf8a93328592bf4d059bfc856c256fbc33&ei=GOOGLE&euid=&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

us.php
gu.dyntrk.com/adx/ga/ Frame A8F8
Redirect Chain

https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESELJFdIaufHudnExUw0gQJp0&google_cver=1&google_push=AYg5qPLjgcXHuaVGe4VEqK2X53gZW6KCakOlHFujgTjyzuIrdIigIDGw-doUAqF5B0PxNH5VWBz1QyUaXS...
https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESELJFdIaufHudnExUw0gQJp0&google_cver=1&google_push=AYg5qPLjgcXHuaVGe4VEqK2X53gZW6KCakOlHFujgTjyzuIrdIigIDGw-doUAqF5B0PxNH5VWBz1QyUaXS...
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPLjgcXHuaVGe4VEqK2X53gZW6KCakOlHFujgTjyzuIrdIigIDGw-doUAqF5B0PxNH5VWBz1QyUaXSNu8kbrBce8gf5g-b8&google_hm=MDMwMzAwMDFfNjE1MWQ4...
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AYg5qPLjgcXHuaVGe4VEqK2X53gZW6KCakOlHFujgTjyzuIrdIigIDGw-doUAqF5B0PxNH5VWBz1QyUaXSNu8kbrBce8gf5g-b8&google_hm=MDMwMzAwMDFfNjE1MWQ4...
https://gu.dyntrk.com/adx/ga/us.php?dynk=ga2ex&gg_call=1&guid=&google_error=3

0
394 B

44ms
7ms

Image
text/html

135.125.160.160
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gu.dyntrk.com/adx/ga/us.php?dynk=ga2ex&gg_call=1&guid=&google_error=3
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.160.160 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3198892.ip-135-125-160.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
content-encoding: gzip
server: nginx
transfer-encoding: chunked
access-control-allow-methods: POST, GET, OPTIONS
p3p: CP="NOI DEV OUR BUS UNI"
access-control-allow-origin: *
cache-control: no-cache
content-type: text/html; charset=UTF-8
access-control-allow-headers: Origin
keep-alive: timeout=10

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://gu.dyntrk.com/adx/ga/us.php?dynk=ga2ex&gg_call=1&guid=&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 286
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

google_sync_status
x.bidswitch.net/ Frame A8F8
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEL1w0ZsYMdNKV8w7kvBBHfI&google_cver=1&google_push=AYg5qPI5JoWMV-7PJZ4sntHuDoz8x2m-gkt1R5v6G-80MreuPSh9KGbyQu3bkTC9fY4S0QS75VvKATOYlB7TwzOGVh8f...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEL1w0ZsYMdNKV8w7kvBBHfI&google_cver=1&google_push=AYg5qPI5JoWMV-7PJZ4sntHuDoz8x2m-gkt1R5v6G-80MreuPSh9KGbyQu3bkTC9fY4S0QS75VvKATOYlB7Twz...
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=7aa71613-bf07-475b-830b-fb8bf3aa1327
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_uid=7aa71613-bf07-475b-830b-fb8bf3aa1327
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=20ed1d6f-a0a1-4ef7-b6f9-d948c764f698&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI5JoWMV-7PJZ4sntHuDoz8x2m-gkt1R5v6G-80MreuPSh9KGbyQu3bkTC9fY4S0QS75VvKATOYlB7TwzOGVh8fGrPyRw&google_hm=eqcWE78HR1uDC_uL86oTJw==
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPI5JoWMV-7PJZ4sntHuDoz8x2m-gkt1R5v6G-80MreuPSh9KGbyQu3bkTC9fY4S0QS75VvKATOYlB7TwzOGVh8fGrPyRw&google_hm=eqcWE78HR1uDC_uL86oTJw==&...
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_error=3

43 B
145 B

33ms
33ms

Image
image/gif

52.59.115.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_error=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.115.28 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-115-28.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 274
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame A8F8
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j8TS4n2fTeS-JmAytviC6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j8TS4n2fTeS-JmAytviC6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&p=156578&mpc=4&fp=1&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156578%26sc%3D1&google_error=3
https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:4cf76151-d81d-4000-a512-e9d34669c5e6&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6282211392932163713
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=91e5044f-5df7-4a65-b60c-01f76a9ed948
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&google_error=3
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156578&sc=1

0
48 B

54ms
53ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?p=156578&sc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?p=156578&sc=1
date: Mon, 27 Sep 2021 14:41:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 82
content-type: text/html; charset=utf-8

GET
H2

204

-
s.ad.smaato.net/c/n/// Frame A8F8
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEKRoRUJoPtkaBngJdVFvDnQ&google_cver=1&google_push=AYg5qPLJL30lBFbRE8uV2_E-VF1DZKidE7cm4Ajhc15b3cmaSVAdZwpzT1udf2-Mc1aJBtjts-HaYz_g3Ffkfil-...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLJL30lBFbRE8uV2_E-VF1DZKidE7cm4Ajhc15b3cmaSVAdZwpzT1udf2-Mc1aJBtjts-HaYz_g3Ffkfil-ZUkRK1NNUeM
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLJL30lBFbRE8uV2_E-VF1DZKidE7cm4Ajhc15b3cmaSVAdZwpzT1udf2-Mc1aJBtjts-HaYz_g3Ffkfil-ZUkRK1NNUeM&google_tc=
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_error=3

0
240 B

8ms
8ms

Image
text/plain

2600:9000:2156:de00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_error=3
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:de00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Eb06dSPMzzRk4oOyn6dtLMDSQaRbEkeBYmFBLjNqS2KAJ6b6Z09JiA==
x-cache: FunctionGeneratedResponse from cloudfront

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.ad.smaato.net/c/n///-?adNetInit=g&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 259
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ebda
eb2.3lift.com/ Frame A8F8
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGwdCwTMv3LXp_4Dm0OIFgg&google_cver=1&google_push=AYg5qPLcGzypUowSWOxF8mNlidSvWpfUANGe2jcLDvEv6pa6IBG3smj31ZQFnyHGnoRtbIclbhsuiJzut3qrVuOZ1xuSmdzijMA
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPLcGzypUowSWOxF8mNlidSvWpfUANGe2jcLDvEv6pa6IBG3smj31ZQFnyHGnoRtbIclbhsuiJzut3qrVuOZ1xuSmdzijMA&googl...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY5NzUxNjM3NDUyMzg5MzgxMTE%3D&google_push=AYg5qPLcGzypUowSWOxF8mNlidSvWpfUANGe2jcLDvEv6pa6IBG3smj31ZQFny...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY5NzUxNjM3NDUyMzg5MzgxMTE%3D&google_push=AYg5qPLcGzypUowSWOxF8mNlidSvWpfUANGe2jcLDvEv6pa6IBG3smj31ZQFny...
https://eb2.3lift.com/ebda?gdpr=1&gdpr_consent=&google_error=3

37 B
139 B

9ms
8ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=1&gdpr_consent=&google_error=3
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/ebda?gdpr=1&gdpr_consent=&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 267
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

v1
match.sharethrough.com/sync/ Frame A8F8
Redirect Chain

https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEJoxjdCqEikM7wy4FfrHohM&google_cver=1&google_push=AYg5qPL073XGlwBu5eTTuAiycV4MNJ1XS6j06gxssctykH8PwKXqSzkG6YUeR2cGqJjbF1ZH8tMVtwgWsvF2pUYje...
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTBlNmU4YmItYmQxYS00NGY0LWI3MzMtOWVkYmVlMmI5OWM5&google_push=AYg5qPL073XGlwBu5eTTuAiycV4MNJ1XS6j06gxssctykH8PwKXqSzkG6YUeR2cG...
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=NTBlNmU4YmItYmQxYS00NGY0LWI3MzMtOWVkYmVlMmI5OWM5&google_push=AYg5qPL073XGlwBu5eTTuAiycV4MNJ1XS6j06gxssctykH8PwKXqSzkG6YUeR2cG...
https://match.sharethrough.com/sync/v1?google_error=3

68 B
262 B

12ms
12ms

Image
image/png

3.126.175.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?google_error=3
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.175.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-175-244.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://match.sharethrough.com/sync/v1?google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A8F8 0
15 B 39ms
39ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KydC9l1bLAwnZUeS3odH5xkMlZVVFtqg-PHas9uuL7LotJNMKR8m7U2Ejl0DmCPM4HD2n32g

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK stat Show response
stat.meetrics.net/ Frame DBB0 82 B
351 B 89ms
13ms Script
application/javascript 5.9.116.173
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.meetrics.net/stat
Requested by: Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.9.116.173 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h373.meetrics.de
Software: nginx /
Resource Hash: 79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:33 GMT
Cache-Control: private, no-cache, must-revalidate
Last-Modified: Mon, 27 Sep 2021 14:41:01 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK gettag Show response
s79.research.de.com/bb-mxad/ Frame DBB0 0
208 B 66ms
11ms Script
application/octet-stream 5.9.119.17
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s79.research.de.com/bb-mxad/gettag
Requested by: Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.9.119.17 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h361.meetrics.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:33 GMT
Cache-control: private,must-revalidate
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/octet-stream

GET
H/1.1 200
OK submit
b26.s79.research.de.com/bb-mx/ Frame DBB0 43 B
291 B 66ms
13ms Image
image/gif 136.243.3.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b26.s79.research.de.com/bb-mx/submit?/zsFmBjAAA/whFtBo0F0wFz6BvvAh5B5kEzhEw1AlyB0mEj2B30A3yA0jE22A0mEkzB1lE2yAliFuzEhmFlmFyhFtlFunEvvFnsFlzF5uFkpFjhF0pFvuFujEvtFvzEhmFlmFyhFtlFvxAtwAtzA4vAo0FtsFvjEvuF0hFpuFlyFuoE0tFsBF6pyFo0F0wFz6BvvA33F3uBohF30FjlFslFizFujEvtFvBE+k2FoywAyxAtwA5tAy3AtwA46A13AtyAywA0zA0tAyuAxyAyuA4tAz0Ax3A3lE5zAKp6Fsp3Fx2AzyA31Az2A5yA0wAyBEjwtFuvFulFnqnFluFtVETsBluFLlnFB/k0FsBxgAwqFpkF9yAywA0zA0mAhkFj9B53A14Az2A2mAjwFpkF9yA2zA1yA3yA3mAzpF0lF91A51Ay3Az5AmwEshFjlF9zAxyA00A44Aw2AmjEpkF9xA12A2wA30Aw2AmzEp6Fl9B3yA44E5wAmjEi9By5A43Aw1A25A20AL2wFBLl1FC/2xF3CylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgBluFnpFulFfjFoyFvtFlfF5wAg3EpuFkvF3fF3lFirFp0Fz0FvyFhnFlpFumFvgB3pFukFv3Ff3FliFrpF0jFhuFjlFshFupFthF0pFvuFmyFhtFlgB3pFukFv3Ff3FliFrpF0yFlxF1lFz0FhuFptFh0FpvFumFyhFtlFgjEzzFf3FliFrpF0gBjwF1fF0gAyhFtfF4gAthF4fFluFnpFulFf5BwBEUkzFpBFAAAAAAAQkBkBAPAAAAAAAAAOAAAAGBAAAAAAQkBkBABPBAAAAAAAAB+xXAZHAAFAx8Ez8ExBEFA53A0wA2BErIvhAPBAAFAA+xXTIvhASksF5EbAAAAAAAAAAAAEAAA+xXAAAAAAAIAy2Az1Ay3Ay3AJAzxAy0A04A4wA2BEHA15A1yA3zA5BEGA3yA44E5wAJAx1A22Aw3A0wA2BEHA53A14Az2A2BEdUCAFAAYLAaBAFAAAIvhAAAfBo0F0wFz6BvvAzwBuyAtkFuuBulF0vB53A14Az2A2vAx2Ay5A54Az5A1wAyxAxvAxzAtJEXFFtFEkpF0pFvuFzwAtMElhFklFyiFvhFykFt3Ay4A45BwtApSFhuFnlFvpEukFl4FuoE0tFsBFCATCFAAAAAAAAAAAAAAGAJGFSBFNFFQtjFJFv9VA
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.3.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h224.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:33 GMT
Server: nginx
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Mon, 27 Sep 2021 14:41:32 GMT

GET
H/1.1 200
OK data
b26.s79.research.de.com/ Frame DBB0 43 B
308 B 64ms
11ms Image
image/gif 136.243.3.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b26.s79.research.de.com/data?/zsFmCkAAAl2yFuvFfhFwpFLktFDTkzFARksFAQtjF9jVNSA
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.3.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h224.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:33 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 27-Sep-21 14:41:32 GMT

GET
H/1.1 200
OK stat Show response
stat.meetrics.net/ Frame 4847 82 B
351 B 39ms
11ms Script
application/javascript 5.9.116.173
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.meetrics.net/stat
Requested by: Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.9.116.173 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h373.meetrics.de
Software: nginx /
Resource Hash: 79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:33 GMT
Cache-Control: private, no-cache, must-revalidate
Last-Modified: Mon, 27 Sep 2021 14:41:01 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK gettag Show response
s79.research.de.com/bb-mxad/ Frame 4847 0
208 B 36ms
12ms Script
application/octet-stream 5.9.119.17
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s79.research.de.com/bb-mxad/gettag
Requested by: Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.9.119.17 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h361.meetrics.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:33 GMT
Cache-control: private,must-revalidate
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/octet-stream

GET
H/1.1 200
OK submit
b24.s79.research.de.com/bb-mx/ Frame 4847 43 B
291 B 64ms
13ms Image
image/gif 148.251.247.207
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b24.s79.research.de.com/bb-mx/submit?/aFsMBTAAA/whFtBo0F0wFz6BvvAh5B5kEzhEw1AlyB0mEj2B30A3yA0jE22A0mEkzB1lE2yAliFuzEhmFlmFyhFtlFunEvvFnsFlzF5uFkpFjhF0pFvuFujEvtFvzEhmFlmFyhFtlFvxAtwAtzA4vAo0FtsFvjEvuF0hFpuFlyFuoE0tFsBF6pyFo0F0wFz6BvvA33F3uBohF30FjlFslFizFujEvtFvBE+k2FoywAyxAtwA5tAy3AtwA46A13AtyAywA0zA0tAyuAxyAyuA4tAz0Ax3A3lE5zAKp6Fsp3Fx2AzyA31Az2A5yAz4A3BEjwtFuvFulFnqnFluFtVETsBluFLlnFB/k0FsBxgAwqFpkF9yAywA0zA0mAhkFj9B53A14Az2A2mAjwFpkF9yA2zA1yA3yA3mAzpF0lF91A51Ay3Az5AmwEshFjlF9zAxyA2yAz4A33AmjEpkF9xA13Aw3A2wA50AmzEp6Fl9B3yA44E5wAmjEi9By5A14A43A21A13AL2wFBLl1FC/2xF3CylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgBluFnpFulFfjFoyFvtFlfF5wAg3EpuFkvF3fF3lFirFp0Fz0FvyFhnFlpFumFvgB3pFukFv3Ff3FliFrpF0jFhuFjlFshFupFthF0pFvuFmyFhtFlgB3pFukFv3Ff3FliFrpF0yFlxF1lFz0FhuFptFh0FpvFumFyhFtlFgjEzzFf3FliFrpF0gBjwF1fF0gAyhFtfF4gAthF4fFluFnpFulFf5BwBEUkzFpBFAAAAAAAQkBkBAPAAAAAAAAAOAAAAGBAAAAAAQkBkBABPAAAAAAAAABdNlAZFAAFAx8Ez8ExBEGAx1Ay0AxzArNTzAPBAAFAAdNlTNTzASksF5EbAAAAAAAAAAAAEAAAdNlAAAAAAAIAy2Az1Ay3Ay3AJAzxAy2AyzA43A3BEHA15A1yA3zA5BEGA3yA44E5wAJAx1A3wA32Aw5A0BEHA53A14Az2A2BEdUCAFAAYLAaBAFAAANTzAAAfBo0F0wFz6BvvAzwBuyAtkFuuBulF0vB53A14Az2A2vAx2AzwA0yA2xAxxAz5AwvAxzAtJEXFFtFEkpF0pFvuFzwAtMElhFklFyiFvhFykFt3Ay4A45BwtApSFhuFnlFvpEukFl4FuoE0tFsBFCATCFAAAAAAAAAAAAAAGAJGFSBFNFFQtjFWVa/VA
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.247.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h366.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:33 GMT
Server: nginx
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Mon, 27 Sep 2021 14:41:32 GMT

GET
H/1.1 200
OK data
b24.s79.research.de.com/ Frame 4847 43 B
308 B 61ms
12ms Image
image/gif 148.251.247.207
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b24.s79.research.de.com/data?/aFsMCTAAAl2yFuvFfhFwpFLktFDTkzFARksFAQtjF3eVNSA
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.247.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h366.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:33 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 27-Sep-21 14:41:32 GMT

GET
H2 200 Enabler_01_246.js Show response
s0.2mdn.net/879366/ Frame 94CB 116 KB
39 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61707552/20210720070806802/300x050.html?e=69&leftOffset=0&topOffset=0&c=M0PVzBjkE9&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61707552/20210720070806802/300x050.html?e=69&leftOffset=0&topOffset=0&c=M0PVzBjkE9&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:27:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15258
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40237
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 10:27:15 GMT

GET
H2 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 94CB 60 KB
24 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61707552/20210720070806802/300x050.html?e=69&leftOffset=0&topOffset=0&c=M0PVzBjkE9&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61707552/20210720070806802/300x050.html?e=69&leftOffset=0&topOffset=0&c=M0PVzBjkE9&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Sep 2021 14:41:33 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 3239 35 B
362 B 19ms
13ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEA4IuaODqbbQ39cfDDQ-AqI&google_cver=1&google_push=AYg5qPI7oepaI7VS0-7B7R0jAXrRNr3zS2ltj1x4pAIiv7gggy3CCLwWDD8t6Z_dQUkMYuLMYZnDq6m2Sn7dxT2dJr6_u-wzGMDcbw

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 3239 70 B
264 B 37ms
31ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEN6zEyO1o0tyFNKQVIlBk04&google_cver=1&google_push=AYg5qPJt8UedBPLML_hKU5ZMV5qejoWpZWnOFd17kC3t3iK8iPvaKRtZQW8c4vlBdBffSk0z_qeqXrYCFJXT74oWUPXpA1fIzZyYWQ
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

204

adx
pr-bh.ybp.yahoo.com/sync/ Frame 3239
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJJe-OjCxwyCergKJ653Pok&google_cver=1&google_push=AYg5qPJT2W_DR6mkog7wK3HEBoLSR0DxFIyqOIXgQfuPxGyytPOEJoxKX8gDqXRL0WZur5416LVDyFK5iFv1DwHvOTBLiqo...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJT2W_DR6mkog7wK3HEBoLSR0DxFIyqOIXgQfuPxGyytPOEJoxKX8gDqXRL0WZur5416LVDyFK5iFv1DwHvOTBLiqoOCBvvpw&google_hm=NzM5NzcxMDI1NzQ4MDI2...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPJT2W_DR6mkog7wK3HEBoLSR0DxFIyqOIXgQfuPxGyytPOEJoxKX8gDqXRL0WZur5416LVDyFK5iFv1DwHvOTBLiqoOCBvvpw&google_hm=NzM5NzcxMDI1NzQ4MDI2...
https://pr-bh.ybp.yahoo.com/sync/adx?google_error=3

0
34 B

33ms
33ms

Image
text/plain

2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/adx?google_error=3

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pr-bh.ybp.yahoo.com/sync/adx?google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 3239 43 B
135 B 20ms
16ms Image
image/gif 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESECzEU1w3FUWTEDtymQZV9O0&google_cver=1&google_push=AYg5qPKGgpgNUxe2GWxKajl8IvL7xMl7gp0arPKZc5fN-CshdNEye8NFOOAIt9fVKrp5NLml-sh7cl_hkZilzGLvz1IeuAPQsvN8

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 14:41:33 GMT

GET
H2

403

/
c1.adform.net/serving/cookie/match/ Frame 3239
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAZWGbSBeNyYC-KcWfEUNf8&google_cver=1&google_push=AYg5qPKSFrrIwU5zDSS73O3nUY4wUJyD8O12xrW5u68cx6qQJEB3jYuWJ8Div2bTJ0_OLGLJAbSm80qs...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAZWGbSBeNyYC-KcWfEUNf8&google_cver=1&google_push=AYg5qPKSFrrIwU5zDSS73O3nUY4wUJyD8O12xrW5u68cx6qQJEB3jYuWJ8Div2bTJ0_OLGLJAbS...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI4MjIxMTM5MjkzMjE2MzcxMw&google_push=AYg5qPKSFrrIwU5zDSS73O3nUY4wUJyD8O12xrW5u68cx6qQJEB3jYuWJ8Div2bTJ0_OLGLJAbSm80...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjI4MjIxMTM5MjkzMjE2MzcxMw&google_push=AYg5qPKSFrrIwU5zDSS73O3nUY4wUJyD8O12xrW5u68cx6qQJEB3jYuWJ8Div2bTJ0_OLGLJAbSm80...
https://c1.adform.net/serving/cookie/match/?google_error=3

0
330 B

22ms
22ms

Image
text/plain

37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?google_error=3

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://c1.adform.net/serving/cookie/match/?google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3239
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEG6SyJ71zBD1f99jg42GjaU&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVHYHMsF6hLiJXr1KpJ1sQAABE8AAAIB&google_push=AYg5qPJHnj8cx1mHDdtFISSVuYmn4A68zNffRIzkrnU79PM7Oh4EeKuET8w6wNclgpdNAHB4R-32lNvf5dQH0Bx8Th...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVHYHMsF6hLiJXr1KpJ1sQAABE8AAAIB&google_push=AYg5qPJHnj8cx1mHDdtFISSVuYmn4A68zNffRIzkrnU79PM7Oh4EeKuET8w6wNclgpdNAHB4R-32lNvf5dQH0Bx8Th...

170 B
195 B

24ms
23ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVHYHMsF6hLiJXr1KpJ1sQAABE8AAAIB&google_push=AYg5qPJHnj8cx1mHDdtFISSVuYmn4A68zNffRIzkrnU79PM7Oh4EeKuET8w6wNclgpdNAHB4R-32lNvf5dQH0Bx8The9_NOhofAEBA&google_cver=1&google_gid=CAESEG6SyJ71zBD1f99jg42GjaU&google_tc=

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YVHYHMsF6hLiJXr1KpJ1sQAABE8AAAIB&google_push=AYg5qPJHnj8cx1mHDdtFISSVuYmn4A68zNffRIzkrnU79PM7Oh4EeKuET8w6wNclgpdNAHB4R-32lNvf5dQH0Bx8The9_NOhofAEBA&google_cver=1&google_gid=CAESEG6SyJ71zBD1f99jg42GjaU&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 490
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame 3239
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEAd9YMbCeXMRdQOrDQtSEgE&google_cver=1&google_push=AYg5qPIrjxmmKmgCjgTqw8vkG25dKcihfVY55bEN4pd9f0fLBKhkzENyKj4Ngyz631IGsHz-A9IspxHZDSbZYd_WT1i2Un-...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPIrjxmmKmgCjgTqw8vkG25dKcihfVY55bEN4pd9f0fLBKhkzENyKj4Ngyz631IGsHz-A9IspxHZDSbZYd_WT1i2Un-8uIVF0W0&google_hm=ODMwNjU2...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPIrjxmmKmgCjgTqw8vkG25dKcihfVY55bEN4pd9f0fLBKhkzENyKj4Ngyz631IGsHz-A9IspxHZDSbZYd_WT1i2Un-8uIVF0W0&google_hm=ODMwNjU2...
https://a.rfihub.com/cm?pub=445&google_error=3

42 B
883 B

19ms
19ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&google_error=3
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:33 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.rfihub.com/cm?pub=445&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3239 0
15 B 21ms
18ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LO3vqHU9S-2ezzx8_pDAvlq3KIk6HRgnyDBoBe14bKunL50R8eZYIojgvLofnh34X2rwEOPg

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0172 41 KB
15 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15925
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 27 Sep 2022 10:16:08 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0581 1 KB
787 B 7ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 27 Sep 2021 08:58:57 GMT
expires: Tue, 28 Sep 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 20556
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0172 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d64c84e681853cafa6cc6013dc532f12ae1054a6d561417e7c89d769fd42dfc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 909F 0
23 B 44ms
44ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 14:41:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 85F8 0
23 B 46ms
45ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 14:41:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dt
dt.adsafeprotected.com/ Frame ED97 43 B
215 B 93ms
93ms Image
image/gif 3.212.141.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=783646&asId=70d1aa1f-585c-b93b-929f-b574a3fe684a&tv=%7Bc:pqtjQg,time:1226,type:e,im:%7Bpci:%7Btdr:536%7D%7D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1226,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1220~0%5D,as:%5B1220~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:337,fm:sKdS65k+11%7C12%7C13*.783646-56311260%7C131%7C1321%7C14,idMap:13*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.141.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-141-148.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
x-server-name: dt25.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK stat Show response
stat.meetrics.net/ Frame 0172 82 B
351 B 15ms
14ms Script
application/javascript 5.9.116.173
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.meetrics.net/stat
Requested by: Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.9.116.173 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h373.meetrics.de
Software: nginx /
Resource Hash: 79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:33 GMT
Cache-Control: private, no-cache, must-revalidate
Last-Modified: Mon, 27 Sep 2021 14:41:01 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK gettag Show response
s79.research.de.com/bb-mxad/ Frame 0172 0
208 B 12ms
12ms Script
application/octet-stream 5.9.119.17
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s79.research.de.com/bb-mxad/gettag
Requested by: Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 5.9.119.17 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h361.meetrics.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:33 GMT
Cache-control: private,must-revalidate
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/octet-stream

GET
H/1.1 200
OK submit
b199.s79.research.de.com/bb-mx/ Frame 0172 43 B
291 B 75ms
15ms Image
image/gif 136.243.6.97
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b199.s79.research.de.com/bb-mx/submit?/9DpQBPAAA/whFtBo0F0wFz6BvvAh5B5kEzhEw1AlyB0mEj2B30A3yA0jE22A0mEkzB1lE2yAliFuzEhmFlmFyhFtlFunEvvFnsFlzF5uFkpFjhF0pFvuFujEvtFvzEhmFlmFyhFtlFvxAtwAtzA4vAo0FtsFvjEvuF0hFpuFlyFuoE0tFsBF6pyFo0F0wFz6BvvA33F3uBohF30FjlFslFizFujEvtFvBE+k2FoywAyxAtwA5tAy3AtwA46A13AtyAywA0zA0tAyuAxyAyuA4tAz0Ax3A3lE5zAKp6Fsp3Fx2AzyA31Az2A5yA11AxBEjwtFuvFulFnqnFluFtVETsBluFL2wFBLl1FC/2xF3CylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgBluFnpFulFfjFoyFvtFlfF5wAg3EpuFkvF3fF3lFirFp0Fz0FvyFhnFlpFumFvgB3pFukFv3Ff3FliFrpF0jFhuFjlFshFupFthF0pFvuFmyFhtFlgB3pFukFv3Ff3FliFrpF0yFlxF1lFz0FhuFptFh0FpvFumFyhFtlFgjEzzFf3FliFrpF0gBjwF1fF0gAyhFtfF4gAthF4fFluFnpFulFf5BwBELlnFB/k0FsBxgAwqFpkF9yAywA0zA0mAhkFj9B53A14Az2A2mAjwFpkF9yA2zA1yA3yA3mAzpF0lF91A51Ay3Az5AmwEshFjlF9zAxyA2yAz4A12AmjEpkF9xA13Aw3A2xAwwAmzEp6Fl9BzwAw4E2wAwmAjiF9yAyzA1wA52A54AUkzFpBFAAAAAAsEYJYJAPAAAAAAAAAOAAAAGBAAAAAsEYJYJABPKAAAAAAAAB83JAZEAAFAx8Ez8ExBEFA0wA00A0BErki/APAAAFAA83JTki/ASksF5EbAAAAAAAAAAAAEAAA83JAAAAAAAIAy2Az1Ay3Ay3AJAzxAy2AyzA41A2BEHA15A1yA3zA5BEHAzwAw4E2wAwBEJAx1A3wA32AxwAwBEHA53A14Az2A2BEdAAAAAAsEAYJAFAAAki/AAAdBo0F0wFz6BvvAzwBuyAtkFuuBulF0vB53A14Az2A2vAx2AzwA0yA2xAx2A25AxvAx1AtJEXFFtFEkpF0pFvuFzwAtIEhsFmQFhnFltBzwAw4E2wAwtApSFhuFnlFvpEukFl4FuoE0tFsBFCAIQFAAAAAAAAAAAAAAGAJGFSBFNFFQtjFWyc9VA
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.6.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h243.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:33 GMT
Server: nginx
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Mon, 27 Sep 2021 14:41:32 GMT

GET
H/1.1 200
OK data
b199.s79.research.de.com/ Frame 0172 43 B
308 B 74ms
14ms Image
image/gif 136.243.6.97
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b199.s79.research.de.com/data?/9DpQCQAAAl2yFuvFfhFwpFLktFDTkzFARksFAQtjFUdVNSA
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.6.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h243.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:33 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 27-Sep-21 14:41:32 GMT

GET
H2 200 txt1@2x.png
s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/ Frame 1FC4 2 KB
2 KB 16ms
14ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/txt1@2x.png

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4e89432e01fa3882f7afd886f4d3f60b1c4c63013700126f44b1fdeace470b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 17:59:12 GMT
x-content-type-options: nosniff
age: 74541
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2158
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 13:19:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Sep 2021 17:59:12 GMT

GET
H2 200 30_jahre_logo@2x.png
s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/ Frame 1FC4 2 KB
2 KB 12ms
10ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/30_jahre_logo@2x.png

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf45bc6e2a70366857af3a8c7e18d2fda5d2d4198073030ba0fc8401e1a3208d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 09:07:30 GMT
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 13:19:10 GMT
server: sffe
age: 20043
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1617
x-xss-protection: 0
expires: Tue, 28 Sep 2021 09:07:30 GMT

GET
H2 200 logo.svg
s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/ Frame 1FC4 2 KB
1 KB 12ms
11ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/logo.svg

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 13:47:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3252
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 13:19:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 13:47:21 GMT

GET
H2 200 bg1@2x.jpg
s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/ Frame 1FC4 24 KB
24 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/bg1@2x.jpg

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d22a727dcf93cbaf4b41b20e8aad37d984e7c6ee1bfb467d20a30777809e4c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 06:55:57 GMT
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 13:19:10 GMT
server: sffe
age: 27936
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24416
x-xss-protection: 0
expires: Tue, 28 Sep 2021 06:55:57 GMT

GET
H2 200 WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js Show response
pagead2.googlesyndication.com/bg/ Frame EA18 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13388
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 27 Sep 2022 10:05:51 GMT

GET
H2 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9B3D 60 KB
24 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Sep 2021 14:41:33 GMT

GET
H2 200 script.js Show response
s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/js/ Frame 9B3D 3 KB
964 B 10ms
10ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/js/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e98915145910070b67d618a37269dfb766e0b648809a9cbd4127b6fc913de7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 06:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27922
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 835
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 16:08:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 06:56:11 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ED97 42 B
174 B 36ms
36ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssSJ9pB0sdPCbaBnNz-WVOtRCjYpMg0MrH--MaYB4JFdTEshex-A8O7hpq1ohxSI_vNUbPQys7dEkDz6njC8Zwtt458ei6toTRXHQJdnDxYiczucwDFAA&sai=AMfl-YTfs7ehUGka6_yUE6iPFjQV2kMCwPvLBFcBKVyjrCRE13tqgufLbgrIWapBXe1m75jMIDwGcAhqRhQl-s_S7GI81uDdewYDUw2Qf9DbMcatteUc3_nazBMj2WY&sig=Cg0ArKJSzONdVjoBqax7EAE&cid=CAASEuRoSxbQ8ZIg3QmrIsnPbBi5mQ&id=lidar2&mcvt=1084&p=164,391,204,432&asp=246,391,286,432&mtos=1084,1084,1084,1084,1084&tos=1084,0,0,0,0&v=20210922&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1836524711&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1632753691548&rpt=806&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK data
b26.s79.research.de.com/ Frame DBB0 43 B
308 B 13ms
13ms Image
image/gif 136.243.3.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b26.s79.research.de.com/data?/zsFmDuEAA5rvFo0F0wFz6BvvA33F3uBohF30FjlFslFizFujEvtFLruFBLkqFFlqwFyyAw0Az0A/k0FsBxgAwqFpkF9yAywA0zA0mAhkFj9B53A14Az2A2mAjwFpkF9yA2zA1yA3yA3mAzpF0lF91A51Ay3Az5AmwEshFjlF9zAxyA00A44Aw2AmjEpkF9xA12A2wA30Aw2AmzEp6Fl9B3yA44E5wAmjEi9By5A43Aw1A25A20AlqwFyyAw0Az0ALkmFBTkzFkQ1DAAAAAAAYAAAA/DAQAAAAAAAAAXAAAA/DARksFAQtjFc7MbSA
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.3.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h224.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:33 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 27-Sep-21 14:41:32 GMT

GET
H2 200 PP_Display_Ad_0_Percent_Campaign_2021_300x250_01_atlas_1.png
s0.2mdn.net/8264868/1630000993483/images/ Frame 4B58 88 KB
88 KB 11ms
10ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/8264868/1630000993483/images/PP_Display_Ad_0_Percent_Campaign_2021_300x250_01_atlas_1.png?1629879468698

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

497cb4889512202d42b3a200f4a395616c00c8db7e6600f33ffd9c0d259d078d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/8264868/1630000993483/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:50:25 GMT
x-content-type-options: nosniff
age: 13868
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89883
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 18:03:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 10:50:25 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9A3F 0
23 B 44ms
43ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 14:41:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dt
dt.adsafeprotected.com/ Frame ED97 43 B
215 B 99ms
99ms Image
image/gif 3.212.141.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=783646&asId=70d1aa1f-585c-b93b-929f-b574a3fe684a&tv=%7Bc:pqtjT7,pingTime:-10,time:1403,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85My4wLjQ1NzcuNjMgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1632753693500%7C%7Cb53c3db0c7b3593c22280ceba321d398%7C%7Cc7e7172c7781b034963ef5178f1479dd%7C%7C9c82882539498836a8967ae08afae0f0%7C%7C22e65ca38de28e8290b0a77a931f36a0%7C%7Cf4e2c8a8be8f11c13428b72b0e5210b6%7C%7C42a13635a565124f8fb2851c10313d94%7C%7C4993789722882919c562a4e0b601ea09%7C%7C1629390669%7D
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.141.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-141-148.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
x-server-name: dt36.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK data
b24.s79.research.de.com/ Frame 4847 43 B
308 B 11ms
11ms Image
image/gif 148.251.247.207
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b24.s79.research.de.com/data?/aFsMDpEAA5rvFo0F0wFz6BvvA33F3uBohF30FjlFslFizFujEvtFLruFBLkqFFlqwFyyAw0Az0AL2vFB/k0FsBxgAwqFpkF9yAywA0zA0mAhkFj9B53A14Az2A2mAjwFpkF9yA2zA1yA3yA3mAzpF0lF91A51Ay3Az5AmwEshFjlF9zAxyA2yAz4A33AmjEpkF9xA13Aw3A2wA50AmzEp6Fl9B3yA44E5wAmjEi9By5A14A43A21A13AlqwFyyAw0Az0ALkmFBTkzFkQJEAAAAAQAYAAAAQEAQAAAAAAkBAXAAAAQEARksFAQtjFO70bSA
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.247.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h366.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:33 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 27-Sep-21 14:41:32 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 258D 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 27 Sep 2021 10:27:15 GMT
expires: Tue, 27 Sep 2022 10:27:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 15258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame CEA0 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 16:31:43 GMT
x-content-type-options: nosniff
age: 425390
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Sep 2022 16:31:43 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 63E1 0
23 B 52ms
51ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 14:41:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 63E1 0
59 B 29ms
28ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?v=3&s=pagead&action=load3pas&it=fb.274,e2e.1527,fs.-1632753692024,reqs.-1632753692024,ress.-1632753692024,rese.273&e=&id=csi_pagead&gqid=&qqid=CI7_yL6xn_MCFSWE_QcdQWgC5Q&rt=lb.233,ol.1253

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js Show response
pagead2.googlesyndication.com/bg/ Frame 3BD7 35 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13388
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 27 Sep 2022 10:05:51 GMT

GET
H2 200 WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js Show response
pagead2.googlesyndication.com/bg/ Frame 1881 35 KB
13 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13388
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 27 Sep 2022 10:05:51 GMT

GET
H2 200 WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js Show response
pagead2.googlesyndication.com/bg/ Frame F457 35 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13388
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 27 Sep 2022 10:05:51 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 03E0 0
103 B 17ms
15ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHpS7llkKQMAV0_DrgrYoCo&google_cver=1&google_push=AYg5qPLcwc6CHIO2fIPIkEBDMHYsj1-6rCFM937tTuGt9RlXUlw91xTxeh32NcTd3RPZhP3QgGso9IUJwZj5qpi-gnByO0IiyRu4xw
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 03E0 70 B
264 B 31ms
30ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEN6zEyO1o0tyFNKQVIlBk04&google_cver=1&google_push=AYg5qPL4GgkKFNHVavMk_2cvuiA32Dt6S3f-yBlmaJeIA1giapIrtM8Xan1N5drGUc8HlGMXmXMdeyA1NpX3sw7agX7H0XNimWAezg
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

adxSyncDone
tracking.m6r.eu/sync/ Frame 03E0
Redirect Chain

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEEBeZThE0PwWdWaqrgeEY2w&google_cver=1&google_push=AYg5qPIhne7GKUjbRRbrDeqlNBmWyxdDrXu5ujWtCYXc0hrs0hXP-EQ8N8WJ5...
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEEBeZThE0PwWdWaqrgeEY2w&google_cver=1&google_push=AYg5qPIhne7GKUjbRRbrDeqlNBmWyxdDrXu5ujWtCYXc0hrs0hXP-EQ8N8WJ5...
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=tc1xJOiY5GmJfAJVvASoTg&google_push=AYg5qPIhne7GKUjbRRbrDeqlNBmWyxdDrXu5ujWtCYXc0hrs0hXP-EQ8N8WJ5toOxJntJo_LqBV9EP5oJ...
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=tc1xJOiY5GmJfAJVvASoTg&google_push=AYg5qPIhne7GKUjbRRbrDeqlNBmWyxdDrXu5ujWtCYXc0hrs0hXP-EQ8N8WJ5toOxJntJo_LqBV9EP5oJ...
https://tracking.m6r.eu/sync/adxSyncDone?gdprFallback=true&google_error=3

44 B
413 B

162ms
105ms

Image
image/gif

72.251.244.142
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tracking.m6r.eu/sync/adxSyncDone?gdprFallback=true&google_error=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 72.251.244.142 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 821e2efd660f6b759d561cd5cd194670e51ecebcbc06055cdcbebcd91ec94a56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:34 GMT
cache-control: no-cache
Server: nginx
Connection: close
Content-Type: image/gif
Content-Length: 44
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://tracking.m6r.eu/sync/adxSyncDone?gdprFallback=true&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 274
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 03E0 43 B
123 B 19ms
17ms Image
image/gif 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESECzEU1w3FUWTEDtymQZV9O0&google_cver=1&google_push=AYg5qPIRMBWkrqG9h8aHKnAeo7alCAKXA6mDTZEAod3QA1wUMMCQaF1scpd-gk73Sh2f-qY5vehGNo1VvyLC5FQGdn9KSnGXnRpMbA

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 14:41:33 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 03E0
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j8TS4n2fTeS-JmAytviC6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=j8TS4n2fTeS-JmAytviC6A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&p=156578&mpc=4&fp=1&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156578%26sc%3D1&google_error=3
https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6282211392932163713
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=91e5044f-5df7-4a65-b60c-01f76a9ed948
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&google_error=3
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156578&sc=1

0
128 B

56ms
56ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?p=156578&sc=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?p=156578&sc=1
date: Mon, 27 Sep 2021 14:41:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 82
content-type: text/html; charset=utf-8

GET
H2

200

match
match.360yield.com/ Frame 03E0
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEEO6Jr9rscKEpQ4QduDYofU&google_cver=1&google_push=AYg5qPKXufS0H2E2SDq6RFKyJTLKKNw3cvU0HNgZNXnvAz9k5q1y9nYq432jTfRbbXngACAhX5V6ZkrEJXMxImsDpsBtzI...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEEO6Jr9rscKEpQ4QduDYofU&google_cver=1&google_push=AYg5qPKXufS0H2E2SDq6RFKyJTLKKNw3cvU0HNgZNXnvAz9k5q1y9nYq432jTfRbbXngACAhX5V6ZkrEJXMxImsD...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=S7dpENw7RiuSx5_tma_gfA&google_push=AYg5qPKXufS0H2E2SDq6RFKyJTLKKNw3cvU0HNgZNXnvAz9k5q1y9nYq432jTfRbbXngACAhX5V6ZkrEJXMxIms...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=S7dpENw7RiuSx5_tma_gfA&google_push=AYg5qPKXufS0H2E2SDq6RFKyJTLKKNw3cvU0HNgZNXnvAz9k5q1y9nYq432jTfRbbXngACAhX5V6ZkrEJXMxIms...
https://match.360yield.com/match?google_error=3

43 B
198 B

39ms
38ms

Image
image/gif

3.64.197.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match?google_error=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.197.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-197-25.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 27 Sep 2021 14:41:34 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://match.360yield.com/match?google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ggl
ads.avads.net/report/ Frame 03E0
Redirect Chain

https://ads.avads.net/sync/ggl?google_gid=CAESEKZzgOB56e-yxgcsPCusEvc&google_cver=1&google_push=AYg5qPIXxmyj8m7hg7glbHvLjTul8cFFgnZ_zG1qwDZ689zoGB5mOyL-jKa4GWiGV3XU6g1TsrFcRzyd4UImDiYyy41-fOvCbUyIQ54
https://ads.avads.net/sync/ggl?google_gid=CAESEKZzgOB56e-yxgcsPCusEvc&google_cver=1&google_push=AYg5qPIXxmyj8m7hg7glbHvLjTul8cFFgnZ_zG1qwDZ689zoGB5mOyL-jKa4GWiGV3XU6g1TsrFcRzyd4UImDiYyy41-fOvCbUyIQ...
https://ads.avads.net/sync/ggl?google_gid=CAESEKZzgOB56e-yxgcsPCusEvc&google_cver=1&google_push=AYg5qPIXxmyj8m7hg7glbHvLjTul8cFFgnZ_zG1qwDZ689zoGB5mOyL-jKa4GWiGV3XU6g1TsrFcRzyd4UImDiYyy41-fOvCbUyIQ54
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2U1OWVlNmYtNzVhNy00MjhjLWJmOGYtOGM2ZTJkZTJmNDFj&google_push=AYg5qPIXxmyj8m7hg7glbHvLjTul8cFFgnZ_zG1qwDZ689zoGB5mOyL-jKa4GWiGV3XU6g1...
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=M2U1OWVlNmYtNzVhNy00MjhjLWJmOGYtOGM2ZTJkZTJmNDFj&google_push=AYg5qPIXxmyj8m7hg7glbHvLjTul8cFFgnZ_zG1qwDZ689zoGB5mOyL-jKa4GWiGV3XU6g1...
https://ads.avads.net/report/ggl?google_error=3

35 B
83 B

33ms
33ms

Image
image/gif

35.205.207.25
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.avads.net/report/ggl?google_error=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.205.207.25 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS: 25.207.205.35.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.avads.net/report/ggl?google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 03E0 0
15 B 19ms
18ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Khg74a8OJ75968mMDtzsQ2QQM8TJ3WjHqVlref1L5YtTOp7yQKvYwqqvxlpGPtPGduOiP3tw

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0172 0
23 B 45ms
45ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 14:41:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 94CB 6 KB
4 KB 23ms
22ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5266ea4b95b69b9796211ab032637d59602f9327174a375a83950955f784feec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 14:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4388
x-xss-protection: 0

GET
H2 200 60005582_20210910245603607_m-300x050_LOOK-01E.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 94CB 20 KB
20 KB 12ms
11ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210910245603607_m-300x050_LOOK-01E.png

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f424f04869cbd7dfb51997a5ed7faee6ca11305a62f7a0bdeef95537923e807

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61707552/20210720070806802/300x050.html?e=69&leftOffset=0&topOffset=0&c=M0PVzBjkE9&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 15:59:23 GMT
x-content-type-options: nosniff
age: 81730
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20317
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 07:56:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Sep 2021 15:59:23 GMT

GET
H2 200 60005582_20210910245607004_m-300x050_LOOK-02E.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 94CB 22 KB
22 KB 20ms
19ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210910245607004_m-300x050_LOOK-02E.png

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4693c66e64ca5e3b4ffbd032ca365748a1b5c3cc479a09a66dffcfbe09075846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61707552/20210720070806802/300x050.html?e=69&leftOffset=0&topOffset=0&c=M0PVzBjkE9&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 15:59:23 GMT
x-content-type-options: nosniff
age: 81730
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22519
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 07:56:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Sep 2021 15:59:23 GMT

GET
H2 200 60005582_20210910245610153_m-300x050_LOOK-03E.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 94CB 21 KB
22 KB 9ms
8ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210910245610153_m-300x050_LOOK-03E.png

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7209ee1f07bc381f248596d89634228e89acdf8c9ec91d2bedf18212baff24e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61707552/20210720070806802/300x050.html?e=69&leftOffset=0&topOffset=0&c=M0PVzBjkE9&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:23:18 GMT
x-content-type-options: nosniff
age: 15495
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21955
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 07:56:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 10:23:18 GMT

GET
H2 200 60005582_20210910245613318_m-300x050_LOOK-04E.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 94CB 13 KB
14 KB 19ms
19ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210910245613318_m-300x050_LOOK-04E.png

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9aad258d7ae786e4d2a193d178f200cd47b82bf7bcbd76ee1b94a226a1d8725a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61707552/20210720070806802/300x050.html?e=69&leftOffset=0&topOffset=0&c=M0PVzBjkE9&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 15:59:23 GMT
x-content-type-options: nosniff
age: 81730
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13810
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 07:56:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Sep 2021 15:59:23 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame 94CB 43 B
609 B 52ms
10ms Image
image/gif 82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=25667676_4307561_314038599_146033397_-0&ref=25667676_4307561_314038599_146033397_-0
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:33 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 0581
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEB-HI8CUOq0d7H9mxlnjf4o&google_cver=1&google_push=AYg5qPIGCVlRymBYqEi4hTo5mmwSgDKA1UA4C77No-TIN9D2f2j77xHMQcJNl4eRMgvNgB6T8bViLEXWidr_I4ljIWPqRRGrbjk&r...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB-HI8CUOq0d7H9mxlnjf4o&google_cver=1&google_push=AYg5qPIGCVlRymBYqEi4hTo5mmwSgDKA1UA4C77No-TIN9D2f2j77xHMQcJNl4eRMgvNgB6T8bViLEXWidr_I4ljIWPqRRGrbjk...

43 B
446 B

240ms
194ms

Image
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB-HI8CUOq0d7H9mxlnjf4o&google_cver=1&google_push=AYg5qPIGCVlRymBYqEi4hTo5mmwSgDKA1UA4C77No-TIN9D2f2j77xHMQcJNl4eRMgvNgB6T8bViLEXWidr_I4ljIWPqRRGrbjk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIGCVlRymBYqEi4hTo5mmwSgDKA1UA4C77No-TIN9D2f2j77xHMQcJNl4eRMgvNgB6T8bViLEXWidr_I4ljIWPqRRGrbjk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:34 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69557e5bddf05b98-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 12984
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69557e59cac95b98-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEB-HI8CUOq0d7H9mxlnjf4o&google_cver=1&google_push=AYg5qPIGCVlRymBYqEi4hTo5mmwSgDKA1UA4C77No-TIN9D2f2j77xHMQcJNl4eRMgvNgB6T8bViLEXWidr_I4ljIWPqRRGrbjk&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIGCVlRymBYqEi4hTo5mmwSgDKA1UA4C77No-TIN9D2f2j77xHMQcJNl4eRMgvNgB6T8bViLEXWidr_I4ljIWPqRRGrbjk%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 0581
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEND-U8gZ476JOgqWy2zRPsA&google_cver=1&google_push=AYg5qPIJyaPoeLCjV4GGNg8oQgRPXEEOIg2u83DxcVD5_EDh2vjPggfrAIMBgnivTySGERFQlYbum...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPIJyaPoeLCjV4GGNg8oQgRPXEEOIg2u83DxcVD5_EDh2vjPggfrAIMBgnivTySGERFQlYbum8QFeEG1XqLVI4Xl_C6Em8o
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPIJyaPoeLCjV4GGNg8oQgRPXEEOIg2u83DxcVD5_EDh2vjPggfrAIMBgnivTySGERFQlYbum8QFeEG1XqLVI4Xl_C6Em8o&google_tc=
https://px.ads.linkedin.com/setuid?partner=google&google_gid=&google_error=3

0
38 B

227ms
226ms

Image
text/plain

2620:119:50e1:101::6cae:b25
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=google&google_gid=&google_error=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: 2Amup9W0qBbAYfWYIisAAA==

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://px.ads.linkedin.com/setuid?partner=google&google_gid=&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync.cgi
ssp.adriver.ru/cgi-bin/ Frame 0581
Redirect Chain

https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEH8QeFjZzM4Exqp2VjM8ABo&google_cver=1&google_push=AYg5qPJ3O4G0YInAsO71pcjPIsS-ry_uKvsNI4o9jjjAHGMekI6baUQzqwVyX0TS2MjI4...
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJ3O4G0YInAsO71pcjPIsS-ry_uKvsNI4o9jjjAHGMekI6baUQzqwVyX0TS2MjI4_yk3_K53nqnfbcLitq0yeH18BFlcA&google_hm=QXZ6R3lLYXVWZ3F0RHZYVjF1QU...
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPJ3O4G0YInAsO71pcjPIsS-ry_uKvsNI4o9jjjAHGMekI6baUQzqwVyX0TS2MjI4_yk3_K53nqnfbcLitq0yeH18BFlcA&google_hm=QXZ6R3lLYXVWZ3F0RHZYVjF1QU...
https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_error=3

42 B
201 B

75ms
75ms

Image
image/gif

81.222.128.215
ELTEL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_error=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 81.222.128.215 , Russian Federation, ASN20597 (ELTEL-AS, RU),
Reverse DNS: ad15.adriver.ru
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:34 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 282
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

cksync
cs.media.net/ Frame 0581
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEDwWNsJsMOaoXKj2u2oK3pM&google_cver=1&google_push=AYg5qPLi8VQ66_1zN4UNdxJXrFjVtFyCrG7T0fU1-7zjLWkc5tAfHcKa9Y6FCCfRFBD64B7C0uptresQ9deHYM0WfI8qh_C3EDw
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc1NzU1MjkyOTg2MDE5ODAwMFYxMA%3d%3d&mn_hm=Mjc1NzU1MjkyOTg2MDE5ODAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPLi8VQ66_1zN4UNdxJXrFjVtFy...
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=Mjc1NzU1MjkyOTg2MDE5ODAwMFYxMA%3D%3D&mn_hm=Mjc1NzU1MjkyOTg2MDE5ODAwMFYxMA%3D%3D&google_sc=1&google_push=AYg5qPLi8VQ66_1zN4UNdxJXrFjVtFy...
https://cs.media.net/cksync?type=g&mn_hm=Mjc1NzU1MjkyOTg2MDE5ODAwMFYxMA%3D%3D&gdpr=&gdpr_consent=&google_error=3

45 B
508 B

61ms
61ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&mn_hm=Mjc1NzU1MjkyOTg2MDE5ODAwMFYxMA%3D%3D&gdpr=&gdpr_consent=&google_error=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:34 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 45
X-MNET-HL2: E
Expires: Mon, 27 Sep 2021 14:41:34 GMT

Redirect headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&mn_hm=Mjc1NzU1MjkyOTg2MDE5ODAwMFYxMA%3D%3D&gdpr=&gdpr_consent=&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pub
cs.chocolateplatform.com/ Frame 0581 0
39 B 98ms
93ms Image
text/plain 35.212.101.174
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEGexLC7PezEiPOpdRGqTRvc&google_cver=1&google_push=AYg5qPIJ1TK5i8UB-Sf1U1C1h4NtWzBwhTVG4cneQS1j28WIJYFESilkf35ROIJRV7YmFZ1ATt8sdnbO6z0clgvwwHKRtnXemqU
Requested by: Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.212.101.174 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 174.101.212.35.bc.googleusercontent.com
Software: CookieSync Powered by Vdopia /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
via: 1.1 google
server: CookieSync Powered by Vdopia
alt-svc: clear
content-length: 0

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/58202/ Frame 0581
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEIeyJtkBCyq2dFHbfFkeDnk&google_cver=1&google_push=AYg5qPJrY7z6GW0lGESAt9bab1q-Nw3xesgzss18sluDFUf08JwPbHJn...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESEIeyJtkBCyq2dFHbfFkeDnk&google_cver=1&google_push=AYg5qPJrY7z6GW0lGESAt9bab1q-Nw3xesgzss18sluDFUf08JwPbH...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwMjIyOTdmMi0xZmExLTExZWMtYTVhMS0wNmY2MTYxZjI0YTQ%3D&google_push=AYg5qPJrY7z6GW0lGESAt9bab1q-Nw3xesgzss18sluDFUf08JwPbHJnqToztr9_Qd...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVAwMjIyOTdmMi0xZmExLTExZWMtYTVhMS0wNmY2MTYxZjI0YTQ%3D&google_push=AYg5qPJrY7z6GW0lGESAt9bab1q-Nw3xesgzss18sluDFUf08JwPbHJnqToztr9_Qd...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=false&google_error=3
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=false&google_error=3&apid=UP022297f2-1fa1-11ec-a5a1-06f6161f24a4

0
1 KB

36ms
35ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=false&google_error=3&apid=UP022297f2-1fa1-11ec-a5a1-06f6161f24a4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.138 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:34 GMT
Server: ATS/7.1.2.138
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=false&google_error=3&apid=UP022297f2-1fa1-11ec-a5a1-06f6161f24a4
date: Mon, 27 Sep 2021 14:41:34 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 0581 43 B
114 B 19ms
16ms Image
image/gif 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESELVdBW6yWok6AFxJz5fp2BI&google_cver=1&google_push=AYg5qPKksOUPPsqnjkTFPbyaigjkPKuT3AysQmvk8x8koH54MFgrNOIHHM0W0EKGehwaUMkqiB44JUgNpbxjDYr0h3IvN6JHqcIN

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 14:41:33 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0581 0
15 B 19ms
16ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KlMLwRvrUVjJOY68tW0n8wKjAYRr5rAaTwCR1-qguaDwDLRT-Ml2lb6_xM_IiyeYpWQZ5yWOQ

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 txt1@2x.png
s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/ Frame 9B3D 3 KB
3 KB 10ms
8ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/txt1@2x.png

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a7b90faf0a9280034abf971c9572543a1da7485dc2e7baf81573ddeb0c2b50e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 09:09:17 GMT
x-content-type-options: nosniff
last-modified: Tue, 31 Aug 2021 16:08:37 GMT
server: sffe
age: 19936
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3147
x-xss-protection: 0
expires: Tue, 28 Sep 2021 09:09:17 GMT

GET
H2 200 cta@2x.png
s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/ Frame 9B3D 995 B
1 KB 11ms
10ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/cta@2x.png

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cea19fbf035b5f57283a32bc4f80e46b29a3d323808d516d8f4f6587978e7d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 16:36:42 GMT
x-content-type-options: nosniff
age: 79491
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 995
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 16:08:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Sep 2021 16:36:42 GMT

GET
H2 200 30_jahre_logo@2x.png
s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/ Frame 9B3D 2 KB
3 KB 10ms
9ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/30_jahre_logo@2x.png

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fbc6a2f2345ad73cd7fb1dda09a6cd7d9d4a5bded9425f4d9d9a052b0d4a17d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 22:00:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 31 Aug 2021 16:08:37 GMT
server: sffe
age: 60043
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2508
x-xss-protection: 0
expires: Mon, 27 Sep 2021 22:00:50 GMT

GET
H2 200 logo.svg
s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/ Frame 9B3D 2 KB
1 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/logo.svg

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 16:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79486
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 16:08:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Sep 2021 16:36:47 GMT

GET
H2 200 bg1@2x.jpg
s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/ Frame 9B3D 23 KB
23 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/bg1@2x.jpg

Requested by

Host: a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
URL: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

686d0a5edd33157db3570e0449b881221b4ce768a8dca7f48335b37ea273f704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 17:52:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 31 Aug 2021 16:08:36 GMT
server: sffe
age: 74970
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23827
x-xss-protection: 0
expires: Mon, 27 Sep 2021 17:52:03 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 94CB 17 KB
6 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 27 Sep 2021 14:41:33 GMT

GET
H2 200 switch.png
s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/ Frame FFDF 5 KB
5 KB 34ms
32ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/switch.png

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3709741bd1396fbbf1e65206dd74ae69151af7fd1597f7b6f14c5239fbf5cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/index.html?e=69&leftOffset=0&topOffset=0&c=uo8oqxoif9&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 22:21:57 GMT
x-content-type-options: nosniff
age: 58776
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5525
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 13:05:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Sep 2021 22:21:57 GMT

GET
H2 200 logo.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/ Frame FFDF 2 KB
1 KB 33ms
32ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/logo.svg

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb4250c2daa318772d0ba93aa50f7ebff75e6d72acb31be1d2f67454085de7b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/index.html?e=69&leftOffset=0&topOffset=0&c=uo8oqxoif9&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 05:47:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1178
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 13:05:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 05:47:24 GMT

GET
H2 200 line3.png
s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/ Frame FFDF 4 KB
4 KB 36ms
35ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/line3.png

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbcfd992c012bb3ec3f8291677fa0f6d700a1b27504f6467f3931c646238f70f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/index.html?e=69&leftOffset=0&topOffset=0&c=uo8oqxoif9&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 23:50:47 GMT
x-content-type-options: nosniff
age: 53446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3770
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 13:05:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Sep 2021 23:50:47 GMT

GET
H2 200 line2.png
s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/ Frame FFDF 8 KB
8 KB 35ms
34ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/line2.png

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2dfcdea820795a3033a2182ec2a6518612c04c6addc51e2fa616b280d9e9aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/index.html?e=69&leftOffset=0&topOffset=0&c=uo8oqxoif9&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:04:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 31 Aug 2021 13:05:17 GMT
server: sffe
age: 38240
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7730
x-xss-protection: 0
expires: Tue, 28 Sep 2021 04:04:13 GMT

GET
H2 200 line1.png
s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/ Frame FFDF 5 KB
5 KB 34ms
33ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/line1.png

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9811ce504e57c4b76716bfdea4fbe630bbdcc9837362f100dc06bb2797c4a3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/index.html?e=69&leftOffset=0&topOffset=0&c=uo8oqxoif9&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 13:39:08 GMT
x-content-type-options: nosniff
age: 3745
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4633
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 13:05:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 13:39:08 GMT

GET
H2 200 main_image.png
s0.2mdn.net/ads/richmedia/studio/pv2/85465323/dirty/ Frame FFDF 2 KB
2 KB 34ms
33ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/85465323/dirty/main_image.png

Requested by

Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

093439379cf420afc65fbd25b8dcdc9ae7129f57187cf732819d4347ed86937c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61879590/20210831060517841/index.html?e=69&leftOffset=0&topOffset=0&c=uo8oqxoif9&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 17:36:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Aug 2021 20:26:49 GMT
server: sffe
age: 75901
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1551
x-xss-protection: 0
expires: Mon, 27 Sep 2021 17:36:32 GMT

GET
H/1.1 200
OK data
b199.s79.research.de.com/ Frame 0172 43 B
308 B 36ms
36ms Image
image/gif 136.243.6.97
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b199.s79.research.de.com/data?/9DpQDRIAA5rvFo0F0wFz6BvvA33F3uBohF30FjlFslFizFujEvtFLruFBLkqFFlqwFyyAw0Az0AL2vFBLl1FDLkqFK0kyByyAw0Az0A6zE0hF0jFi6BwyFl0FptFlBF2qoFx2AzyA31Az2A5yA11AxjE56EphFjyF3yEtBFlqwFyyAw0Az0ALkmFBUkzFAHQuCABAAAAAYAAAA9CAQAAAAAAGAAXAAAA9CAZYBAFAx8E18ExBEFA0wA00A0BErY0mAPAAAAAAAAAPY0mAPAAAFAA83JTY0mAZAAAFAw8Ez8EwBEFA0wA00A0BErRMPAPBAAFAA83JTRMPAPAAAAAAAAAzRMPAZAAAFAw8Ey8EzBEFA0wA00A0BErfeOAPAAAFAA83JTfeOAPAAAAAAAAAzfeOAZAAAFAw8Ex8EyBEFA0wA00A0BErehwAPAAAFAA83JTehwAPAAAAAAAAAzehwAZAAAFAx8Ex8ExBEFA0wA00A0BErtDOAPAAAFAA83JTtDOAPBAAAAAAAAztDOAZAAAFAx8Ey8ExBEFA0wA00A0BErLFDAPAAAFAA83JTLFDAZAAAFAx8E18E5BEFA0wA00A0BErHI+APAAAFAA83JTHI+APuDAAZAwSAcAAAASksFcPdAAAAAAsEAYJAFAAAY0mAAAQAOPFfTFPVFSDFFfFx2A12Az5ADAJOFUBFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAARMPAAAQAOPFfTFPVFSDFFfFx2A12Az5ADAJOFUBFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAAfeOAAAQAOPFfTFPVFSDFFfFx2A12Az5ADAJOFUBFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAAehwAAAQAOPFfTFPVFSDFFfFx2A12Az5ADAJOFUBFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAAtDOAAAQAOPFfTFPVFSDFFfFx2A12Az5ADAJOFUBFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAALFDAAAQAOPFfTFPVFSDFFfFx2A12Az5ADAJOFUBFAAAAAAAAAAAAAADAEJFWBFdAAAAAAsEAYJAFAAAHI+AAAyEkhF0hF6pEthFnlFvwEunF7iEhzFl2B0sApWFCPFS3FwLEHnFvBFBBFBOFTVFoFFVnFBBFBDFzBFBBFBXFCBFNBFBBFDyFszBpBFBBFBBFCsFCNFWFFVBFBBFErBBjFpXFtaF6XFBBFBBFBuFSTFUsFNBFBwFpkFyCFRBFBBFC3BTVFSCFWCFqUFiaFBMFEzFBnFDFFQyFEYFyvBwyA1DExXFCwBpaFv0A2KE0BE33AG5FvNFzvADqFC1FxVFykEnrFCrB4HEumFrJF3aFX0FuwFkkFQPFaNFz1FF2BoHFKoF3rE1REyUE2OErLFEvFzVFRnFW1FyuFRtFIjFy2Bo3FPGFZuFwrFOxFyrFtLFxGFwzF0yE2aEyUFokFEQF04B3PF1vE2kEsvFWMFL0FznFS3FkWFr1F3IFBxFjGFq3FvRFjoF4BEBBFBBFTVFWPFSLF1DEZJFJ9BDAJOFUBFAAAAAAAAAAAAAADAEJFWBFQtjFbJMSYA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.6.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h243.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:33 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 27-Sep-21 14:41:32 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 85F8 42 B
108 B 65ms
62ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQLwR8vCt-O7dVqztZPETA_SIBpPP-gEtnpRZMKQ7ZFy1CjaIn8sf8_buwdjCzt9uyAtz5ILvdyp_ClKlsaosb_sZWCBA0KwfUphMwQ5OaMWs-siATkg&sai=AMfl-YSiIcQgCXMEuHMCuLu19WrUXGcWJ-8j-1PH3_hISH2Bdv7QU5Jbtrvj0p7L2yUmdSI-P9svHdjwVfRldQDA--AQZFD7PJxLDjw16PKRQI8QqUbo7mO3QVdXRVo&sig=Cg0ArKJSzFyCVF2jbz_lEAE&cid=CAASEuRo-rJAHUC2udyShabffH5PNg&id=lidar2&mcvt=1039&p=106,288,196,1016&asp=106,288,196,1016&mtos=1039,1039,1039,1039,1039&tos=1039,0,0,0,0&v=20210922&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1111361213&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1632753692493&rpt=354&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js Show response
pagead2.googlesyndication.com/bg/ Frame 258D 35 KB
13 KB 31ms
28ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13388
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 27 Sep 2022 10:05:51 GMT

GET
H2 200 choice.js Show response
quantcast.mgr.consensu.org/choice/274pYeudnKvDs/www.hawtcelebs.com/ 3 KB
2 KB 165ms
29ms Script
application/javascript 2600:9000:2156:8400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/274pYeudnKvDs/www.hawtcelebs.com/choice.js
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 747e8f5454d77ac3ee2339c3490cb7b805d59d7fedd4cc0682ae6ed9c33b7d25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:16 GMT
content-encoding: br
age: 19
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
last-modified: Tue, 09 Feb 2021 19:08:19 GMT
server: AmazonS3
etag: W/"9de17307c4f74768ad3438dca5916747"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
content-type: application/javascript
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: KeWYrqw3JKDyuoqv486PflqiERuoNBc8jFYBUod4uZf7apQoA0WmcA==

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 183 KB
62 KB 36ms
36ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.hawtcelebs.com
URL: https://www.hawtcelebs.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ee9bcf40869defb2ba36f0398aafcdbe1c82715317c76a2fad2e8ae0a74f2225

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:33 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:14:17 GMT
etag: W/"2dd14-xHIYTyef9V4m9QpegRxijTiSwm4"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: c3a34e56c27d8ddabfc7dd345522d2e
timing-allow-origin: *, *
content-length: 62421
expires: Mon, 27 Sep 2021 18:41:33 GMT

HEAD
H2 200 e.js Show response
live.demand.supply/x/ 0
125 B 44ms
44ms XHR
application/javascript 2606:4700::6810:8616
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://live.demand.supply/x/e.js?ce=fs&dsReferer=aHR0cHM6Ly93d3cuaGF3dGNlbGVicy5jb20v
Requested by: Host: live.demand.supply
URL: https://live.demand.supply/impl.v13.7.2.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:8616 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-nf-request-id: 01FG0Q3YCGW6AVJC831WE1F8R9
date: Mon, 27 Sep 2021 14:41:33 GMT
cf-cache-status: HIT
age: 423464
cf-polished: origSize=2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1
cf-bgj: minify
server: cloudflare
etag: "0b1ef88152c3a4cd79e0ba959cca0c64-ssl"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: s-maxage=2592000,stale-if-error=604800
accept-ranges: bytes
cf-ray: 69557e5afb5d5c0e-FRA

GET
H2 200 rrv7.js Show response
bid.underdog.media/ 16 KB
8 KB 36ms
36ms Script
application/x-javascript 2600:9000:2156:4000:5:c4ab:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/rrv7.js
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.8.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4000:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13ea7f4a7b8283c5b01e7e6041968caccffe5a7470720486557f9e64b22c56b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 13:04:17 GMT
content-encoding: gzip
last-modified: Mon, 27 Sep 2021 13:00:05 GMT
server: AmazonS3
age: 5837
etag: "d37b26688975ff84c5829323787ff4cb"
x-edge-origin-shield-skipped: 0
content-type: application/x-javascript
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 7393
x-amz-cf-id: UCKdMQw2ozU3zZ9vedMlX68Dvwy5PSa-Gv7Yd7i4Up5xcEiNDp-JrQ==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 62ms
59ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021091501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59dc243faa696cc2d9f9c40fba6952bfa5f2070f8b7a6102dd4521a476f2c750

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 27 Sep 2021 14:41:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8489
x-xss-protection: 0

GET
H2 200 WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js Show response
pagead2.googlesyndication.com/bg/ Frame 174D 35 KB
13 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16542
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13388
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 27 Sep 2022 10:05:51 GMT

GET
H/1.1 200
OK d3d3Lmhhd3RjZWxlYnMuY29t Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
462 B 199ms
59ms XHR
application/json 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3Lmhhd3RjZWxlYnMuY29t
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:34 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=34422
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 2295d558485003cd306b49c568517a1b
Content-Length: 15
Expires: Tue, 28 Sep 2021 00:15:16 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
451 B 74ms
24ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=6.640438650836138
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Wed, 27 Oct 2021 14:41:34 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/i/ 2 KB
3 KB 457ms
123ms Script
application/javascript 158.69.139.225
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Requested by: Host: waust.at
URL: https://waust.at/c.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.225 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip225.ip-158-69-139.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:34 GMT
X-T: 0.862
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl1
Expires: Mon, 27 Sep 2021 14:41:33 GMT

GET
H2 200 / Show response
services.vlitag.com/uv/ 12 B
737 B 512ms
157ms XHR
application/json 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/uv/?page_url=https%3A%2F%2Fwww.hawtcelebs.com%2F&mtk=78

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=036e05035cbef88431e89138f2969605

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37bd89d0776acdb8565abd79559d140909e68570f7d74a6f0141d21aed4122f4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 27 Sep 2021 14:41:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HTv9nb6Eme%2FfuLFaJcxeBx2T1fR8KdZeqBJD%2Bkd51cwzhzXPQ5zEMyfosfxj9IC9UGKkfNcAJ79WZ7WtIpLsE8n2%2FMSCIKHP3Aulwd8I%2FVOftx63%2FO81U4mfy1fyDdBop94vLvj3Te5EId%2FPZELyCn8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.hawtcelebs.com
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 69557e5dae714ed3-FRA
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 036e05035cbef88431e89138f2969605.js Show response
tag.vlitag.com/v1/1632727982/ 501 KB
126 KB 98ms
47ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/v1/1632727982/036e05035cbef88431e89138f2969605.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=036e05035cbef88431e89138f2969605

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

073e6dbcb7ab727a6f3c36c0610b14d9bf1eec9e46b126f06406d3cd928777f1

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 25706
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Sep 2021 07:33:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRdK2E%2FTQkmafduIf76qdHE1ir%2Bo5%2BZhn7M9B4JBfAIRLvHuP7lVB%2FB2t2YRXgAQvZ1MwKSarCyrT3rqLWqgWqudQGt37lxswXLlrpIGxrk5AEgxeJln3bk38gfrBLCJ5BBMMZDvZ1fi1gn6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-ray: 69557e5bbb856934-FRA
cf-bgj: minify

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9A3F 42 B
108 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsurO70RKirEQfKxwiOPKsnEoiVuFwqLsXkkoMvmAhNdH9EkYgC8BxVgIREX7g2h9vEabj5AVy3_aCD9Dri-9X8c9n47pV_Dy0tOKEnX74C9VWxqBPVtfg&sai=AMfl-YSFEzwTUfROvZ3II-1BZ2OpOOkMDcTn3bLHzHPidyEYVmWNrlQ47PH-YBbIfAz7RHxxOf9Ay1n0gsDTpMaZUhVmQcH-xdtCylx4eCye-YFSbxZJCZAI5wEjxhY&sig=Cg0ArKJSzGLBlnUj0A9vEAE&cid=CAASEuRoid-snYNc0o7uF59BnwKRsw&id=lidar2&mcvt=1061&p=226,1029,476,1329&asp=226,1029,476,1329&mtos=1061,1061,1061,1061,1061&tos=1061,0,0,0,0&v=20210922&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2407794193&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1632753692377&rpt=562&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062903

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Mon, 27 Sep 2021 14:41:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 84ms
26ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-10995097-8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 6574
date: Mon, 27 Sep 2021 12:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 27 Sep 2021 14:52:00 GMT

GET
H2 200 / Show response
whos.amung.us/pingjs/ 30 B
146 B 433ms
134ms Script
text/javascript 67.202.114.216
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=a9etg89wet&t=HawtCelebs%20%E2%80%93%20Latest%20Celebrities%20Pictures&c=c&x=https%3A%2F%2Fwww.hawtcelebs.com%2F&y=&a=0&d=1.411&v=27&r=2168
Requested by: Host: waust.at
URL: https://waust.at/c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.114.216 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: e9fc1444b589f6bce31440a89d61ad2d08bedebf9692bc1623ac7e570a035d7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 80B1 0
59 B 47ms
47ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCsLgHNhRYaeZE7mJ9u8PkrONuAYAAAAAOAHgBAI&bg=!r6ylrOjNAAZNQyuQTUM7ACkAdvg8WodEDMEFhVII_OHvku6P-ABOH555iYjj_Tzxl0SLmfnaVEa_GAIAAAK9UgAAAGpoAQcKACKMjH5ZM0frM39hZ9GB2cVC9AUTcN41Vd54u6KYYbkPwfZOmQNghUdB8MCJtX_UYN6pkZ7x5erJDYi1fZxUzmjLZOUplQ1Iqf4_yAdvUeoNkBGxi_e5LdOiFeVXxvdP159T9S1e-58hFjvo9NydYUte6g_1U3HIy1o68zk9n6KAjs94lAUEbvoYEPsdszIid8wvjYY7obo-tVFKOSZ1EGkMCOGCuqq3v7b84iYDM0Qp_OB-rMj1CpoxsaZijBPyLajyeEkZPDvJTWOUKQZSS2d8xXVTr5MbBiwuQYIUX2mzpyEZ9ghUYNWXWnCxnRSC39X8JB4ARrD31UL8DStGSwEaiFpFOt29IXrdWoOhGsMb1LHV4OhoLhFd1i8S7tt2HkBvQcRCWuEvlk-7eBdRfPRybl8mv_EDFASrDHZuls7gs44tQIH7ls9NT-BZ25XwhHIF6bsgaxX1JaOlzMjy5Dr1Uxdbn3A0QzuTq1INHXoFS5tQswSzvrqbbodT_dAbBCKKFAx7wP-DT5COV9gDYds-_m1hiwOm5tpLsYdgDfmjGvdtxP9MhmoFeLhhJBIPn69FH3jWR3unz-aUbVc-qB-WDnyAhJmWUSzApEGMFd61kYPqABmm2OGptCjSQw6B3hHYSoqJzxE9P2Rv-zJq-1Sk4Mo70XIeoZ48SsD-Q8oYyYQlgzdA-FxI4bA9hJcDnxzBF0pRsnBNkq-YWzK2tAnq_cU5hQQnW2ksCnDq5dGF5fXhStxG9DZJRAkD_TZl10zDA-3BAWa9XnmActlWlfkL1IfO3CCOhTmu8o72a83ic8_ZsVDdXYKMs_hcsTb3w6AccgFlareEqZ9qwigKt0GPTucCn0r1YLD1qA1usQ7AX0eiKB3I0PdtkeA1whJUVmNjWt5ue8KTXwodsdC-2VacsM374qZxaBpEJt_BFlFbAcQcgT3jwg4rTISvb3gfJpbeUQ2vNuaKkHYic4niEanMKSYU280SLUkuKKWAmfH_u5AEsTqCE4doeiLUQjCRpK2xH3RxThwCMw3ctS1YQ9DtLdy6rjQZf3KaEXSZKYZE-xAin_YqNVdfGlWWdSEpYMnHhcIjBTnByMt7A9odRfEhU-MfpXpPDMq6Wf1OZuXnAmd-v7q9axAvH06P6UCF3tOzXxLNM15gaBBya0y0r0p3Ou1o7O3XLG3S1cn56lCGbuw1RIA_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 placement_invocation Show response
ob.cheqzone.com/ 50 KB
19 KB 128ms
36ms Script
text/javascript 143.204.98.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-117.fra50.r.cloudfront.net
Software: /
Resource Hash: 709a05838a7d849daa97913135fa8982cc5d98ec1ef585f37724abaa3539c8fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 09:11:19 GMT
content-encoding: gzip
age: 19815
x-amz-cf-pop: FRA50-C1
etag: "c63f-7x+pJGkVX3jrHreaVnm3V+j5Zlc"
x-edge-origin-shield-skipped: 0, 0
content-type: text/javascript; charset=utf-8
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
cache-control: max-age=43200
x-cache: Hit from cloudfront
cheq_headers_order: Content-Type Cache-Control Expires Etag Content-Length Content-Encoding Date Connection
content-length: 19228
x-amz-cf-id: SrTiNuN0jC-00ZWzZnFWAaRAkVG7ao_n8yRJXuviKpPu0qCg30dsYA==
expires: Mon, 27 Sep 2021 21:11:19 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
9 KB 25ms
23ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/274pYeudnKvDs/www.hawtcelebs.com/choice.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c9d50edae9ab89f8373214510b01eb50f60e16bd5e71328173962c0e13b31c07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
content-encoding: gzip
etag: "dfAcRt65NMPvqdNgsZZi3w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 04 Oct 2021 14:41:34 GMT

GET
H2 200 rules-p-274pYeudnKvDs.js Show response
rules.quantcount.com/ 3 B
462 B 24ms
24ms Script
application/javascript 2600:9000:2156:c400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-274pYeudnKvDs.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:c400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 00:56:46 GMT
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
age: 49489
x-edge-origin-shield-skipped: 0
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
content-length: 3
last-modified: Sat, 04 Mar 2017 19:47:21 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 7QhmSlzC2GCN_-RFLSVB-3CuiFz-PpXe1DTO1i24EDanIMYtUrO_MA==

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 179 KB
44 KB 47ms
47ms Script
text/javascript 2600:9000:2156:8400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.hawtcelebs.com
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/choice/274pYeudnKvDs/www.hawtcelebs.com/choice.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7289837e876c7bbbf1afc71abc4c5383e7f56692abeaa0a72b82e4e721ceba26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
content-encoding: br
x-edge-origin-shield-skipped: 0
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Thu, 02 Sep 2021 17:09:42 GMT
server: AmazonS3
etag: W/"9deb1d626be8c031919272577f54eb7e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: JdLe35mndZ-xhWQHuR39qjzE0nyY7cb8bci3q0vfT5jheRSDDUdi2Q==

GET
H2 200 pixel;r=328223735;source=choice;rf=3;a=p-274pYeudnKvDs;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=0;fpa=P0-231294886-1632753690962;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=d1dcdf1b-20210921204814;cm=...
pixel.quantserve.com/ 35 B
210 B 27ms
27ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=328223735;source=choice;rf=3;a=p-274pYeudnKvDs;url=https%3A%2F%2Fwww.hawtcelebs.com%2F;uht=2;fpan=0;fpa=P0-231294886-1632753690962;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=d1dcdf1b-20210921204814;cm=;gdpr=0;ref=;d=hawtcelebs.com;je=0;sr=1600x1200x24;dst=0;et=1632753694233;tzo=0;ogl=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:34 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 4B92 12 KB
5 KB 28ms
28ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hawtcelebs.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 27 Sep 2021 14:07:26 GMT
expires: Tue, 27 Sep 2022 14:07:26 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2048
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F144 783 B
1 KB 37ms
37ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

426c6e1a12fca5d2f5612310edf101043880d380c59593bd9a66d3d2c9252d05

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-r9Ulu+7JhCDfnXWfj41c2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hawtcelebs.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 27 Sep 2021 14:41:34 GMT
date: Mon, 27 Sep 2021 14:41:34 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-r9Ulu+7JhCDfnXWfj41c2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 30ms
29ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1498244484&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hawtcelebs.com%2F&ul=en-us&de=UTF-8&dt=HawtCelebs%20%E2%80%93%20Latest%20Celebrities%20Pictures&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1692756890&gjid=145203672&cid=253180117.1632753691&tid=UA-10995097-8&_gid=11169151.1632753694&_r=1&gtm=2ou9m0&z=1151050158

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hawtcelebs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hawtcelebs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prebid-v5.12.0.js Show response
assets.vlitag.com/prebid/default/ 465 KB
136 KB 96ms
53ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/prebid/default/prebid-v5.12.0.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1632727982/036e05035cbef88431e89138f2969605.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e69c37fdfb938853b195b56b6e47e215c275fc85f28be01017e9074fb38be736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1831425
cf-polished: origSize=476623
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Thu, 02 Sep 2021 03:27:04 GMT
server: cloudflare
etag: W/"61304488-745cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbC3v9u9ycyJpKmOARvmdtmFFKSsPt%2FQVeMM419acAMuVm%2BqZtgwjpV2Hsi4fuxnXUeOR3mjDKQ6jNzq9EvaEu10O4G4ycqqYUG06k%2F1QxXqwqELd6%2F8IGgvKPJhs45x2kG09ifz5lwpDAd76PyW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 69557e5e195f6934-FRA
expires: Mon, 06 Sep 2021 10:27:48 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 73 KB
25 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1632727982/036e05035cbef88431e89138f2969605.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12a15db7a5c34cc8a15e26deac0105a2a811b6483ab4bcb296b13dc065b40eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "999 / 947 of 1000 / last-modified: 1632741021"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24873
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Sep 2021 14:41:34 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 345 KB
119 KB 87ms
34ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1632727982/036e05035cbef88431e89138f2969605.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b41e03561fcd66267e40478b43dfc163e850387b636883e84aa4c8947bf273a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121279
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Mon, 27 Sep 2021 14:41:34 GMT

GET
H2 200 sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
17 KB 81ms
39ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1632727982/036e05035cbef88431e89138f2969605.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1831425
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
etag: W/"5dbbbcf2-9806"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UPJGfmHFrAhVkXexsewV9K2PWJaJIUsa7%2FDtQekKkdSkgtJIWpXlCU8CrveL6omx%2BfiFQheHVJaZWHVptEi7zUVIQuZCxOnjcW1jyTwGo25wDqMIW1b1X7b3sGhsFQm2zrlrKXqOAI2wfeZBPKYb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 69557e5e195c6934-FRA
expires: Mon, 06 Sep 2021 10:27:48 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0172 42 B
108 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSKcLf5g4V0vCacgBJXTyjIYIA-TvDQ8-xAbZF-9CA4deecJ8j8VlXqHdshC9KabxA6k8yhH-tyH0byZIZ-XWUPkXSIGMgmawbYYFM2RLVOnjc9Z7ejA&sai=AMfl-YQrw21GiSQE4V08VpG0ZyNjcoxp4LIe4gYOsIVSRUsAd_xCEyx4YO-CBftdzUOx_6YnEQYFxPS1sQp_LA9eC3JdGDNGhYTSoW5vmJSMlqBC-czNcXGDFv8zrGM&sig=Cg0ArKJSzIpIYrw2YLjqEAE&cid=CAASEuRorlijQrbWPeutPhnm2_Ek-w&id=lidar2&mcvt=1074&p=606,1029,1206,1329&asp=606,1029,1206,1329&mtos=0,1074,1074,1074,1074&tos=0,1074,0,0,0&v=20210922&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=1734423329&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1632753692551&rpt=745&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 style.css
s0.2mdn.net/9758366/1630426111390/13-IWE-Edition30-Leaderboard-728x90-iRange/css/ Frame 1C5A 2 KB
604 B 25ms
25ms Stylesheet
text/css 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1630426111390/13-IWE-Edition30-Leaderboard-728x90-iRange/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1630426111390/13-IWE-Edition30-Leaderboard-728x90-iRange/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ccda4fe8fb72043c2135a75c682b4ff5069734b101b800cb7fbba4a3f5a1824d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1630426111390/13-IWE-Edition30-Leaderboard-728x90-iRange/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:12:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16174
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 491
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 16:08:31 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 10:12:00 GMT

GET
H2 200 style.css
s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/css/ Frame 1FC4 2 KB
582 B 26ms
25ms Stylesheet
text/css 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bc5c2bd49e05776425cc97a2b1b72605e66696af6a30d9ab06e07dcff7fdc90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:30:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25860
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 476
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 13:19:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 07:30:34 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
465 B 110ms
37ms XHR
text/plain 2a00:1450:400c:c01::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-10995097-8&cid=253180117.1632753691&jid=1692756890&gjid=145203672&_gid=11169151.1632753694&_u=YAhAAUAAAAAAAC~&z=2052012587

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c01::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hawtcelebs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 27 Sep 2021 14:41:34 GMT
content-type: text/plain
access-control-allow-origin: https://www.hawtcelebs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 8 KB
3 KB 146ms
36ms XHR
application/json 2600:9000:2156:aa00:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.hawtcelebs.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:aa00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a5c20add80dfa892c8ce20c1185a664b9d9ba991c3b7281db96dab5178bfbf6

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.hawtcelebs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 03:00:40 GMT
content-encoding: br
age: 42055
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
access-control-max-age: 86400
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 21 Sep 2021 19:52:29 GMT
server: AmazonS3
etag: W/"c9ca46e8bca386b00ae734ec7f36e72e"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: 53eMtdSFMejUNxoIEd.wWdAMwnfkg3aL
via: 1.1 009e5e3e32afcd1d135a7234c9da5521.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
content-type: application/json
x-amz-cf-id: gPVFtJ87nI0GjXR1yoRcLVpIDd6SmRIb4maixEmUjYdLOGwEgAhKEw==

GET
H2 200 txt2@2x.png
s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/ Frame 1FC4 2 KB
3 KB 37ms
35ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/txt2@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf7d8d24d874742f4f15fb06654601a7ae41aa46b289c3d1977817ea258c7d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 09:07:31 GMT
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 13:19:10 GMT
server: sffe
age: 20043
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2467
x-xss-protection: 0
expires: Tue, 28 Sep 2021 09:07:31 GMT

GET
H2 200 txt3@2x.png
s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/ Frame 1FC4 2 KB
2 KB 36ms
34ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/txt3@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3accd9227386efc995a7cd597b450b6e05a3a8abb2378e2c0fd675b397e43477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 07:34:20 GMT
x-content-type-options: nosniff
age: 25634
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1604
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 13:19:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 07:34:20 GMT

GET
H2 200 txt4@2x.png
s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/ Frame 1FC4 2 KB
2 KB 72ms
71ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/txt4@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5de6fc9ba07435e00530686b3381d7fece4e283c43eca5d1d8ae5d0b5e2501ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 17:59:13 GMT
x-content-type-options: nosniff
age: 74541
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1538
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 13:19:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Sep 2021 17:59:13 GMT

GET
H2 200 txt5@2x.png
s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/ Frame 1FC4 2 KB
2 KB 72ms
70ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/txt5@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4e89432e01fa3882f7afd886f4d3f60b1c4c63013700126f44b1fdeace470b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 09:07:31 GMT
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 13:19:10 GMT
server: sffe
age: 20043
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2158
x-xss-protection: 0
expires: Tue, 28 Sep 2021 09:07:31 GMT

GET
H2 200 cta@2x.png
s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/ Frame 1FC4 708 B
811 B 71ms
70ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/cta@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bbbc72c2dc2c07006eccfda42c0577105306cf65bf88ca7ac66c92f1646e840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 22:09:56 GMT
x-content-type-options: nosniff
age: 59498
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 708
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 13:19:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Sep 2021 22:09:56 GMT

GET
H2 200 logo2.svg
s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/ Frame 1FC4 2 KB
1 KB 71ms
69ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/logo2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 23:50:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53467
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 13:19:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 27 Sep 2021 23:50:27 GMT

GET
H2 200 bg2@2x.jpg
s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/ Frame 1FC4 11 KB
11 KB 70ms
68ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/bg2@2x.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f78c652ecbe9a2342b0e0191bfc72a04c789231ef732c1bbc53418b6407334b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 22:00:05 GMT
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 13:19:10 GMT
server: sffe
age: 60089
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11209
x-xss-protection: 0
expires: Mon, 27 Sep 2021 22:00:05 GMT

GET
H2 200 bg3@2x.jpg
s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/ Frame 1FC4 22 KB
22 KB 40ms
39ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/bg3@2x.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97016650e66d70978297cd8248c774a986d27cc5632eae9e52a2c50de31ab219

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:01:30 GMT
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 13:19:10 GMT
server: sffe
age: 38404
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22909
x-xss-protection: 0
expires: Tue, 28 Sep 2021 04:01:30 GMT

GET
H2 200 bg4@2x.jpg
s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/ Frame 1FC4 21 KB
21 KB 38ms
37ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/bg4@2x.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e19a73579bf01626c864d7bee4293bd9470c5b6dbfd4e1bfbf30dd687d744ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 13:47:06 GMT
x-content-type-options: nosniff
age: 3268
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21496
x-xss-protection: 0
last-modified: Thu, 26 Aug 2021 13:19:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 13:47:06 GMT

GET
H2 200 legals@2x.png
s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/ Frame 1FC4 12 KB
12 KB 68ms
67ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/img/legals@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8ae7bdfd850dd450851915e0d58b0a8b0956ae5fb9055ba0165a26010e12d00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1629983950211/13-IWE-Edition30-Leaderboard-728x90-iRange/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 22:00:05 GMT
x-content-type-options: nosniff
last-modified: Thu, 26 Aug 2021 13:19:10 GMT
server: sffe
age: 60089
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12227
x-xss-protection: 0
expires: Mon, 27 Sep 2021 22:00:05 GMT

GET
H2 200 show_pla Show response
obs.cheqzone.com/ 2 KB
2 KB 454ms
141ms Script
text/javascript 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.hawtcelebs.com%2F&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=84001957695860857861281121182710239082361168167417755925829964700970&nc=0&tsf=0&tsfmi=&pv=0&cb=1632753694563&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=220482090&at=&bid=e30%3D&di=W1siZWYiLDY3MzVdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6OCxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjExMTM2%0D%0AMTUxMixcInNlY1wiOlwiXCJ9Il0sWzM3LCJbMzMxNjIyNDA0OSxmdW5jdGlvbihuZXdWYWx1ZSkg%0D%0Ae1xuICAgICAgICAgICAgICBhZGRDb250ZW50V2luZG93UHJveHkodGhpcylcbiAgICAgICAgICAg%0D%0AICAgLy8gUmVzZXQgcHJvcGVydHksIHRoZSBob29rIGlzIG9ubHkgbmVlZGVkIG9uY2VcbiAgICAg%0D%0AICAgICAgICAgT2JqZWN0LmRlZmluZVByb3BlcnR5KGlmcmFtZSwgJ3NyY2RvYycsIHtcbiAgICAg%0D%0AICAgICAgICAgICBjb25maWd1cmFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHdyaXRhYmxl%0D%0AOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB2YWx1ZTogX3NyY2RvY1xuICAgICAgICAgICAgICB9%0D%0AKVxuICAgICAgICAgICAgICBfaWZyYW1lLnNyY2RvYyA9IG5ld1ZhbHVlXG4gICAgICAgICAgICB9%0D%0AXSJdLFstMSwiLSJdLFstMiwiNixlWVhWWDFQcngyTytlMmFabk1wQmRJQVJLS1ZFRVFJZ0tDZEpY%0D%0AZUJCRVFSSXFpSUMxOHFEUkZrTjVDQzRyU2ZpSlNwQW9JUk9tUVFoSlNTTTlNWmpKenl5bDc3N1cv%0D%0AWjUxN3o4Il0sWy0zLCJbXCJpbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFl%0D%0Ab2pvZm9ob2VmZ2llaGphaVwiLFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxb%0D%0ALTUsIi0iXSxbLTYsIi0iXSxbLTcsIi0iXSxbLTgsIi0iXSxbLTksIisiXSxbLTEwLCItIl0sWy0x%0D%0AMSwie1widFwiOlwiXCIsXCJtXCI6W1wiZGVzY3JpcHRpb25cIl19Il0sWy0xMiwibnVsbCJdLFst%0D%0AMTMsIi0iXSxbLTE0LCJ7XCJvXCI6MC4wNDc2MTkwNDc2MTkwNDc2MTZ9Il0sWy0xNSwiLSJdLFst%0D%0AMTYsIjAiXSxbLTE3LCI0Il0sWy0xOCwiWzAsMCwwLDFdIl0sWy0xOSwiWzAsMCwwLDAsMCwwLDEs%0D%0AMjQsMjQsXCItXCIsMTYwMCwxMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDAsMCww%0D%0ALDAsXCItXCIsXCItXCJdIl0sWy0yMCwiMjUzMTgwMTE3LjE2MzI3NTM2OTEiXSxbLTIxLCJCTTlH%0D%0AVHRCTCJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCIt%0D%0AIl0sWy0yNiwie1widGpoc1wiOjI0NTAwMDAwLFwidWpoc1wiOjE4MjAwMDAwLFwiamhzbFwiOjM3%0D%0ANjAwMDAwMDB9Il0sWy0yNywiWzAsMTAsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyxlbiJd%0D%0ALFstMjksIntcInZcIjpbMiwyLDIsMiwwLDAsMCwyLDAsMiwwLDIsMCwwLDIsMiwyLDIsMF19Il0s%0D%0AWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2UiXSxbLTMyLCItIl0sWy0zMywiLSJdLFstMzQs%0D%0AIi0iXSxbLTM1LCJbMTYzMjc1MzY5NDUwOCwwXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0s%0D%0AWy0zNywiLTE0NC02Ni0xODAtIl0sWy0zOCwiYywtMSwtMSwzMSwwLDEsMCwwLDI1LDEyNzcsNTgs%0D%0AMSwxNTExLjEsMTUxMS4xLDU2MTksNTYxOSJdLFstMzksIltcIjIwMDMwMTA3XCIsNCxcIkdlY2tv%0D%0AXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCwz%0D%0AXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFstNDIsIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAw%0D%0AMTAxMDAwMDAxMDAxMTEwMTEwMCJdLFstNDQsIjAsMCwwLDUiXSxbLTQ1LCI2MjAsNjc4LDAsMCww%0D%0ALDU2MSwwLDAsNjQ4LDAsMCwwLDAsMCwwLDAsMCwwLDAsNjg0LDAsMCwwLDAsMCwwLDAsMCwwLDAs%0D%0AMCwwIl0sWy00NiwiMCJdLFstNDcsIkV0Yy9Vbmtub3duLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFst%0D%0ANDgsIjAsMCJdLFstNDksIi0iXSxbImJuY2giLDk0XV0%3D&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A451%2C%22y%22%3A1268%2C%22w%22%3A537%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=a5XawOqPua&sdd=%7B%7D&pto=5676
Requested by: Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 75f23ec04ffa43fdcfe4536d56ee5eddd7bbd0859f963076acaeda9cc44ae51b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:34 GMT
content-encoding: gzip
content-type: text/javascript
cache-control: no-cache, no-store, must-revalidate
cheq_headers_order: Set-Cookie Content-Type Cache-Control Pragma Expires Content-Length Content-Encoding Date Connection
content-length: 1405
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame ED97 43 B
215 B 107ms
106ms Image
image/gif 3.212.141.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=783646&asId=70d1aa1f-585c-b93b-929f-b574a3fe684a&tv=%7Bc:pqtkav,pingTime:1,time:2481,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:15%7D,%7Bpiv:100,vs:i,r:,t:1446%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1035,o:1446,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1441~0,0~100%5D,as:%5B1441~160.600%5D%7D%7D,%7Bsl:i,t:1446,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1034~100%5D,as:%5B1034~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:206,fm:sKdS65k+11%7C12%7C13*.783646-56311260%7C131%7C1321%7C14,idMap:13*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.141.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-141-148.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:34 GMT
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame ED97 43 B
215 B 109ms
109ms Image
image/gif 3.212.141.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=783646&asId=70d1aa1f-585c-b93b-929f-b574a3fe684a&tv=%7Bc:pqtkav,pingTime:1,time:2481,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:15%7D,%7Bpiv:100,vs:i,r:,t:1446%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1035,o:1446,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1441~0,0~100%5D,as:%5B1441~160.600%5D%7D%7D,%7Bsl:i,t:1446,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1034~100%5D,as:%5B1034~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:206,fm:sKdS65k+11%7C12%7C13*.783646-56311260%7C131%7C1321%7C14,idMap:13*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.141.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-141-148.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:34 GMT
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame ED97 43 B
215 B 110ms
109ms Image
image/gif 3.212.141.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=783646&asId=70d1aa1f-585c-b93b-929f-b574a3fe684a&tv=%7Bc:pqtkav,pingTime:1,time:2481,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:15%7D,%7Bpiv:100,vs:i,r:,t:1446%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1035,o:1446,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1441~0,0~100%5D,as:%5B1441~160.600%5D%7D%7D,%7Bsl:i,t:1446,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1034~100%5D,as:%5B1034~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:206,fm:sKdS65k+11%7C12%7C13*.783646-56311260%7C131%7C1321%7C14,idMap:13*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.141.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-141-148.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:34 GMT
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 46ms
46ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-10995097-8&cid=253180117.1632753691&jid=1692756890&_u=YAhAAUAAAAAAAC~&z=1559677020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.se/ads/ 42 B
522 B 109ms
46ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-10995097-8&cid=253180117.1632753691&jid=1692756890&_u=YAhAAUAAAAAAAC~&z=1559677020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vendor-list.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 287 KB
34 KB 84ms
33ms XHR
application/json 2600:9000:2156:8400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.hawtcelebs.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8bd8b4ab751d7e1cf0a74d1813c61e932f283210339e7fe479ba95a4bb5d9a16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 03:00:38 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 42057
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 27 Sep 2021 03:00:31 GMT
server: AmazonS3
etag: W/"dccf112bc5d2e3e28d1ec13b6c87167e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: cepNKtSeGAN8HgJYJzE7B0CFJt13Lfsaq8SXLAnLpOlqS4Kz_iq4Cg==

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BD7 0
50 B 45ms
45ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYn_7HNhRYZ31Hoz77_UP4Lmn0AYAAAAAOAHgBAI&bg=!2Nul25_NAAZNQyuQTUM7ACkAdvg8WqnNZRFWapVweXQzTrN9sF5VCNR3mrcdHfPJq54dswQmAdIxIQIAAAJEUgAAALhoAQcKACD5vEhlzGKJ4JvmZJ67XzlViX14y9aQadPpRqwT4Ef56JkDTSjcRPoiuHf2Olxieq13epNILLYAjdUovHRR4PHxy4yRBtck0MAsPfyI28-sBojGGs-FghkrpSNEcKq-XpTVIGybkyHvdQ503LuLDacRgolz4j-RJoPotGKE-BqUkM1tg_mjKPLAJpWH9Mwjgk8eNpX7DtxsZMco-Cu8evpTSH8ofaMXYoV8qgTqyeIg_6tQOTFRe922A94FV8fGpRHA8YTnrdoafaknF0WzY0u5F79Wq6Q-1IXDUbV3bDTvSyxOMgtN2i0H96_Tpchv-XG8598_T9IGOhcKI1n9hptzOURN3d-UNeaudHduvhP2aCbAU9oQpvg18FG0P47FqI3TCAl0Vq2EeOQzuE7u8W1ocDygdjHLy7QfhNIvAH1oRbsTVk60E6CgCVbvVcIaP__IZ0xc7nY_9tyOLwcpwszVQAXHQO4Mbv6WFFRwBpxiUrVXLn-9PaU_kApp2sFjMXpywkk2VZnnqSzMv5uNeuPYL7piI1rzGUrYVPj6tIJx5WJvD2NhQC96h3SNkhYTHWDbTrE-rkcljaCv1w6dXwf7ETp0AsAo3U94-L72el0GkE394RdbT8pv3ES8fJLtkKcrvk9_wL3P2_VEhBq7EHwIcKK4-eKjSnXLmSGfMGhc80ApkIxbn2E_cQai6FTL4tZni3Vxb-bkF4LRAy9OiyBw9bUPkTxHFEmidm8Sme7HV3IiyFMvhd4jgWS3OObi89r9gx4-AogvvXV4qnRN3uLrkdyZLT2HuL8Sa7S7bSJoETUbJN9-uZeQNTwI0giyj3ZSu5oJ88bXe0u8DyAQFqqVZ0VbgpjWqAco00M_bvc2ryKD6nTl25MHcrx2AuYFEKZQxxyTQTb4aBfcZUgqBnSkE-6fefIvJF6CdcbNbjbQeyTrR1ClAzyYpSHHyjEzF-YKNR2ONLaRNDaWu2k_pf92ocT58EnOFgklAZc6L30U-lEw9tRqRzSuiHytQf5j1WqgKvxo8kcJhArXSkJ9btiwAajf-ueuWl_S2Ht5nupcjI9PbdSMu3a8y_Fb_wwj5AZSndxJO2DA1gaqZLAO01cPAKi8eB133Avt5Wb3h_MtGAiwZEoJy3k7mKSojoBgNpm2eVk6NFhcnlQ0-ncYAODD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F144 0
0 80ms
80ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021091501&jk=671257358546789&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1881 0
59 B 48ms
47ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkAIfHNhRYfiJHrKhlQfnvqWQAQAAAAA4AeAEAg&bg=!PT6lPnrNAAZNQyuQTUM7ACkAdvg8WvZRT1GENhpdNRJ1R1-Pxda8zg_zY4K3x-P31-fPJ5qqn6CmNgIAAAJIUgAAALhoAQeZAxQedPN6fDvmpRCAl4_AvS5j2x_3F1_U4KiczFpGk3CAu6Un_Wc9SDM_V5i6Qt8I2kiYFRrKwq2stW5n6HM18eb8YYKcgeuU0CcKf65u6o_I4JMBuYQOzsxL_9oJEyDv0B5CvsSkvt1_ffF0z7nIer_-naa6_6D7tlohCJdckanNnXSZyDDTw5rgID-2_6KjrtUI8L5SzQQNe5frqHCiF7_vsinSKcu9AJHIRsYOtJY77f7RcJIiOs6Y6CYe43ADx1g6YWUN9ROr-cCcVubggrn-UeY_YLPmI3CEeyPQ5lHpwXvH35NSMtbS-MkLDLUhoa_mAIgGI1Re36_ul-ZrdPHIfoXetsibthY7HZ2WVhdZmP4-T7PLkswRWltIVu7QfpQzhNQYI2u66pDqlnv99QiKCfY7XfWwCjU80_vCX6d0r1_naewnPHnjYWS9xHOeyBlM1ANCw53FjmfpAG8mfdtZQTIIV1FogiqMXHG6M28-zu5R6wzyCBAHMB3OO5B0fgcz_-RxntDg2Pzu1WRf-BmTCRxEWFUzvszAs7a5f3AbO8-v2rd6Bm4lTMf22q9vOUlV6TOExoL6Op31Xp4XgFJ5wa7VciAqPVduocEuJRD9nl_F1qtFpxtzxSUfVIc4BFtgqrJ7a769vBn9v9-CF6VdKtL5OdxB3uskEH7MQF0DpUmuLxqtARbjaq5Iuhl2GkB7IF7EAIVnM2YZCgACatn15-mBJj9fAToAxasWU_6P6mqciNE4PUqYdeC7cZhCM-QMhSkx_olSWpTN7Fp0PT2ggVKCa4kWviDSeqG87jLb4AcMAfVZ8D8k7vI7R0WHqS4f806f9WJu3HxjodYGV0j-nodfGkywrOUO9iJT9vjBvdMdiVmFk6GqVWhc1vApeioGA5IxOqq49fhIrhQCjF7_-OFYTUpex141WyguRI2F45QCByVt_krSmXUvXDe5nJfmTmzWxR0r47z7DY4wSFpRWJ9EPkl3TmoT981HQjP9aSq7JOZ_OEzAggBFMoZV_4ALP5mElN627R0KZnwdH7xEd8MVVA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F457 0
59 B 47ms
47ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpFKAHNhRYd3aH93H7_UPsLyIkAoAAAAAOAHgBAI&bg=!FhWlFVHNAAZNQyuQTUM7ACkAdvg8WlIVryNai4OUlNOpnc1HUSmNF3sk8aguKljDWus1k8cdERpxawIAAAJfUgAAALZoAQeZA0_oEn93vK5xz2zeZu2FxE9UJWDtNSWFzdxenMNB8F9shMwmypjSFGZIVMFKhE7o7wZTx4DStlt8VoGaXiWm-3e28zbpVhdCARMDRhhPckX2GBkGYOyfR7Z7DtlhLMv980npBHgPYrZTAnBtUrGBwCfnsFawFIOVYdxFTGUY6G1AMX1MkVsBCc2cjXt5cI7fhsZstmynnrqXy0BcTGAnzGia79vUCcKhRhr5RNd_GKIPfeXVnPemshQMU87Z0wApqmrmqPgCBtJQmO4_qZze_2RgnjuO9nwY7jyZBzdTVmq8qvva3pPOwthCX5OkCIawDLGARgQOIU2esvSBAHIqIQcZhwBK41FKNpsePW2ELZLYAsyHsLiiK-XOOtT2XtkwGZqF6_69PJU3XRud4gsPAPkiODgBa72zTfE_-Pwpq1WxVXHij5Yzp7L29eHade_SS5xvHsMZxP6Vj21lY4BYjU60ocUVXhPu8wGuP4DOm73UPtA2X_OSxs1WC__qQL0YrfHpzAWMkBz1z_c02LjyfE8ZqQOxrO8iIuyY-TLjDoGy-WuelWmHUNOH7N8wr2DEipqVehj7lLn1FkXUqwnYiT7rECNDvhCEJLuRmtAlpWnt38hhuq-sASHoWwkrJR0_3qORrwbpgkmW35s3xV11AgN7bz_-7ivJ1hDcSvWzipihAbcBBnEs1-tBfZ7YQNVQg9i3sc1_a6aDWbERYatSOkfm5MG1e9OQ1prKfMieI4fGUnY0KzycRk2PWf4LRNpWRwxBQHR4Vj7cH6NYhnL_pBb8GwteBcaMELHJWulvv4tJLVaLD5SjwgVxNw5Mx99DgDUH4NFVy83Y9H84YFubLoFFhvNAH79AHmGZqlp_9-sZlqbIEMRE60YJyCx6dnoZDPDZi5kxwh1n4yS4U08HnfmpvGxaKxIm9hfnqOW0gwskmNgalvOX-1AamooMjOYAeH_KUhV61fzOFiQS-67OKDQ6T7SSZO2AsDE97jzJQs7-ed_X9rw7zBcopXAldybWoT9JcZswwE65_s9jMyFwq6f0Ep_OWjtx9iph7ChL8vNkF8OGx_aCiALMmPH1xDln0_PXuNREa8valTtGIlXXRS__3MRUMqS3qWP9XRYC6GQ4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 50 B
318 B 362ms
119ms Script
application/javascript 158.69.139.225
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=hawtcelebs.com&_ss=xvlqsp8qls&_pv=1&_ls=0&_u1=1&_u3=1&_cc=de&_pl=d&_cbid=6jzz&_cb=_dtspv.c
Requested by: Host: t.dtscout.com
URL: https://t.dtscout.com/i/?l=https%3A%2F%2Fwww.hawtcelebs.com%2F&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.225 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip225.ip-158-69-139.net
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5744126a7056f41d4638499af797ed38a9ca21621e913946e650a13da344d3cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:34 GMT
X-T: 0.161
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Mon, 27 Sep 2021 14:41:33 GMT

GET
H2 200 tc.js Show response
cdn.tynt.com/ 17 KB
7 KB 145ms
52ms Script
application/javascript 104.16.88.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/tc.js
Requested by: Host: waust.at
URL: https://waust.at/c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.88.26 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:45 GMT
server: cloudflare
age: 63745
etag: W/"61295205-431d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 69557e6029d55c56-FRA
expires: Thu, 30 Sep 2021 14:41:34 GMT

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 101ms
47ms XHR
application/json 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210927

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.12.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a8b3143de04f77d3743ca3d94a0b4c462e9178b2a65ffb119d2d6f88aea95a6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hawtcelebs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 40349
x-jsd-version: 1.0.1112
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 953
etag: W/"695-HwbnefgGmL4f3mqH04jBDIcX10Q"
x-served-by: cache-fra19181-FRA
x-jsd-version-type: version
date: Mon, 27 Sep 2021 14:41:34 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 style.css
s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/css/ Frame 9B3D 2 KB
573 B 26ms
25ms Stylesheet
text/css 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34bbf0e68b1f0e040921b1bfa458fb3e60bac3ddc924bd27a196f4cfc240bfd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 13:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3243
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 468
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 16:08:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 13:47:31 GMT

GET
H2 200 meghan-thee-stallion-performs-at-governor-s-ball-2021-in-new-york-09-25-2021-12_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2021/09/ 38 KB
39 KB 55ms
55ms Image
image/jpeg 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hawtcelebs.com/wp-content/uploads/2021/09/meghan-thee-stallion-performs-at-governor-s-ball-2021-in-new-york-09-25-2021-12_thumbnail.jpg
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1632727982/036e05035cbef88431e89138f2969605.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52acc0a283dae0496a4f6c7b177183a61acaea196ab508be721035445353486e

Request headers

:path: /wp-content/uploads/2021/09/meghan-thee-stallion-performs-at-governor-s-ball-2021-in-new-york-09-25-2021-12_thumbnail.jpg
pragma: no-cache
cookie: _dlt=1; __qca=P0-231294886-1632753690962; udmsrc=%7B%7D; __gads=ID=2e3a6d588cf1e027:T=1632753690:S=ALNI_MZPm4iAaOSarLHPqjyclmPzVTtdjw; _ga=GA1.2.253180117.1632753691; _gid=GA1.2.11169151.1632753694; _gat_gtag_UA_10995097_8=1; sf_ck_tst=test
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hawtcelebs.com
referer: https://www.hawtcelebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8939
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 39397
last-modified: Mon, 27 Sep 2021 12:12:26 GMT
server: cloudflare
etag: "6151b52a-99e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yaOY7FnQWggcWdKOAn1NYwZls5jl18AdDjIRZFsNV%2FRWMVLLQi5DRYUPYGJaHjKLA8FunirSCzk4zRbWaKDJ5AUF4wpoN%2FGx0XKBFj1xXUvNU00XTirR6m05%2BpQYYm%2FnVm9jK2N9kBvwoVJDQl2BasI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69557e5ffdaa325c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gigi-hadid-at-versace-special-event-in-milan-09-26-2021-9_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2021/09/ 52 KB
52 KB 31ms
30ms Image
image/jpeg 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hawtcelebs.com/wp-content/uploads/2021/09/gigi-hadid-at-versace-special-event-in-milan-09-26-2021-9_thumbnail.jpg
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1632727982/036e05035cbef88431e89138f2969605.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f5ef1a821e915318035418c14c515243c9321543fab8cb45fb6f547edb0bd96

Request headers

:path: /wp-content/uploads/2021/09/gigi-hadid-at-versace-special-event-in-milan-09-26-2021-9_thumbnail.jpg
pragma: no-cache
cookie: _dlt=1; __qca=P0-231294886-1632753690962; udmsrc=%7B%7D; __gads=ID=2e3a6d588cf1e027:T=1632753690:S=ALNI_MZPm4iAaOSarLHPqjyclmPzVTtdjw; _ga=GA1.2.253180117.1632753691; _gid=GA1.2.11169151.1632753694; _gat_gtag_UA_10995097_8=1; sf_ck_tst=test
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hawtcelebs.com
referer: https://www.hawtcelebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 52980
last-modified: Mon, 27 Sep 2021 12:11:24 GMT
server: cloudflare
etag: "6151b4ec-cef4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fQ9%2FjsNRChNKotu%2FRLGkkNbLaILAM9fn8v%2BTnJW42UwtKbbEkoLjKVsI3gITvQFVSsTqQEQKXrs%2BucwcnlwsYOWMqkJFPHD1nYfYjrBVuxQwU4RXMEHpfawzdZPGGyxc%2FOP4u1Cu0fK3HvwVcb0BRpg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69557e5ffdab325c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 alissa-violet-at-offsunset-with-benny-blanco-cashmere-cat-launch-in-west-hollywood-09-25-2021-3_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2021/09/ 108 KB
108 KB 96ms
95ms Image
image/jpeg 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hawtcelebs.com/wp-content/uploads/2021/09/alissa-violet-at-offsunset-with-benny-blanco-cashmere-cat-launch-in-west-hollywood-09-25-2021-3_thumbnail.jpg
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1632727982/036e05035cbef88431e89138f2969605.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 853aa1271cc55ec218acc3290e6565e6921917cb1cf2317a6c7cff71cb77b386

Request headers

:path: /wp-content/uploads/2021/09/alissa-violet-at-offsunset-with-benny-blanco-cashmere-cat-launch-in-west-hollywood-09-25-2021-3_thumbnail.jpg
pragma: no-cache
cookie: _dlt=1; __qca=P0-231294886-1632753690962; udmsrc=%7B%7D; __gads=ID=2e3a6d588cf1e027:T=1632753690:S=ALNI_MZPm4iAaOSarLHPqjyclmPzVTtdjw; _ga=GA1.2.253180117.1632753691; _gid=GA1.2.11169151.1632753694; _gat_gtag_UA_10995097_8=1; sf_ck_tst=test
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hawtcelebs.com
referer: https://www.hawtcelebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9186
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 110173
last-modified: Mon, 27 Sep 2021 12:08:25 GMT
server: cloudflare
etag: "6151b439-1ae5d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYKcYm08BGGp4RduUjK2TDfxIvc6P%2BhA%2F0M8azh1RkaYTtRrurg7naH0YOxaqKtlqVjOUJCId%2FfeD2pPOQik6inW0JaAFR%2BLio%2BACVUq5%2FkXmPVgnArXdEgLGf8CLTPvpDqvWdZ1TQKI7Gr4MlYUkLc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69557e5ffdac325c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 laverne-cox-at-academy-museum-of-motion-pictures-opening-gala-in-los-angeles-09-25-2021-4_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2021/09/ 67 KB
67 KB 110ms
110ms Image
image/jpeg 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hawtcelebs.com/wp-content/uploads/2021/09/laverne-cox-at-academy-museum-of-motion-pictures-opening-gala-in-los-angeles-09-25-2021-4_thumbnail.jpg
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1632727982/036e05035cbef88431e89138f2969605.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c2668897ee1ff467d51ff41483a4aa80789c359aa49dd42fa7cde0e3609b95c

Request headers

:path: /wp-content/uploads/2021/09/laverne-cox-at-academy-museum-of-motion-pictures-opening-gala-in-los-angeles-09-25-2021-4_thumbnail.jpg
pragma: no-cache
cookie: _dlt=1; __qca=P0-231294886-1632753690962; udmsrc=%7B%7D; __gads=ID=2e3a6d588cf1e027:T=1632753690:S=ALNI_MZPm4iAaOSarLHPqjyclmPzVTtdjw; _ga=GA1.2.253180117.1632753691; _gid=GA1.2.11169151.1632753694; _gat_gtag_UA_10995097_8=1; sf_ck_tst=test
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hawtcelebs.com
referer: https://www.hawtcelebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9265
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 68433
last-modified: Mon, 27 Sep 2021 12:07:04 GMT
server: cloudflare
etag: "6151b3e8-10b51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKxn7FRo7u53PYiUK3uo4TshipHByEIjJgRsEiD5h1u8hNLIUFV3%2BqCcnJmJ8Vlbq7pV4YeDGxCF1eOlT%2B5qZtg%2BY8W5dpAUh3aJNV%2FdwUIY%2FlAKq9mKsroFxpOB7hxrt5vFd4o%2FU2w8K9woiuGUsMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69557e5ffdad325c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ariann-murad-at-rumba-love-premiere-at-landmark-theater-in-los-angeles-09-22-2021-3_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2021/09/ 62 KB
63 KB 111ms
110ms Image
image/jpeg 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hawtcelebs.com/wp-content/uploads/2021/09/ariann-murad-at-rumba-love-premiere-at-landmark-theater-in-los-angeles-09-22-2021-3_thumbnail.jpg
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1632727982/036e05035cbef88431e89138f2969605.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 448daa705cc16f302bd65576425925a14e5d57480e07b0e955aff52c342bca1d

Request headers

:path: /wp-content/uploads/2021/09/ariann-murad-at-rumba-love-premiere-at-landmark-theater-in-los-angeles-09-22-2021-3_thumbnail.jpg
pragma: no-cache
cookie: _dlt=1; __qca=P0-231294886-1632753690962; udmsrc=%7B%7D; __gads=ID=2e3a6d588cf1e027:T=1632753690:S=ALNI_MZPm4iAaOSarLHPqjyclmPzVTtdjw; _ga=GA1.2.253180117.1632753691; _gid=GA1.2.11169151.1632753694; _gat_gtag_UA_10995097_8=1; sf_ck_tst=test
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hawtcelebs.com
referer: https://www.hawtcelebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9307
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 63651
last-modified: Mon, 27 Sep 2021 12:06:22 GMT
server: cloudflare
etag: "6151b3be-f8a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzoaJMJPqeEYWy%2BHkKxEzwba1j8d3YNqIycUYGqTAOsu4snAiDIGVLKtcVJ%2ByBHDiU%2Fu7ke0RXi7qLP3ofW76Z5Y2Ku87nzMQtc%2Bq6XPwADpORllYkdBgkANpyj3nyj8Z7pYVPjguI28qU1%2F7K8nbaw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69557e5ffdaf325c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 helen-flanagan-night-out-in-london-09-26-2021-6_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2021/09/ 49 KB
50 KB 63ms
63ms Image
image/jpeg 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hawtcelebs.com/wp-content/uploads/2021/09/helen-flanagan-night-out-in-london-09-26-2021-6_thumbnail.jpg
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1632727982/036e05035cbef88431e89138f2969605.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5378474e9a30594d2fa154c4a0cebdd3cbf903eba394f7b710f4ac26d40076f

Request headers

:path: /wp-content/uploads/2021/09/helen-flanagan-night-out-in-london-09-26-2021-6_thumbnail.jpg
pragma: no-cache
cookie: _dlt=1; __qca=P0-231294886-1632753690962; udmsrc=%7B%7D; __gads=ID=2e3a6d588cf1e027:T=1632753690:S=ALNI_MZPm4iAaOSarLHPqjyclmPzVTtdjw; _ga=GA1.2.253180117.1632753691; _gid=GA1.2.11169151.1632753694; _gat_gtag_UA_10995097_8=1; sf_ck_tst=test
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hawtcelebs.com
referer: https://www.hawtcelebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12925
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 50396
last-modified: Mon, 27 Sep 2021 11:06:01 GMT
server: cloudflare
etag: "6151a599-c4dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zjwQJnUOmO5fNyz23FUmrtFSG7fRv%2BFhXYp7Jwhd5ieh0wvW7J3a39LJp77JUwWrowk2fGL8XKySmDOYOqHipI3k%2F4yVcnJnSQj4wW%2FpapUf6oiQm%2BHpLsp6wJGx5U0w1Ar43HE%2F%2B94kVfpmD45ibMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69557e5ffdb0325c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mollie-king-at-global-radio-studios-in-london-09-26-2021-6_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2021/09/ 55 KB
56 KB 58ms
57ms Image
image/jpeg 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hawtcelebs.com/wp-content/uploads/2021/09/mollie-king-at-global-radio-studios-in-london-09-26-2021-6_thumbnail.jpg
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1632727982/036e05035cbef88431e89138f2969605.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db246a19437446ef17f4f45766deac36198aed592c8a3c6a8a6b780d852d57c4

Request headers

:path: /wp-content/uploads/2021/09/mollie-king-at-global-radio-studios-in-london-09-26-2021-6_thumbnail.jpg
pragma: no-cache
cookie: _dlt=1; __qca=P0-231294886-1632753690962; udmsrc=%7B%7D; __gads=ID=2e3a6d588cf1e027:T=1632753690:S=ALNI_MZPm4iAaOSarLHPqjyclmPzVTtdjw; _ga=GA1.2.253180117.1632753691; _gid=GA1.2.11169151.1632753694; _gat_gtag_UA_10995097_8=1; sf_ck_tst=test
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hawtcelebs.com
referer: https://www.hawtcelebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12987
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 56556
last-modified: Mon, 27 Sep 2021 11:05:01 GMT
server: cloudflare
etag: "6151a55d-dcec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JgF6PmfRLUeUrK3XLehRkO0Iv%2BKSttcOXChUym06A8IhC64tn%2FPnD60Kcamr4eqQH5BWZGsV%2FUCofIGY26QTxH0C0VekssR%2BPr6EDzoulRjq9ad2bdE4BGAtggZpkqwrxHwS7SMuYHLNMrGVi%2BRYgw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69557e5ffdb1325c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 aida-domenech-arrives-at-ermanno-scervino-fashion-show-in-milan-09-25-2021-4_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2021/09/ 69 KB
69 KB 86ms
86ms Image
image/jpeg 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hawtcelebs.com/wp-content/uploads/2021/09/aida-domenech-arrives-at-ermanno-scervino-fashion-show-in-milan-09-25-2021-4_thumbnail.jpg
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1632727982/036e05035cbef88431e89138f2969605.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70b2d75b457ce831a3fd0517187e7bf885c9c9f654419e6e01c2dd393de57412

Request headers

:path: /wp-content/uploads/2021/09/aida-domenech-arrives-at-ermanno-scervino-fashion-show-in-milan-09-25-2021-4_thumbnail.jpg
pragma: no-cache
cookie: _dlt=1; __qca=P0-231294886-1632753690962; udmsrc=%7B%7D; __gads=ID=2e3a6d588cf1e027:T=1632753690:S=ALNI_MZPm4iAaOSarLHPqjyclmPzVTtdjw; _ga=GA1.2.253180117.1632753691; _gid=GA1.2.11169151.1632753694; _gat_gtag_UA_10995097_8=1; sf_ck_tst=test
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hawtcelebs.com
referer: https://www.hawtcelebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13155
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 70363
last-modified: Mon, 27 Sep 2021 11:02:16 GMT
server: cloudflare
etag: "6151a4b8-112db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BJbdXB5voIRvizN0RVGG4QxFuq1%2BgUkT1oJlLFZw8f1WziKwWED3QEssNaIKcxf8OttWzMzqxfaIR4XAM9J%2BEWK1245Ivo2VV7Dc9lYKbU8sUMegClm0iFJgSicRBf5r9z2khtwoCsWQ8ueyrcpTes%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69557e5ffdb3325c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 olivia-palermo-arrives-at-ermanno-scervino-show-at-milan-fashion-week-09-25-2021-2_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2021/09/ 66 KB
66 KB 105ms
105ms Image
image/jpeg 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hawtcelebs.com/wp-content/uploads/2021/09/olivia-palermo-arrives-at-ermanno-scervino-show-at-milan-fashion-week-09-25-2021-2_thumbnail.jpg
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1632727982/036e05035cbef88431e89138f2969605.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e40c8ae725b404793dc7f2b06ef31e14f6e3b5abd22f8c2847c489069faf7a3

Request headers

:path: /wp-content/uploads/2021/09/olivia-palermo-arrives-at-ermanno-scervino-show-at-milan-fashion-week-09-25-2021-2_thumbnail.jpg
pragma: no-cache
cookie: _dlt=1; __qca=P0-231294886-1632753690962; udmsrc=%7B%7D; __gads=ID=2e3a6d588cf1e027:T=1632753690:S=ALNI_MZPm4iAaOSarLHPqjyclmPzVTtdjw; _ga=GA1.2.253180117.1632753691; _gid=GA1.2.11169151.1632753694; _gat_gtag_UA_10995097_8=1; sf_ck_tst=test
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hawtcelebs.com
referer: https://www.hawtcelebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13199
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 67202
last-modified: Mon, 27 Sep 2021 11:01:28 GMT
server: cloudflare
etag: "6151a488-10682"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKz4kNA8SLTyjnxrcAy74xY9e1jCJsODsEzqSqIPxNH7RK9s8iUh2khnZObUG5tHgcW8N6bnMfxmCbLxAuh5G3mfAfN6DZl5wgZHmm8wGEtr3wHlinHPxsao8fVNXUkOMYnvadmSS%2B3OWxHxSKMWDvA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69557e5ffdb4325c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 maria-teresa-buccino-arrives-at-ermanno-scervino-fashion-show-in-milan-09-25-2021-3_thumbnail.jpg
www.hawtcelebs.com/wp-content/uploads/2021/09/ 60 KB
61 KB 108ms
108ms Image
image/jpeg 2606:4700:3036::ac43:b893
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hawtcelebs.com/wp-content/uploads/2021/09/maria-teresa-buccino-arrives-at-ermanno-scervino-fashion-show-in-milan-09-25-2021-3_thumbnail.jpg
Requested by: Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1632727982/036e05035cbef88431e89138f2969605.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:b893 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aca80773b7eab4eccd26614ab3313abf331213f82be70cc38c4fa86cc831f749

Request headers

:path: /wp-content/uploads/2021/09/maria-teresa-buccino-arrives-at-ermanno-scervino-fashion-show-in-milan-09-25-2021-3_thumbnail.jpg
pragma: no-cache
cookie: _dlt=1; __qca=P0-231294886-1632753690962; udmsrc=%7B%7D; __gads=ID=2e3a6d588cf1e027:T=1632753690:S=ALNI_MZPm4iAaOSarLHPqjyclmPzVTtdjw; _ga=GA1.2.253180117.1632753691; _gid=GA1.2.11169151.1632753694; _gat_gtag_UA_10995097_8=1; sf_ck_tst=test
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.hawtcelebs.com
referer: https://www.hawtcelebs.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15095
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 61750
last-modified: Mon, 27 Sep 2021 10:29:56 GMT
server: cloudflare
etag: "61519d24-f136"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YnGIQSt0DwK7Oqhce11rdXo1yejf4hHPFOedyTtAGbMIbX8NcXy0IWc17MKMtq%2BRgpEgzxz6se6Y2Bmeul2EAwDnMVGKDlQS2vsGPuXMH748GAGEnl4RHBlYUOUXHyvZxrmNm%2BAyisDkOU%2BOoIORV6s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 69557e5ffdb5325c-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1592801729.jpg
assets.vlitag.com/widget/2020/06/22/ 74 KB
74 KB 549ms
247ms Image
image/webp 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2020/06/22/1592801729.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 327362
cf-polished: qual=85, origFmt=jpeg, origSize=103053
content-disposition: inline; filename="1592801729.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 75514
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Mon, 22 Jun 2020 04:55:29 GMT
server: cloudflare
etag: "5ef039c1-1928d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QllpteFCSuiaOyMKOWW3hP%2Bso64%2Fu4t4PZnHE2vBxeJaiZP7dOkIKicnclDDO2KFxSMRD4nezEVndhMRkpYZmC4Qn%2F0XT6XCTOKUxdAFW6Y1I%2BWUkNjhKZunpnrpN6ux9lbqrOzL4AaFCObo7%2Foz"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 23 Sep 2021 20:15:33 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 69557e621ccd6934-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1596163502.jpg
assets.vlitag.com/widget/2020/07/30/ 104 KB
105 KB 359ms
58ms Image
image/webp 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2020/07/30/1596163502.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 333534
cf-polished: qual=85, origFmt=jpeg, origSize=140376
content-disposition: inline; filename="1596163502.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 106784
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Fri, 31 Jul 2020 02:45:02 GMT
server: cloudflare
etag: "5f2385ae-22458"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y1ku1OqLvPWYedC8zSePr4qkeavKZX6pfrtzKyUDlB9OIbu8hzJJMAryOuOvdda5vv0pQTtqD09%2BqT5JjetZPEKtvO6SyAn48fKy8ymUvoMdZbzD%2FSuT28msa1oksLhSwo%2BrOM%2BFVlp8s5Vx8yD5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 23 Sep 2021 18:32:41 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 69557e621cce6934-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1572962767.jpg
assets.vlitag.com/widget/2019/11/05/ 46 KB
47 KB 618ms
317ms Image
image/webp 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2019/11/05/1572962767.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94a1096d4ddd1232128b8a52859680031fd1aa9df3bec2a6e25e7cf4ffd95282

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 333999
cf-polished: qual=85, origFmt=jpeg, origSize=78339
content-disposition: inline; filename="1572962767.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 47174
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 05 Nov 2019 14:06:07 GMT
server: cloudflare
etag: "5dc181cf-13203"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2FiBkHsckD8baOpjIwKdC5e4Z15JNEIM5%2FNagh5aVk6NzfyQhKb5eSbhHNOwEEMyCxaeRRkiMqG17OhhAG1MKxwxC65I7NG4fKaM8g%2FYZdiq9r1JRzwimqrYlt52pAIfPl598g1NiEpl2Y9D1NwP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 23 Sep 2021 18:24:55 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 69557e621cd36934-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1572962788.jpg
assets.vlitag.com/widget/2019/11/05/ 83 KB
83 KB 463ms
162ms Image
image/webp 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2019/11/05/1572962788.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

268d81a69a9e1910b84cf74017fba73517adac9e466f83ba8f264da82e07e74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 421362
cf-polished: qual=85, origFmt=jpeg, origSize=111413
content-disposition: inline; filename="1572962788.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 84586
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 05 Nov 2019 14:06:28 GMT
server: cloudflare
etag: "5dc181e4-1b335"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOEb8cA%2F7RA%2FFechED98LvOmMMjDzKODiOTvGJ9qWSQuqlTD8caeAJN9ak8k9%2Fa7iJyFpjvxtefqMFfDR4SWQUvwISn0Ljw6cZhSTr%2Bz9SwYymYL%2BP51gnutn9EuoAUFde6YCoLiL7mXrpR%2Fv3fR"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Wed, 22 Sep 2021 18:08:53 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 69557e621cd76934-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1572962830.jpg
assets.vlitag.com/widget/2019/11/05/ 192 KB
192 KB 647ms
346ms Image
image/jpeg 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2019/11/05/1572962830.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1253914
cf-polished: degrade=85, origSize=227959, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 196267
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 05 Nov 2019 14:07:11 GMT
server: cloudflare
etag: "5dc1820f-37a77"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFAlvOx8qb0nmD%2F1y0Q%2BOpVFKiZLIPgmtRxqd3dAJONSbuJnZXlYjoPbD6XlyNtBtF6tGYmt6YYIBtHtpXbMKVV0HN%2Ffpgn3i2I49Ue82jOWtBFnIZ1GaS%2FlaFYG8kBmiv1QgK4GYVfmZQuVaImp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
expires: Mon, 13 Sep 2021 02:53:01 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 69557e621cd96934-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1592294784.jpg
assets.vlitag.com/widget/2020/06/16/ 20 KB
20 KB 997ms
696ms Image
image/webp 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2020/06/16/1592294784.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a9f4a4cc23bbe232be7f4ca796c9cf6f5edeabb85c1332a077df626c084cf4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 330659
cf-polished: qual=85, origFmt=jpeg, origSize=26122
content-disposition: inline; filename="1592294784.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20188
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 16 Jun 2020 08:06:24 GMT
server: cloudflare
etag: "5ee87d80-660a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydvH4aRDjfb2KO8QDjTK7TBgnPBSonc%2Fe2xVfEFep8zLbrvvlWD8duUKYWrl2BRBXHNpDZ5RrxQ11j9aluiTQxidqHLH7C081Dnd6u3Oebf%2FFydGvDhzfVv%2F7g42s%2FnLE6i2aLCV4W82nWgV%2BPvj"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 23 Sep 2021 19:20:36 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 69557e621cdb6934-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 1572962870.jpg
assets.vlitag.com/widget/2019/11/05/ 107 KB
108 KB 892ms
591ms Image
image/webp 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2019/11/05/1572962870.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 332009
cf-polished: qual=85, origFmt=jpeg, origSize=151033
content-disposition: inline; filename="1572962870.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 109336
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 05 Nov 2019 14:07:50 GMT
server: cloudflare
etag: "5dc18236-24df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KDXwNKKYTBamKLZr10B4MbATIja6ADn3XNWIYGLVDdk3AVOU1%2Fh9dyoY6u%2BHMrX7WWfWNuOBnO8hLK%2FZSa%2FL%2F2T3CippdWvGvffLREBDlgZSxcQE6MPmQm2k0W1IV0ilU26ifs8IwDyWJW5M7%2BR"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Thu, 23 Sep 2021 18:58:06 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 69557e621cdf6934-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js Show response
pagead2.googlesyndication.com/bg/ Frame 4B92 35 KB
13 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WAz-nyaJu9uVRUq8NsxhsXGtXViWwv7lV4sP3qP2SqA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13388
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 27 Sep 2022 10:05:51 GMT

GET
H/1.1 200
OK data
b26.s79.research.de.com/ Frame DBB0 43 B
308 B 54ms
54ms Image
image/gif 136.243.3.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b26.s79.research.de.com/data?/zsFmEPZAAL2vFBLl1FDLkqFK0kyByyAw0Az0A6zE0hF0jFi6BwyFl0FptFlBF2qoFx2AzyA31Az2A5yA0wAytE5wArwFt1F1kE2BFTkzFPPYDAAZAwSAcAAAARksFAQtjFmwnPSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.3.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h224.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:34 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 27-Sep-21 14:41:33 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 593ms
111ms XHR
application/json 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1632753694782&sessionId=5acdf7e3-988e-1c3e-efe7-d9f7aa65d5c1&url=www.hawtcelebs.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:35 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 769cd25e60a059953c96d6894fc05ed6
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
odb.outbrain.com/utils/ 42 KB
16 KB 433ms
262ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=%20&idx=0&rand=92360&key=NANOWDGT01&widgetJSId=TF_6&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&clid=5acdf7e3-988e-1c3e-efe7-d9f7aa65d5c1&fdu=www.hawtcelebs.com&px=451&py=1548&vpd=348&cw=537&settings=true&recs=true&version=2000448&sig=BM9GTtBL&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=1&ccpa=1---&ccpaStat=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6e96232396e871629bd7e1448580fb59675f654184b8d7d1c0a1e1e5b53335bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.117.53
x-cache-hits: 0, 0
x-traceid: a38d59a8b9ec288f0eaebdd508a12a63
content-encoding: gzip
content-length: 15781
x-served-by: cache-lga21953-LGA, cache-hhn4042-HHN
x-timer: S1632753695.956718,VS0,VE236
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK data
b24.s79.research.de.com/ Frame 4847 43 B
308 B 58ms
57ms Image
image/gif 148.251.247.207
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b24.s79.research.de.com/data?/aFsMEmYAALl1FDLkqFK0kyByyAw0Az0A6zE0hF0jFi6BwyFl0FptFlBF2qoFx2AzyA31Az2A5yAz4A3kEx1B3xBk4FssFqBFTkzFPPUCAAZAwSAcAAAARksFAQtjFVUbPSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.247.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h366.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:34 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 27-Sep-21 14:41:33 GMT

GET
H2 200 txt2@2x.png
s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/ Frame 9B3D 3 KB
4 KB 53ms
53ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/txt2@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9afcfbb516d061286018b9b082f0772b06d4d724355cbee19bce9e5f4af1ce3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:11:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 31 Aug 2021 16:08:37 GMT
server: sffe
age: 37781
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3523
x-xss-protection: 0
expires: Tue, 28 Sep 2021 04:11:53 GMT

GET
H2 200 txt3@2x.png
s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/ Frame 9B3D 2 KB
2 KB 55ms
54ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/txt3@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fb97d885def86fd41321d28af35d249840980f04008add1b50c00fb33273045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 13:47:13 GMT
x-content-type-options: nosniff
age: 3261
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2440
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 16:08:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 13:47:13 GMT

GET
H2 200 txt4@2x.png
s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/ Frame 9B3D 2 KB
2 KB 56ms
55ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/txt4@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4db407c6fe9734e39c440b08ace7fe8d289b8f6fb55813ee7bdadf839dc1de04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 22:03:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 31 Aug 2021 16:08:37 GMT
server: sffe
age: 59903
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2450
x-xss-protection: 0
expires: Mon, 27 Sep 2021 22:03:11 GMT

GET
H2 200 txt5@2x.png
s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/ Frame 9B3D 2 KB
3 KB 56ms
55ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/txt5@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee875ee2f0efbdb309d79115b758e972811b878dc057dba70a7021407702c8c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 12:19:31 GMT
x-content-type-options: nosniff
age: 8523
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2478
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 16:08:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 12:19:31 GMT

GET
H2 200 txt6@2x.png
s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/ Frame 9B3D 3 KB
3 KB 58ms
57ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/txt6@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51bc4eb2bea64e38233e655847ba31f46ae143de44733f01962496a022dbdd20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 13:47:32 GMT
x-content-type-options: nosniff
age: 3242
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3157
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 16:08:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 13:47:32 GMT

GET
H2 200 logo2.svg
s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/ Frame 9B3D 2 KB
1 KB 58ms
57ms Image
image/svg+xml 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/logo2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 12:19:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8523
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 16:08:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 12:19:31 GMT

GET
H2 200 bg2@2x.jpg
s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/ Frame 9B3D 26 KB
26 KB 59ms
58ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/bg2@2x.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

156a9e06b1c860a9e7965e2f0663a3529303ad2b26d580c4d67e81f81085d786

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:24:29 GMT
x-content-type-options: nosniff
age: 15425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26459
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 16:08:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Sep 2021 10:24:29 GMT

GET
H2 200 bg3@2x.jpg
s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/ Frame 9B3D 25 KB
25 KB 99ms
98ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/bg3@2x.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5322366c3830a97456895d4393281e7abd3e243379d234b289ea3379e5ceea5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:14:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 31 Aug 2021 16:08:36 GMT
server: sffe
age: 37603
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25771
x-xss-protection: 0
expires: Tue, 28 Sep 2021 04:14:51 GMT

GET
H2 200 bg4@2x.jpg
s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/ Frame 9B3D 26 KB
26 KB 60ms
60ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/bg4@2x.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4137e84913c8aca733ec3919a203554ab6e0029b7df14396ac67f1c5545c402e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 17:59:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 31 Aug 2021 16:08:36 GMT
server: sffe
age: 74502
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26118
x-xss-protection: 0
expires: Mon, 27 Sep 2021 17:59:52 GMT

GET
H2 200 legals@2x.png
s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/ Frame 9B3D 12 KB
12 KB 101ms
100ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/img/legals@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

593749616eb756ecdc0a3dc3d15a082830c121ddc2c4be784798fe1842403131

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1630426116691/15-IWE-Edition30-HalfPage-300x600-iRange/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:11:53 GMT
x-content-type-options: nosniff
last-modified: Tue, 31 Aug 2021 16:08:36 GMT
server: sffe
age: 37781
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12707
x-xss-protection: 0
expires: Tue, 28 Sep 2021 04:11:53 GMT

GET
H2 200 cmp2ui-en.js Show response
quantcast.mgr.consensu.org/tcfv2/34/ 219 KB
57 KB 56ms
56ms Script
text/javascript 2600:9000:2156:8400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/34/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.hawtcelebs.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e95015e979a80102c2ca35fd0d302a3d72fe378e46babe201e2219d41fab8658

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 20:40:55 GMT
content-encoding: gzip
age: 64840
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 02 Sep 2021 17:09:08 GMT
server: AmazonS3
etag: W/"e77784835dce13809b52939bdf8047be"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 479d15a99f4dd073131fba1516541469.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: JlifOenlFtrhC2TYvddtlz8-0DfL0tompVHM7cC3ZDFJ65XLzz7NLA==

GET
H2 200 google-atp-list.json Show response
quantcast.mgr.consensu.org/tcfv2/ 153 KB
37 KB 56ms
56ms XHR
application/json 2600:9000:2156:8400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.hawtcelebs.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e73d3b1d5d0310f9cf2a2e6edca7b52de355505e19a74794004e7654319fbc68

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.hawtcelebs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 03:01:30 GMT
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 42005
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 27 Sep 2021 03:01:28 GMT
server: AmazonS3
etag: W/"5cb5a7d33607f3cc1e6f9ed3a628919b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ZZLmEizwdmE2RqHB9h-0YrcxjyFIapISqd6EE_8GTMYR8c1aW51Q-g==

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 439ms
131ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!a9etg89wet&lm=0&ts=1632753694866&dn=TC&iso=0&t=HawtCelebs%20%E2%80%93%20Latest%20Celebrities%20Pictures
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK data
b199.s79.research.de.com/ Frame 0172 43 B
308 B 29ms
28ms Image
image/gif 136.243.6.97
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b199.s79.research.de.com/data?/9DpQEIYAATkzFkQ2OABAAAAAYAAAAsAAQAAAAAAeEAXAAAAsAARksFAQtjFH2iNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.6.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h243.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:34 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 27-Sep-21 14:41:33 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 258D 0
59 B 45ms
45ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BnYjfHNhRYZOsK9WO7_UPn-6vyAYAAAAAOAHgBAI&bg=!19Sl1JDNAAZNQyuQTUM7ACkAdvg8WpHyoliV8grj7zeS4EQLT5Gw2CrEpSb1cPgrgR9EjI9v0f10YAIAAAL5UgAAAD1oAQeZAw33ed8t3_-Osw2YC9UO4WrMEHN57xSAG_2FYwiUB9vV5bL6Zk423eEpmaS_s3FK-NdUUTozBfNKsgQuYXNAB6ubApciaq3FDLD4sxuFWU28mlVJlwq8xLvmDSpGlLXbypPEpRRARiot1FfVwNkRigN0KXii3FCB0kNkcAhX9hpzJwyHXg9BztuV_u_g9_xm88sOj7bFpvZi9oGxU9PPCunybOuobyfQbMB4suqinDT3hV2Gq5pwT_m-DPSZ4fh_gObcKMoL3t_NrpES5Fd0rAVjQIAmdapksl7KuOarYd-Rdz3m_ZiykEcYBdMm3KIOb2QH40xUZ0TSSaPs7YinZaIUcuXuVpFmWyAfMB2cqb5M0z_8gtLEIUSTnlJbEej9bng4B0wifHSjA-S1YuJT-ymBG1mLRRR-ET2vWqS1ogRIjd5SNWxflYME0ETEQUr_H4PPBb2PFitNwdH8X-T2WZ7qFnGjETV0z3Cek4MAFhaker-8UluY4LM3crqptztjmhZMDk3sIh7SviX0beAoXC36d6nRzz5DiRUjfYDyCKK-qk-6cpTjpJCwTx25OG5tyO2bBB0oWnouFEm_X6ro3hoyHEjaiF5-iWAS7v0N-Hz8Sa8lpW56afamq1sIu-niy9-py5WCmep2Q-49ZlDJMnKLNRvWcClwMf16lXWqUgZuR024QhCurdJqOAAIZEH7mNe5PZxRZMZX3gfMzXFuDMkgRYOsvKx9EwoI37BYR4r_heqjl0GNu0iGG2uGrMVEacj_4kfiiezenMr7ThmCykNTGRfS_gh2iehAc2xbpwIfbV5p7ctPjbUR2lf7y3FAmocraK5Dwzzg10o6yyEtjt8FegCzFPz9lSuJnbP0TpU_-RwXxFzlBrn1Nezbpp-j5xMKk1c6Af6GhhCBn8jeTeFSmxy7VhvT5C9YCjX86ckCHigsaHtEszAQqlC_xwpqe25qOjxXwoRYMA1VKg3YbmsLwmjs7v1tyaP4mL9pzszmwEx1upAi9GzuTE6ci9CafU4TaaoxdJMyIC3kz_MW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ 1 B
470 B 164ms
163ms Script
application/x-javascript 68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to

Full URL: https://udmserve.net/udm/img.fetch?sid=14863;tid=1;dt=6;gdprApplies=true;consentGiven=false;consentData=
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.8.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Mon, 27 Sep 2021 14:41:35 GMT
Connection: Keep-Alive
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Length: 1
Content-Type: application/x-javascript

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 80 B
538 B 130ms
39ms XHR
text/html 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22274pYeudnKvDs%22%2C%22domain%22%3A%22www.hawtcelebs.com%22%2C%22publisher%22%3A%22HawtCelebs%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.34%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%224rHc6iLEBI7fi7DodmBOXQ%22%2C%22clientTimestamp%22%3A1632753694988%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-my33k8yluwdmhbkccl8e%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/34/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.hawtcelebs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:18:36 GMT
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
vary: Origin
age: 37380
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 80
last-modified: Tue, 26 Nov 2019 14:21:44 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 0fYZHa1d8LJXuo9aPhylkMARXCEYvVWIiGB0J7Ss_92nea2rLgeb5A==

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 426ms
124ms XHR
application/json 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1632753695073&sessionId=5acdf7e3-988e-1c3e-efe7-d9f7aa65d5c1&url=www.hawtcelebs.com&cheqSource=1&cheqEvent=2&responseTime=857
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:35 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 18dbcd1cc81b66b953d3442225947cee
Content-Length: 4
Expires: 0

GET
H2 200 imp.gif
obs.cheqzone.com/tracker/ 43 B
158 B 123ms
122ms Image
image/gif 2600:1f18:e8a:cd02:882c:d916:bae1:7722
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e001369ecc030e94183999225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312711293df0660f478afe6d6e6474fbd498fbd39e874df61c45085052aae2d05f91e46042cca5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c02f0616e9656aaf970a62edc89825d957bd1fad811bc551c8c96dd82a77c3d835d27794d5efa186bde3112aa279bfeef2210231e88530c5b741b3141304865f5986d6c38681eb923bce6a88dee18c78b82e2132d32b789790971875d3e974af57b3c1189074af7b174d0f9e67ff439cd0be71f8df78d209f2c3d6d87298584363fa5e051f7f44718aec2df443d38cdf77ebde75fa933dd78ea9a62cc1f0f7512626b1b810158be3470b53afa2b363ac2699eb5ff3fd28b27dbc2c9353d008caab3ac7063ae2ae900b232d331120192b65b8fd9e3ec008b6595c0678eabe4bc38a5b59bcfe8af8cf3387b3a0a5d8afbdfb0f0d79ae5b94f5197c894328&cb=1632753695073&cri=a5XawOqPua
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:35 GMT
cache-control: no-cache, no-store, must-revalidate
cheq_headers_order: Cache-Control Pragma Expires Content-Type Date Connection Content-Length
content-type: image/gif
content-length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
77ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021091501&jk=671257358546789&bg=!EBOlE1fNAAZNQyuQTUM7ACkAdvg8WtzwPyB81Ha-nCAwz8ceH_YS7spLbbaX1E2L6clhVQzExcpSsAIAAAD7UgAAAAtoAQeZArs3-xUJQOaf2CoPPpU6_llrWnz4qDW2h2QYoge9yIzpfqU_5KEPVqSSclsJjeQFRXYQkb_x4eUsTzjrkOtd-kVlpslRHYwjFey_Cf-RZnoMsLWucnEGxZCuhqrY3I80bkXxP9JsUQasD9c2IJW8yngdnaGKSI_UvIoUrBZrpF8qd0D53hfGXKTn0XYZEdkjL9C2ct_0H2R1l_waACDOgbNXt1lUiSVO3Xe9WuP3LdbH5qy9yw37pQATucNwFQ0PXo8Og-7lbUVkqUH6XMvrItuUG1BcMAJ5qave4sCYhryAjmtyviC3XFyw5iO_uhRfo7Ku-yjZtDn3Z2O2G8xxWuuCrMm9t-qOk7blPuzEglHb_mQCren36BDDR1i_9aGt2HnTBoT7gukDD8D-5SHORhdDtLPEs0IfGvvg42eIZeUHGUwIvxAEu5s3HgDzdwumOUGuhskJRQgpUVr6ZOni1zjNxX8Lvqe_SyQwt8BGBEaabeUZ1iSKpUAvsZkIm3uAh1ke6C_bqMMJPQygeOpLNFyTpyIByrkRl6us_Mh52NSmKb1vAHGjErf8W3b79g5997R_xaVU5MqkTn63-D1OWBPox9RbZ-hHpTxmd6R9viK0VKD822Fr5Ie2PB5oDd7ghCdhB5TZyzukTDEGjadSyKfoC7tH82_o_Jz6WJql8h6RNgtxeuM_Dl9ehx3pU0eU4Popuj8P1X0oidFS5OS0TyQzYlOajQn6AdQrfcQ8Q1ScBDXf-wpzkVFQNIzLXrUKYisLdkM_QZmbMkqSrccif2S2YLwuh5xMxeC0D8GxoKKggrRnHXr0TVQXtR4QF9gQafKX_vu-v4q2_6-xU68lEaiyv80e1CrG_CCm7ZCNOS23z8lWcIz4zIWyC0MCCqBE6YmuLVh28Pm0XvgLIstslz3_0fh_slatFdAEeJ0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 463ms
148ms Script
application/javascript 67.202.105.31
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=w!a9etg89wet&dn=TC&cc=1&r=&us_privacy=1---
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/tc.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.31 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip31.67-202-105.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Tue, 28 Sep 2021 14:41:35 GMT

GET
H2 200 ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 7 KB
7 KB 29ms
28ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
last-modified: Thu, 24 Jun 2021 14:35:21 GMT
server: AkamaiNetStorage
etag: "f370d19306add072a726e7f4ade8dc57:1624546051.286567"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7090
expires: Wed, 27 Oct 2021 14:41:35 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 29ms
29ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
last-modified: Thu, 24 Jun 2021 14:35:21 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1624546014.914244"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Wed, 27 Oct 2021 14:41:35 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 516ms
127ms Fetch
text/plain 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=73fdf2a2fc296dc8a467efc71e41184a_34839_1632753695131&tm=1264&eT=0&widgetWidth=537&widgetHeight=507&widgetX=452&widgetY=1533&wRV=2000448&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&cheq=2&rtt=452&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 27 Sep 2021 14:41:35 GMT
content-encoding: gzip
X-TraceId: cdefb272c19194ca09ce696d9492a7e7
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 obUserSync.html Show response
widgets.outbrain.com/widgetOBUserSync/ Frame 03FE 18 KB
6 KB 37ms
37ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b840bc2d7c32af2aee17606765eaef19e15d054479d251e481e51eafb1a37f81

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /widgetOBUserSync/obUserSync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.hawtcelebs.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "4c0d9fcd1b4fc8a80d2ea64c7a7c71d1:1632318857.747213"
last-modified: Wed, 22 Sep 2021 13:54:08 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=86400
expires: Tue, 28 Sep 2021 14:41:35 GMT
date: Mon, 27 Sep 2021 14:41:35 GMT
content-length: 6129
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1632753695~rv=11~id=15d946213af2e2ba84612a33ead66374; path=/; Expires=Mon, 27 Sep 2021 14:41:35 GMT; Secure; SameSite=None

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000448/module/ 56 KB
19 KB 41ms
40ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000448/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 29deb230247997384fd3a613a696c3fe84bfea1e4297ad88361e61df9986efab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:13:36 GMT
server: AkamaiNetStorage
etag: "380e54492e0ffb13587d07340a1f202d:1632382598.680993"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 18496

GET
H2 200 get Show response
odb.outbrain.com/utils/ 7 KB
3 KB 151ms
150ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=%20&idx=1&rand=97170&key=NANOWDGT01&widgetJSId=TF_1&va=true&et=true&format=html&pdobuid=-1&t=NzNmZGYyYTJmYzI5NmRjOGE0NjdlZmM3MWU0MTE4NGE=&adblck=false&abwl=false&clss=G0FrUMnwxMt%2BJ2IfT5BsD8KYkdtX%2B%2BgOTC00GKYRMulpnVmslpbhT28dLIZwNZyKlGC8ZqTeTCrfy1pT&px=451&py=10369&vpd=9169&cw=537&settings=true&recs=true&version=2000448&sig=BM9GTtBL&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=1&ccpa=1---&ccpaStat=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0a3b2e5bc2bb9d674168262d72eafe092af82b0aaf9e6e408c72f33b9f3b0d4b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1632753695.254501,VS0,VE122
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
backend-ip: 157.52.117.30
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0, 0
x-traceid: b142bad0465e18b2e180bae17b524f86
content-encoding: gzip
content-length: 2500
x-served-by: cache-lga21930-LGA, cache-hhn4042-HHN

GET
H2 200 eyJpdSI6ImRkZWUyNjI5N2QwMmRhODhlMWVlMGEwNmI4NjdiZjUxMmVjZmM5ZWQxMzUyMjlmMTAxZTFlNGMwNWFiMzQyMjMiLCJ3IjozNjAsImgiOjMwMCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 3 KB
3 KB 139ms
34ms Image
video/mp4 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImRkZWUyNjI5N2QwMmRhODhlMWVlMGEwNmI4NjdiZjUxMmVjZmM5ZWQxMzUyMjlmMTAxZTFlNGMwNWFiMzQyMjMiLCJ3IjozNjAsImgiOjMwMCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
cache-control: max-age=1898388
last-modified: Fri, 03 Sep 2021 16:32:59 GMT
x-traceid: 3b0947ce7dc6576dbd70f6406e06b34c
timing-allow-origin: *
content-length: 190053
content-type: video/mp4

GET
H2 206 eyJpdSI6ImRkZWUyNjI5N2QwMmRhODhlMWVlMGEwNmI4NjdiZjUxMmVjZmM5ZWQxMzUyMjlmMTAxZTFlNGMwNWFiMzQyMjMiLCJ3IjozNjAsImgiOjMwMCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 0
0 227ms
123ms Media
video/mp4 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImRkZWUyNjI5N2QwMmRhODhlMWVlMGEwNmI4NjdiZjUxMmVjZmM5ZWQxMzUyMjlmMTAxZTFlNGMwNWFiMzQyMjMiLCJ3IjozNjAsImgiOjMwMCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://www.hawtcelebs.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
last-modified: Fri, 03 Sep 2021 16:32:59 GMT
content-type: video/mp4
Content-Range: bytes 0-190052/190053
cache-control: max-age=1898388
x-traceid: 3b0947ce7dc6576dbd70f6406e06b34c
timing-allow-origin: *
Content-Length: 190053

GET
H2 206 eyJpdSI6ImRkZWUyNjI5N2QwMmRhODhlMWVlMGEwNmI4NjdiZjUxMmVjZmM5ZWQxMzUyMjlmMTAxZTFlNGMwNWFiMzQyMjMiLCJ3IjozNjAsImgiOjMwMCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 186 KB
186 KB 234ms
130ms Media
video/mp4 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImRkZWUyNjI5N2QwMmRhODhlMWVlMGEwNmI4NjdiZjUxMmVjZmM5ZWQxMzUyMjlmMTAxZTFlNGMwNWFiMzQyMjMiLCJ3IjozNjAsImgiOjMwMCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bb67ac3e8bd32b276192fb09c1d7726103a5f85cb5680d47e2694040081dab4b

Request headers

Referer: https://www.hawtcelebs.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
last-modified: Fri, 03 Sep 2021 16:32:59 GMT
content-type: video/mp4
Content-Range: bytes 0-190052/190053
cache-control: max-age=1898388
x-traceid: 3b0947ce7dc6576dbd70f6406e06b34c
timing-allow-origin: *
Content-Length: 190053

GET
H2 200 eyJpdSI6IjUxOThjMzAyZWI3NGYwYzU5YWY4YWI5MzY3NDE2ODNjMDI5YjJlZTM4OTcxNjMxYjNkNjYzOWUzNDdhYTlkMzUiLCJ3IjozNjAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 50 KB
51 KB 238ms
137ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjUxOThjMzAyZWI3NGYwYzU5YWY4YWI5MzY3NDE2ODNjMDI5YjJlZTM4OTcxNjMxYjNkNjYzOWUzNDdhYTlkMzUiLCJ3IjozNjAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d21c40f02ef72b74fefeffd2b3664bbfadd4722974a4f092f613433a7e39e284

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
cache-control: max-age=836581
last-modified: Mon, 06 Sep 2021 11:18:56 GMT
x-traceid: 3d342888b7d6ee2066a9a2e6ffccf3c7
timing-allow-origin: *
content-length: 51536
content-type: image/webp

GET
H2 200 eyJpdSI6IjQ5YjRiOGI0M2NkOTc2OWUxMDkxYmM5NDQzNzA4YjczZWJhZmUwM2FmYzQzZjQyMzY1MmU1NDE2NWEwODM0ZTgiLCJ3IjozNjAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 24 KB
24 KB 237ms
137ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjQ5YjRiOGI0M2NkOTc2OWUxMDkxYmM5NDQzNzA4YjczZWJhZmUwM2FmYzQzZjQyMzY1MmU1NDE2NWEwODM0ZTgiLCJ3IjozNjAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2e11eed405541c63b4127663e494782f1fb37938d37cbee78c595920ae666cf1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
cache-control: max-age=2053374
last-modified: Wed, 14 Jul 2021 16:07:43 GMT
x-traceid: 6757cf47136bf33442dae1babc737f8a
timing-allow-origin: *
content-length: 24706
content-type: image/webp

GET
H2 200 eyJpdSI6ImExMzMzNTcwOTg0Zjc0NGVhMjdiOGE4MmI0MGMxNWIzMjU0OGYzYzM3MTc1Mjk1MTQzZjhiMWI3YWM2ZDQzZmYiLCJ3IjozNjAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 21 KB
22 KB 237ms
137ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImExMzMzNTcwOTg0Zjc0NGVhMjdiOGE4MmI0MGMxNWIzMjU0OGYzYzM3MTc1Mjk1MTQzZjhiMWI3YWM2ZDQzZmYiLCJ3IjozNjAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 696a55b65b8a40bcfb32fed05dc7aee46aa3b8b70e8109edf26bb5bf3575450b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
cache-control: max-age=1502487
last-modified: Mon, 19 Jul 2021 13:13:44 GMT
x-traceid: 9dec44112561c68e9b8cbc6845a0b07e
timing-allow-origin: *
content-length: 21814
content-type: image/webp

GET
H2 200 eyJpdSI6IjA4ZTdiZTNiMGFmZDM0ZDgyMmNkNDQzNjRjOGJiYmYyM2E3NzVjOWQxNGZkNjViYjc1NjBhZjk1NWFjMzdhMjAiLCJ3IjozNjAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 32 KB
32 KB 135ms
135ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjA4ZTdiZTNiMGFmZDM0ZDgyMmNkNDQzNjRjOGJiYmYyM2E3NzVjOWQxNGZkNjViYjc1NjBhZjk1NWFjMzdhMjAiLCJ3IjozNjAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 336f2b56b8e1ae7bba1c09a47c9b9da66df8b4aef33c747f2013999413be875c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
cache-control: max-age=900768
last-modified: Mon, 06 Sep 2021 08:39:10 GMT
x-traceid: b4a048c9c7979a7ca37642ed94b395d0
timing-allow-origin: *
content-length: 32952
content-type: image/webp

GET
H2 200 eyJpdSI6IjhhMzEwNzdhZjYzNmY4NTZlOWIzYjVlZDBiZDJjYzJlYzBlMWM3YzJjMDFmMGQxOTVlNmY0ZDkwYjNkNWM4MWEiLCJ3IjozNjAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 63 KB
63 KB 135ms
135ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjhhMzEwNzdhZjYzNmY4NTZlOWIzYjVlZDBiZDJjYzJlYzBlMWM3YzJjMDFmMGQxOTVlNmY0ZDkwYjNkNWM4MWEiLCJ3IjozNjAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 897f1edcb65fbf5273c28473b788e2825f13e5daf8582231b71b0e340a37f638

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
cache-control: max-age=968860
last-modified: Thu, 04 Mar 2021 13:01:08 GMT
x-traceid: 27bcf2ec07c36f684052cd6c29ab6038
timing-allow-origin: *
content-length: 64048
content-type: image/webp

GET
H2 200 clip.js Show response
widgets.outbrain.com/nanoWidget/2000448/module/ 1 KB
1 KB 25ms
25ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000448/module/clip.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7b80ea1942718b266e2972df6f71bac32c46737bc8663effd79921072b32fe85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:13:36 GMT
server: AkamaiNetStorage
etag: "3f24b0b082962f55a3d92599732c7e66:1632382578.006926"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 613

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 12 KB
2 KB 244ms
209ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=%20&settings=true&recs=true&widgetJSId=TF_6&key=NANOWDGT01&version=2000448&apv=true&sig=BM9GTtBL&format=html&rand=29655&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=1&ccpa=1---&ccpaStat=1&scrW=1600&scrH=1200&t=NzNmZGYyYTJmYzI5NmRjOGE0NjdlZmM3MWU0MTE4NGE=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=2&lastCardIdx=0&fAB=11523-77045&layeredTestInfo=11523-77045-&clss=G0FrUMnwxMt%2BJ2IfT5BsD8KYkdtX%2B%2BgOTC00GKYRMulpnVmslpbhT28dLIZwNZyKlGC8ZqTeTCrfy1pT&pcer=p%3D9h_R7mrRDsPemW6suEuaVsbZA-hZirvmka-Wg1mWFjo%26c%3D63cdf728%26v%3D3&dpr=1&cw=537
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000448/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9fdf19f5563f7ef15451864d365576d75e82c06566369f4a2fd149448e604711

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1632753695.343153,VS0,VE160
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
backend-ip: 157.52.117.23
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0, 0
x-traceid: b9e04dcf1260822863a2532b737c5c3d
content-encoding: gzip
content-length: 1963
x-served-by: cache-lga21923-LGA, cache-hhn4042-HHN

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 136ms
136ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!a9etg89wet&lm=0&ts=1632753694866&dn=TC&iso=0&t=HawtCelebs%20%E2%80%93%20Latest%20Celebrities%20Pictures
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 142ms
131ms Fetch
application/json 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=1eae3ea34df620717309fc60833df6d2&pvId=73fdf2a2fc296dc8a467efc71e41184a&sid=6155583&pid=34839&idx=1&wId=1155&pad=0&org=0&tm=1429&eT=0&cnsnt=no_consent&widgetWidth=537&widgetHeight=0&widgetX=452&widgetY=10407&wRV=2000448&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&rtt=101&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:35 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: fc971f28a60b7c08c035a3f62b310d04
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
odb.outbrain.com/utils/ 9 KB
3 KB 152ms
152ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=undefined&idx=2&rand=85514&key=NANOWDGT01&widgetJSId=SB_1&va=true&et=true&format=html&pdobuid=-1&t=NzNmZGYyYTJmYzI5NmRjOGE0NjdlZmM3MWU0MTE4NGE=&adblck=false&abwl=false&clss=G0FrUMnwxMt%2BJ2IfT5BsD8KYkdtX%2B%2BgOTC00GKYRMulpnVmslpbhT28dLIZwNZyKlGC8ZqTeTCrfy1pT&px=271&py=1146&vpd=0&cw=160&settings=true&recs=true&version=2000448&sig=BM9GTtBL&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=1&ccpa=1---&ccpaStat=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 811e2475ac8be5f8d9d8745143e433b0a5a50495c481edc310b2ff5dd9ce1676

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1632753695.410274,VS0,VE97
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
backend-ip: 157.52.117.25
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0, 0
x-traceid: 4e4beb357e77c40f386003c1775d25dd
content-encoding: gzip
content-length: 2610
x-served-by: cache-lga21925-LGA, cache-hhn4042-HHN

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 161ms
161ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!a9etg89wet&lm=0&ts=1632753694866&dn=TC&iso=0&t=HawtCelebs%20%E2%80%93%20Latest%20Celebrities%20Pictures
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 116ms
115ms Fetch
application/json 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=4005fc25c1df462fe89b51d4ddf1415a&pvId=73fdf2a2fc296dc8a467efc71e41184a&sid=6155583&pid=34839&idx=4&wId=1096&pad=0&org=0&tm=1577&eT=0&cnsnt=no_consent&widgetWidth=537&widgetHeight=0&widgetX=452&widgetY=2055&wRV=2000448&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&rtt=145&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:35 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 22e967949ab84390d6679fe15181ad18
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 115ms
115ms Fetch
application/json 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=858ce7bb3e7c56e649d9d034e83abafc&pvId=73fdf2a2fc296dc8a467efc71e41184a&sid=6155583&pid=34839&idx=5&wId=1096&pad=0&org=0&tm=1578&eT=0&cnsnt=no_consent&widgetWidth=537&widgetHeight=0&widgetX=452&widgetY=2055&wRV=2000448&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&rtt=145&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:35 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 40a16da9bb02be1328659bc14d14600f
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 225ms
110ms Fetch
application/json 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=5feedbeeab658079da6f5aa801a7f670&pvId=73fdf2a2fc296dc8a467efc71e41184a&sid=6155583&pid=34839&idx=6&wId=1096&pad=0&org=0&tm=1579&eT=0&cnsnt=no_consent&widgetWidth=537&widgetHeight=0&widgetX=452&widgetY=2055&wRV=2000448&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&rtt=145&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:35 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 4e312af9789c8753ab92e226340cca92
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 11 KB
2 KB 196ms
195ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=%20&settings=true&recs=true&widgetJSId=TF_1&key=NANOWDGT01&version=2000448&apv=true&sig=BM9GTtBL&format=html&rand=79238&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=1&ccpa=1---&ccpaStat=1&scrW=1600&scrH=1200&t=NzNmZGYyYTJmYzI5NmRjOGE0NjdlZmM3MWU0MTE4NGE=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=1&lastIdx=6&lastCardIdx=0&fAB=11523-77045&layeredTestInfo=11523-77045-&clss=G0FrUMnwxMt%2BJ2IfT5BsD8KYkdtX%2B%2BgOTC00GKYRMulpnVmslpbhT28dLIZwNZyKlGC8ZqTeTCrfy1pT&dpr=1&cw=537
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000448/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 50064f4d6cf4f7b27b8074fe2c207fdf9b4c5304bf655b901df4b73c29a7ab81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1632753696.558958,VS0,VE162
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
backend-ip: 167.82.174.26
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0, 0
x-traceid: a09bab40cefcdcbd274e168f4846513c
content-encoding: gzip
content-length: 1904
x-served-by: cache-lga13626-LGA, cache-hhn4042-HHN

GET
H2 200 ob_logo_16x16.svg
widgets.outbrain.com/images/widgetIcons/ 13 KB
14 KB 50ms
49ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_16x16.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
last-modified: Thu, 24 Jun 2021 14:35:21 GMT
server: AkamaiNetStorage
etag: "af7be0711fb1cf2f41bb793256c8f148:1624546043.568533"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 13687
expires: Wed, 27 Oct 2021 14:41:35 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 50ms
50ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
last-modified: Thu, 24 Jun 2021 14:35:21 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1624546014.914244"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Wed, 27 Oct 2021 14:41:35 GMT

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
324 B 205ms
111ms Fetch
application/json 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=ad0a3727ab21a8cc97b27837fdab33df&pvId=73fdf2a2fc296dc8a467efc71e41184a&sid=6155583&pid=34839&idx=2&wId=102&pad=0&org=0&tm=1597&eT=0&cnsnt=no_consent&widgetWidth=160&widgetHeight=25&widgetX=272&widgetY=1131&wRV=2000448&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&rtt=16&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:35 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 5d2da89c9eb7abed1972f442641a5eb
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 287ms
113ms Fetch
application/json 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=ad0a3727ab21a8cc97b27837fdab33df&pvId=73fdf2a2fc296dc8a467efc71e41184a&sid=6155583&pid=34839&idx=2&wId=102&pad=0&org=0&tm=1606&eT=3&cnsnt=no_consent&wRV=2000448&pVis=0&lsd=-1&eIdx=0&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:35 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: c26c08efe8a0a79c63e0ab377a7a2461
Content-Length: 4
Expires: 0

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 139ms
139ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!a9etg89wet&lm=0&ts=1632753694866&dn=TC&iso=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 130ms
103ms Fetch
application/json 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=76c17719405da0b908367be58f01a322&pvId=73fdf2a2fc296dc8a467efc71e41184a&sid=6155583&pid=34839&idx=8&wId=1096&pad=0&org=0&tm=1779&eT=0&cnsnt=no_consent&widgetWidth=537&widgetHeight=0&widgetX=452&widgetY=10355&wRV=2000448&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&rtt=198&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:35 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 9e8ac62eee745a7e73d1ed39b4d3d7bd
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
324 B 131ms
105ms Fetch
application/json 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=55234da183f6c237a0e190fd7c87d5b8&pvId=73fdf2a2fc296dc8a467efc71e41184a&sid=6155583&pid=34839&idx=9&wId=1096&pad=0&org=0&tm=1780&eT=0&cnsnt=no_consent&widgetWidth=537&widgetHeight=0&widgetX=452&widgetY=10355&wRV=2000448&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&rtt=198&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:35 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 54f821dea8d4783cfcdbb86289efebf
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 218ms
105ms Fetch
application/json 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=efb6b4144df52ffa54f56408810448f1&pvId=73fdf2a2fc296dc8a467efc71e41184a&sid=6155583&pid=34839&idx=10&wId=1096&pad=0&org=0&tm=1781&eT=0&cnsnt=no_consent&widgetWidth=537&widgetHeight=0&widgetX=452&widgetY=10355&wRV=2000448&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&rtt=198&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:35 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 3791aa467ef955e939095ce9d84024c4
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 3 KB
2 KB 155ms
155ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=undefined&settings=true&recs=true&widgetJSId=SB_1&key=NANOWDGT01&version=2000448&apv=true&sig=BM9GTtBL&format=html&rand=50018&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=1&ccpa=1---&ccpaStat=1&scrW=1600&scrH=1200&t=NzNmZGYyYTJmYzI5NmRjOGE0NjdlZmM3MWU0MTE4NGE=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=2&lastIdx=10&lastCardIdx=0&fAB=11523-77045&layeredTestInfo=11523-77045-&clss=G0FrUMnwxMt%2BJ2IfT5BsD8KYkdtX%2B%2BgOTC00GKYRMulpnVmslpbhT28dLIZwNZyKlGC8ZqTeTCrfy1pT&dpr=1&cw=160
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000448/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 45f430d67ba90a304fd278fae7f78d77afe21adec2deda9cc2bb835049a3add7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1632753696.760769,VS0,VE133
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
backend-ip: 157.52.117.71
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0, 0
x-traceid: 58a7758b17880eb31cc75c710a9991ff
content-encoding: gzip
content-length: 1597
x-served-by: cache-lga21971-LGA, cache-hhn4042-HHN

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 125ms
124ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!a9etg89wet&lm=0&ts=1632753694866&dn=TC&iso=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 129ms
128ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!a9etg89wet&lm=0&ts=1632753694866&dn=TC&iso=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:35 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 108ms
108ms Fetch
application/json 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=14af79a9aa13598c2325a89f52ee3e56&pvId=73fdf2a2fc296dc8a467efc71e41184a&sid=6155583&pid=34839&idx=12&wId=1987&pad=0&org=0&tm=1940&eT=0&cnsnt=no_consent&widgetWidth=160&widgetHeight=0&widgetX=272&widgetY=1156&wRV=2000448&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&rtt=157&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:35 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 7173bcbcadca72b174f214fb817d1703
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 107ms
107ms Fetch
application/json 70.42.32.95
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=14af79a9aa13598c2325a89f52ee3e56&pvId=73fdf2a2fc296dc8a467efc71e41184a&sid=6155583&pid=34839&idx=12&wId=1987&pad=0&org=0&tm=1954&eT=3&cnsnt=no_consent&wRV=2000448&pVis=0&lsd=-1&eIdx=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:35 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 3d9cc016355e0bf91daee50ff89a6b76
Content-Length: 4
Expires: 0

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 139ms
139ms Image
text/plain 67.202.105.32
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=w!a9etg89wet&lm=0&ts=1632753694866&dn=TC&iso=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip32.67-202-105.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:36 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1 200
OK data
b26.s79.research.de.com/ Frame DBB0 43 B
308 B 27ms
27ms Image
image/gif 136.243.3.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b26.s79.research.de.com/data?/zsFmFZ8AAl2yFuvFfhFwpFTkzFARksFAQtjFQrRNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.3.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h224.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:37 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 27-Sep-21 14:41:36 GMT

GET
H/1.1 200
OK data
b24.s79.research.de.com/ Frame 4847 43 B
308 B 29ms
28ms Image
image/gif 148.251.247.207
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b24.s79.research.de.com/data?/aFsMFw7AAl2yFuvFfhFwpFTkzFARksFAQtjFurRNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.247.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h366.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:37 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 27-Sep-21 14:41:36 GMT

GET
H/1.1 200
OK data
b199.s79.research.de.com/ Frame 0172 43 B
308 B 33ms
32ms Image
image/gif 136.243.6.97
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b199.s79.research.de.com/data?/9DpQFT7AAl2yFuvFfhFwpFTkzFARksFAQtjFrmRNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.6.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h243.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:37 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 27-Sep-21 14:41:36 GMT

GET
H/1.1 200
OK data
b26.s79.research.de.com/ Frame DBB0 43 B
308 B 11ms
11ms Image
image/gif 136.243.3.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b26.s79.research.de.com/data?/zsFmGSOBATkzFARksFAQtjF8xJNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.3.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h224.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:38 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 27-Sep-21 14:41:37 GMT

GET
H/1.1 200
OK data
b24.s79.research.de.com/ Frame 4847 43 B
308 B 11ms
11ms Image
image/gif 148.251.247.207
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b24.s79.research.de.com/data?/aFsMGPOBATkzFARksFAQtjFCvJNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.247.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h366.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:38 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 27-Sep-21 14:41:37 GMT

GET
H/1.1 200
OK data
b199.s79.research.de.com/ Frame 0172 43 B
308 B 12ms
12ms Image
image/gif 136.243.6.97
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b199.s79.research.de.com/data?/9DpQGJOBATkzFARksFAQtjFKtJNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.6.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h243.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:38 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 27-Sep-21 14:41:37 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame ED97 43 B
215 B 91ms
91ms Image
image/gif 3.212.141.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=783646&asId=70d1aa1f-585c-b93b-929f-b574a3fe684a&tv=%7Bc:pqtlct,pingTime:5,time:6447,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:15%7D,%7Bpiv:100,vs:i,r:,t:1446%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:1446,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1441~0,0~100%5D,as:%5B1441~160.600%5D%7D%7D,%7Bsl:i,t:1446,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:210,fm:sKdS65k+11%7C12%7C13*.783646-56311260%7C131%7C1321%7C14,idMap:13*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.141.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-141-148.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:38 GMT
x-server-name: dt34.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame ED97 43 B
215 B 92ms
91ms Image
image/gif 3.212.141.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=783646&asId=70d1aa1f-585c-b93b-929f-b574a3fe684a&tv=%7Bc:pqtlct,pingTime:5,time:6447,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:160,h:600,t:15%7D,%7Bpiv:100,vs:i,r:,t:1446%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:1446,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1441~0,0~100%5D,as:%5B1441~160.600%5D%7D%7D,%7Bsl:i,t:1446,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:210,fm:sKdS65k+11%7C12%7C13*.783646-56311260%7C131%7C1321%7C14,idMap:13*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.212.141.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-212-141-148.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:38 GMT
x-server-name: dt27.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK data
b26.s79.research.de.com/ Frame DBB0 43 B
308 B 13ms
12ms Image
image/gif 136.243.3.132
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b26.s79.research.de.com/data?/zsFmHJxBATkzFARksFAQtjFL2JNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.3.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h224.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:40 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 27-Sep-21 14:41:39 GMT

GET
H/1.1 200
OK data
b24.s79.research.de.com/ Frame 4847 43 B
308 B 13ms
13ms Image
image/gif 148.251.247.207
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b24.s79.research.de.com/data?/aFsMHgwBATkzFARksFAQtjFp2JNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.247.207 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h366.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:40 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 27-Sep-21 14:41:39 GMT

GET
H/1.1 200
OK data
b199.s79.research.de.com/ Frame 0172 43 B
308 B 14ms
13ms Image
image/gif 136.243.6.97
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b199.s79.research.de.com/data?/9DpQHCwBATkzFARksFAQtjFfxJNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.6.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h243.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 27 Sep 2021 14:41:40 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Mon, 27-Sep-21 14:41:39 GMT

GET
H2 200 / Show response
tag.vlitag.com/pbk/ 390 B
635 B 19ms
18ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/pbk/?t=1632727982&d=78&z=387&divID=vi_78387_986&w=300&h=250

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1632727982/036e05035cbef88431e89138f2969605.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9377f626aea1542cfd2e097180c64017208cba6d3dc9bfdf6ecdb879fdde168e

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:42 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23601
cf-polished: origSize=392
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Sep 2021 08:08:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aOJBVPM6y9eqXEJaP4zz16bvoGJtCqYt0twGFXTkLdOT3bpYLf3dyDiiKL9%2BtgJckMUH0lK3tENePvfIaP9sUODS84lXccfPU3iSEw6GJF0N8b9XaTvH5QybiWhXupz0KV75g7NT7lJU9N7Y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-ray: 69557e91ef386934-FRA
cf-bgj: minify

GET
H2 200 /
px.vliplatform.com/bi/ 0
271 B 176ms
128ms Image
image/jpeg 2606:4700:21::681b:cf5c

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://px.vliplatform.com/bi/?e=zdNZtBYYTUt-yyyB-PMYT-arKa-wAATeBtqqZZARrNKMRmNBMKRrtNrtl0zghRlmNBAAbYZARdzNwqfftkRkjmNBAAbYZA,YZAbYZA,YAAbYAA,TMAbTZARwlNqhhftbxl,jxqfzxdrtb,ekoztg,liqktzikgxui,gftdgwost,gyzdtroq,kzwigxlt,thsqffofu,qdb,zkohstsoyzRwkN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:21::681b:cf5c -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2FJ3q3ZdnkcgJzrufy8IZUiAgcWapJrxCLcxk3n2ZanCss5vZ3wKdtzzNk8PgTn1b3aqVxxTbeO%2BEG%2BIO6cQZsk9N%2BoLBJP%2FECy4wczo1jBt2GQkyDuMI3c8M3G2uPSbcJRNL88cFE80k3QtN4%2FZNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 69557e923b8a695b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 /
px.vliplatform.com/bi/ 0
269 B 182ms
135ms Image
image/jpeg 2606:4700:21::681b:cf5c

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://px.vliplatform.com/bi/?e=zdNPUUBYYAP-rATa-PMew-wery-yUwZUeBBKyUKRrNKMRmNBMKRrtNrtl0zghRlmNBAAbTUMRdzNcortgRkjmNBAAbTUMRwlNqhhftbxl,jxqfzxdrtb,gyzdtroq,qdb,ekoztgRwkN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:21::681b:cf5c -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4NlxoX1uSuL7nCLFsTX3M0mLI3j4%2BZijfhyHO7DDzyr8i2J85CrF8VJBgcKaeW4epggWqBTLDUHxbUGjPySmkLK9b2DdPOIfNSrksV7zLwUH%2FuIvG6WvbsFoGoWMqtDiJAedxIJ9ZC3pZxaUrXgB%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 69557e923b8e695b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 /
stats.vlitag.com/pi/ 0
314 B 118ms
101ms Image
image/jpeg 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.vlitag.com/pi/?e=zdNtyMKATKt-ZYrK-PwUt-weZP-erByArMyUMyZRzNhqllwqe0RrNKMRmNBMKRrtNRcsokty_orN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLksN0hc4bJH%2F1WQU%2FvhURTHj7ooHegMU6WZ9bmY87BeC36P9lEd9%2BL0usl%2FintV87fAWGaM2B17Rmlk7Y1zEN%2BviInV46xZuJ6qGiwtB3LRu8En%2BueL3z%2F7CHFyumN2SZY56%2Frj%2FZ1rCAjg8gQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 69557e920f806934-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 01B2 97 KB
38 KB 317ms
16ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128776493-31

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1632727982/036e05035cbef88431e89138f2969605.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e6efd624d873783da2a3a12b889585735b80a3dfc7da945f56a2829fb034206

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39226
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 27 Sep 2021 14:41:43 GMT

GET
H2 200 /
px.vliplatform.com/bi/ 0
594 B 162ms
128ms Image
image/jpeg 2606:4700:21::681b:cf5c

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://px.vliplatform.com/bi/?e=zdNAwKywMqa-BUAY-PZKY-MtZT-eYKeKTywABUaRrNKMRmNKYUZYRrtNrtl0zghRlmNKYMbaARdzNwqfftkRkjmNKYMbaARwlNqhhftbxl,jxqfzxdrtb,ekoztg,liqktzikgxui,gftdgwost,gyzdtroq,kzwigxlt,thsqffofu,qdb,zkohstsoyzRwkN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:21::681b:cf5c -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XLieIs2IYkY0M%2B1w9QxgYH86FIAN296FactKsxuG5G0sHiPI4fyC6PU5ycorMo34sETcB2oJvMOtg3JxdwquGLbQ6Gyvewbzca99pbnUK0OE28QnP6uS3IbC463uiP%2FvjsnuuIadxwbY7YApQ2bdHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 69557e923b93695b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 /
px.vliplatform.com/bi/ 0
267 B 167ms
134ms Image
image/jpeg 2606:4700:21::681b:cf5c

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://px.vliplatform.com/bi/?e=zdNwarTaTTr-AAPM-Prqe-Metq-YrwBaKqaMytMRrNKMRmNKYUZTRrtNrtl0zghRlmNaKAbaARdzNwqfftkRkjmNaKAbaARwlNqhhftbxl,jxqfzxdrtb,gyzdtroq,thsqffofu,qdb,kzwigxlt,zkohstsoyzRwkN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:21::681b:cf5c -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmn4BjgpX6AxsapczLATTZDHTDKRQfurB2lkerfqswZMfppq2g9KiHJAaoWktpB56zzqJWAy6mvf6VxB%2FDJGXPZ0lQkL0JIGhzQoVSEk5jtF9hUaWPS7ymvR8CNbZmP3%2FpYlJY6nEphST7vYYkFMsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 69557e923b95695b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 /
px.vliplatform.com/bi/ 0
274 B 166ms
133ms Image
image/jpeg 2606:4700:21::681b:cf5c

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://px.vliplatform.com/bi/?e=zdNwPTeqtKe-qrBZ-PyAe-qZUY-ZrtyTPrPZtZARrNKMRmNKYUZTRrtNrtl0zghRlmNKYMbaARdzNwqfftkRkjmNKYMbaARwlNqhhftbxl,jxqfzxdrtb,ekoztg,liqktzikgxui,gftdgwost,gyzdtroq,thsqffofu,qdb,kzwigxlt,zkohstsoyzRwkN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:21::681b:cf5c -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmqUIPv%2BHLO58st2wwxZPxw5GtV%2BPSIfdN%2Fazcj8fUCY%2B8q9ilE3xpwn9L87mrkFtYXak%2FiblrciyMRzrOlks1yHPm%2BES6Pjnw05JVcKBpVNBDHwEzN6CpLYj2%2BTJyRmqESRMAzds1wbbBnvzDg3wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 69557e923b96695b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 vi-logo.svg
assets.vlitag.com/media/icon/ 11 KB
3 KB 17ms
16ms Image
image/svg+xml 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/media/icon/vi-logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1831427
cf-ray: 69557e920f8d6934-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 01 Nov 2019 05:04:49 GMT
server: cloudflare
etag: W/"5dbbbcf1-2c34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lnWPCxJ6xw%2FnQaSflPC8aYVpfeVoQlYOusFqf9HwS1xb0bJ8espnepwd4PXAlBiB%2Ffl1KhoXF02NVxhOsbjv9nODX9wYM5yYn2l3c6%2BqFH6owKodTyY0k2ifObk3ZepSXkCpZwIivt77BxCO8vhQ"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=16070400
x-robots-tag: noindex, nofollow

GET
H2 200 / Show response
tag.vlitag.com/pbk/ 0
544 B 252ms
247ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/pbk/?t=1632727982&d=78&z=390&divID=vi_78390_274&w=300&h=250

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1632727982/036e05035cbef88431e89138f2969605.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:42 GMT
cf-cache-status: MISS
last-modified: Mon, 27 Sep 2021 14:41:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSQ4YOZ%2Fq3IKl38O2%2BpB61jSTeQAAV9LkbtsGmsK8lzSn3OU5zrehlxZav63Dv4XodqmzNMxKHCHJWMmpDC7ZX72Om5lTsgsFGZ3w5ReSqqZ5iqn9xf63OQUaSCa8dWPov5szAez0lgRXFrz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 69557e9238116934-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 /
px.vliplatform.com/bi/ 0
271 B 136ms
133ms Image
image/jpeg 2606:4700:21::681b:cf5c

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://px.vliplatform.com/bi/?e=zdNUUZMryrA-UAqt-PBKT-wYTB-rwBtYBeaAKYARrNKMRmNBaARrtNrtl0zghRlmNBAAbYZARdzNwqfftkRkjmNBAAbYZARwlNqhhftbxl,jxqfzxdrtb,ekoztg,liqktzikgxui,gftdgwost,gyzdtroq,kzwigxlt,thsqffofu,qdb,zkohstsoyzRwkN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:21::681b:cf5c -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r17Yz6SsI%2FtFST8rapTKfjGqRhuuEQGvJaFyTUyLhU%2BaXbNG%2FQ0X5Jup7T7P7Oz7mLbDX1jgWye1c51nXFgrUho7hjP5kBVzwtA4SceZaxxcHLCUKy8TPNAwlxZDi%2B9OZz4H9kCx%2Fj6MfC1R81RiJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 69557e923b99695b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 /
stats.vlitag.com/pi/ 0
260 B 100ms
97ms Image
image/jpeg 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.vlitag.com/pi/?e=zdNarZKtMaq-tqqT-PYyw-qZrT-YZPZtyTrPPUqRzNhqllwqe0RrNKMRmNBaARrtNRcsokty_orN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:42 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8vwbFRvurCEWDOuT8QHs6z7McXtykNg%2B8YMp5bgbS3tDakDPb8zDTw7BEWzFP7WiL0RMnHB8aAxQUbxp05%2F2qYG2zjwOigORREELdG3BoSMOwcLtlgPQgzo7uw9uS5XBtU0Q0d0jKin6YxtuBtY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate
cf-ray: 69557e9238166934-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1632727982/036e05035cbef88431e89138f2969605.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60e19c098c974311188db471cb03472950033c6bd1f3a92e8992f2b0be5e2381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49925
x-xss-protection: 0
server: cafe
etag: 1109047676077799126
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 27 Sep 2021 14:41:42 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/ 255 KB
95 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7860183164226139&plah=www.hawtcelebs.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55733cc8cd5158bdbee67dd1568b171c11a33898afd3905a5af9de989ab56235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96574
x-xss-protection: 0
server: cafe
etag: 12276355039703058126
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 27 Sep 2021 14:41:42 GMT

GET
H2 200 dc_oe=ChMI25zUvrGf8wIVyaFRCh2vigZMEAAYACC2iMlKQhMIo7GZvrGf8wIVs8i7CB1WHgT-;met=1;&timestamp=1632753703046;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame ED97 42 B
515 B 40ms
18ms Image
image/gif 142.250.185.98

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI25zUvrGf8wIVyaFRCh2vigZMEAAYACC2iMlKQhMIo7GZvrGf8wIVs8i7CB1WHgT-;met=1;&timestamp=1632753703046;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 01B2 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128776493-31

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 6583
date: Mon, 27 Sep 2021 12:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Mon, 27 Sep 2021 14:52:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame 01B2 1 B
68 B 14ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1743975256&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hawtcelebs.com%2F&ul=en-us&de=UTF-8&dt=noBid_hawtcelebs.com_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=hawtcelebs.com&cm=noBid&cc=Default&_u=QACAAUABAAAAAC~&jid=1085880055&gjid=999968057&cid=253180117.1632753691&tid=UA-128776493-31&_gid=11169151.1632753694&_r=1&gtm=2ou9m0&z=727494552

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hawtcelebs.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 14:41:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hawtcelebs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 01B2 35 B
132 B 7ms
6ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1743975256&t=pageview&_s=2&dl=https%3A%2F%2Fwww.hawtcelebs.com%2F&ul=en-us&de=UTF-8&dt=noBid_hawtcelebs.com_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=hawtcelebs.com&cm=noBid&cc=Default&_u=QACAAUABAAAAAC~&jid=&gjid=&cid=253180117.1632753691&tid=UA-128776493-31&_gid=11169151.1632753694&gtm=2ou9m0&z=1264477917

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 10:36:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 14720
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 01B2 35 B
91 B 7ms
7ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1743975256&t=pageview&_s=3&dl=https%3A%2F%2Fwww.hawtcelebs.com%2F&ul=en-us&de=UTF-8&dt=noBid_hawtcelebs.com_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=hawtcelebs.com&cm=noBid&cc=Default&_u=QACAAUABAAAAAC~&jid=&gjid=&cid=253180117.1632753691&tid=UA-128776493-31&_gid=11169151.1632753694&gtm=2ou9m0&z=180013449

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 10:36:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 14720
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 01B2 35 B
91 B 7ms
7ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1743975256&t=pageview&_s=4&dl=https%3A%2F%2Fwww.hawtcelebs.com%2F&ul=en-us&de=UTF-8&dt=noBid_hawtcelebs.com_0.00_Default&sd=24-bit&sr=1600x1200&vp=&je=0&cn=0.00&cs=hawtcelebs.com&cm=noBid&cc=Default&_u=QACAAUABAAAAAC~&jid=&gjid=&cid=253180117.1632753691&tid=UA-128776493-31&_gid=11169151.1632753694&gtm=2ou9m0&z=1894649476

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 10:36:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 14720
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
tag.vlitag.com/pbk/ 0
297 B 14ms
14ms Script
application/javascript 2606:4700:20::681a:fee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/pbk/?t=1632727982&d=78&z=390&divID=vi_78390_274&w=300&h=250

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1632727982/036e05035cbef88431e89138f2969605.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:fee , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.hawtcelebs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 14:41:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
last-modified: Mon, 27 Sep 2021 14:41:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lRCGuOdb%2F4%2BDM7UiFCQK6QtY%2FnW3onmxgqsdwgz2ITAQdTHlpSaPJ970aeP0IHbQCV58J6%2BuHrQ%2BgaswXQZL9oe3iUD4ml5degmW2yy8rK5EI3Fd%2FgLagDjyZgl3W%2Br6o1nkiIe4OfwyOjWq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 69557e946d816934-FRA
cf-bgj: minify

GET dc_oe=ChMInfPjvrGf8wIVjP27CB3g3AlqEAAYACD-lPNKQhMI9prIvrGf8wIV9Yj9Bx2NJgqL;met=1;&timestamp=1632753703531;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 909F 0
0

GET dc_oe=ChMI-IfjvrGf8wIVslDlCh1nXwkSEAAYACCH2tdKQhMIl9rIvrGf8wIVIuW7CB0QZwGo;met=1;&timestamp=1632753703533;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 9A3F 0
0

GET dc_oe=ChMI3djkvrGf8wIV3eO7CB0wHgKiEAAYACCux9ZKQhMIo8fJvrGf8wIVC-u7CB1r2gor;met=1;&timestamp=1632753703536;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 85F8 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: udmserve.net
URL: https://udmserve.net/udm/img.fetch?tid=1&dt=10&sid=%2347740&sizes=300x600&version=3.5V

Domain: udmserve.net
URL: https://udmserve.net/udm/img.fetch?tid=1&dt=10&sid=%2347740&sizes=300x600&version=3.5V

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=&google_hm=MTYzNDMyMzEwMzE5MTg3OTk5NQ%3D%3D

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMInfPjvrGf8wIVjP27CB3g3AlqEAAYACD-lPNKQhMI9prIvrGf8wIV9Yj9Bx2NJgqL;met=1;&timestamp=1632753703531;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-IfjvrGf8wIVslDlCh1nXwkSEAAYACCH2tdKQhMIl9rIvrGf8wIVIuW7CB0QZwGo;met=1;&timestamp=1632753703533;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Domain: ade.googlesyndication.com
URL: https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3djkvrGf8wIV3eO7CB0wHgKiEAAYACCux9ZKQhMIo8fJvrGf8wIVC-u7CB1r2gor;met=1;&timestamp=1632753703536;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

104 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
live.demand.supply/	1970-01-20 15:03:45	Name: demandSupplyTi Value: 53f6a350-39ce-4048-aaf9-630c8f171eb7
.udmserve.net/	1970-01-20 06:18:09	Name: dt Value: 2D2658CE-AD29-3F41-833B-07E0D09CF052
.hawtcelebs.com/	1970-01-19 21:34:00	Name: _dlt Value: 1
.adnxs.com/	1970-01-19 23:42:09	Name: uuid2 Value: 44285964100823436
.pubmatic.com/	1970-01-19 21:34:00	Name: KTPCACOOKIE Value: YES
.quantserve.com/	1970-01-20 07:02:48	Name: mc Value: 6151d81a-edb3a-0de55-3922d
.hawtcelebs.com/	1970-01-20 06:57:02	Name: __qca Value: P0-231294886-1632753690962
.pubmatic.com/	1970-01-19 23:42:09	Name: KADUSERCOOKIE Value: 8FC4D2E2-7D9F-4DE4-BE26-6032B6F882E8
www.hawtcelebs.com/	1970-01-19 22:15:45	Name: udmsrc Value: %7B%7D
.doubleclick.net/	1970-01-20 06:54:09	Name: IDE Value: AHWqTUkPWCIDg9VzJTnZnWfuCKLqGvX7s6d5KZiGQqF1nfaRy9SKtKZbzy_iZnoOeyg
.pubmatic.com/	1970-01-19 23:42:09	Name: PUBMDCID Value: 3
.udmserve.net/	1970-01-20 06:18:09	Name: apnid Value: 44285964100823436
.technoratimedia.com/	1970-01-21 17:20:33	Name: tads_uid Value: GDPR
.admanmedia.com/	1970-01-20 06:18:09	Name: admtr Value: 7a6a91335eaacbe18ba04a730019238c096cf569
.hawtcelebs.com/	1970-01-20 06:54:09	Name: __gads Value: ID=2e3a6d588cf1e027:T=1632753690:S=ALNI_MZPm4iAaOSarLHPqjyclmPzVTtdjw
.udmserve.net/	1970-01-20 06:18:09	Name: pmid Value: 8FC4D2E2-7D9F-4DE4-BE26-6032B6F882E8
.udmserve.net/	1970-01-20 06:18:09	Name: acu Value: 7a6a91335eaacbe18ba04a730019238c096cf569
.casalemedia.com/	1970-01-20 06:18:09	Name: CMID Value: YVHYHMsF6hLiJXr1KpJ1sQAA
.casalemedia.com/	1970-01-19 23:42:09	Name: CMPS Value: 5224
.casalemedia.com/	1970-01-19 23:42:09	Name: CMPRO Value: 1103
.casalemedia.com/	1970-01-20 06:18:09	Name: CMRUM3 Value: 2d6151d81c2760
.udmserve.net/	1970-01-20 06:18:09	Name: admix Value: 61d6f69ca4ef4b349258f3a57e80eda6
.openx.net/	1970-01-20 06:18:09	Name: i Value: 87c8a70e-aa93-476e-bada-ee076d4f4645\|1632753692
.travelaudience.com/	1970-01-20 07:01:21	Name: _tracker Value: %7B%22UUID%22%3A%22F4BBCF73-3A24-4419-A4ED-1782D2C05731%22%7D
.de17a.com/	1970-01-20 06:10:57	Name: guid2 Value: 1.6490993743820224842
.media.net/	1970-01-20 06:18:09	Name: visitor-id Value: 2757552929860198000V10
.media.net/	1970-01-19 21:52:43	Name: data-g Value: CAESEDwWNsJsMOaoXKj2u2oK3pM~~3
.media.net/	1970-01-20 01:58:57	Name: gdpr_status Value: 1
.yahoo.com/	1970-01-20 06:18:31	Name: A3 Value: d=AQABBBzYUWECEBZBZ68u2TjNsfxmcxGGIY8FEgEBAQEpU2FbYQAAAAAA_eMAAA&S=AQAAAuVfRqi8Fc06oOfpbwRzyLg
.rutarget.ru/	1970-01-20 01:51:45	Name: userId Value: iq8zna5ZIAgT
.spotxchange.com/	1970-01-20 06:18:13	Name: audience Value: 02219d8f-1fa1-11ec-8e19-1ee5b9e10106
.advertising.com/	1970-01-20 06:19:36	Name: APID Value: UP022297f2-1fa1-11ec-a5a1-06f6161f24a4
.vtracy.de/	1970-01-19 23:42:13	Name: tr_id Value: vi-25096020-643e-404f-a0bc-b919da1fab1c
.vtracy.de/	1970-01-19 23:42:13	Name: tr_dt Value: 2021-09-27+16%3A41%3A32
.lijit.com/	1970-01-20 06:18:09	Name: ljt_reader Value: 99b702b97cd180b9613d832a
.sharethrough.com/	1970-01-20 06:18:09	Name: stx_user_id Value: 50e6e8bb-bd1a-44f4-b733-9edbee2b99c9
.1rx.io/	1970-01-20 06:18:09	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-cc76c41d-ce22-4396-a8d1-298410bfa19a-003%22%7D
cs.chocolateplatform.com/	1970-01-19 23:42:09	Name: choco_cookie Value: cp-89dc92752d30420c6226910c1a8be875
.targeting.unrulymedia.com/	1970-01-20 06:18:09	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-cc76c41d-ce22-4396-a8d1-298410bfa19a-003%22%7D
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP022297f2-1fa1-11ec-a5a1-06f6161f24a4
.adfarm1.adition.com/	1970-01-19 23:42:09	Name: UserID1 Value: 7012623713859270801
.ctnsnet.com/	1970-01-20 06:18:09	Name: cid Value: 38c6d1415e214fa9b1d7bffe5a56be6a
.vtracy.de/	1970-01-19 21:52:43	Name: tr_aasd_pm_dach Value: 2021-09-27+16%3A41%3A33
.vtracy.de/	1970-01-19 21:34:00	Name: tr_gsd_pm_dach Value: 2021-09-27+16%3A41%3A33
.adsrvr.org/	1970-01-20 06:18:09	Name: TDID Value: 91e5044f-5df7-4a65-b60c-01f76a9ed948
.3lift.com/	1970-01-19 23:42:09	Name: tluid Value: 16975163745238938111
.w55c.net/	1970-01-20 07:01:57	Name: wfivefivec Value: mDOhiT8T1MuROZ5
.bidswitch.net/	1970-01-20 06:18:09	Name: tuuid Value: 7aa71613-bf07-475b-830b-fb8bf3aa1327
.bidswitch.net/	1970-01-20 06:18:09	Name: c Value: 1632753693
.bidswitch.net/	1970-01-20 06:18:09	Name: tuuid_lu Value: 1632753693
.dyntrk.com/	1970-01-20 06:18:09	Name: dyn_u Value: 03030001_6151d81d3d851
.turn.com/	1970-01-20 01:51:45	Name: uid Value: 7706953746242638729
.quantserve.com/	1970-01-19 23:42:09	Name: d Value: EBABCQGsJIEA
ads.stickyadstv.com/	1970-01-19 22:15:45	Name: UID Value: 4f9675f5238f9f26abc26a9a693edefd
ads.stickyadstv.com/	1970-01-19 21:34:00	Name: uid-bp-159 Value: RETRY
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 7c20985e5b3fcb6ec8cf5928c742a1
.casalemedia.com/	1970-01-19 21:34:00	Name: CMST Value: YVHYHGFR2B0A
.smartadserver.com/	1970-01-20 07:02:48	Name: pid Value: 1634323103191879995
.adhigh.net/	1970-01-20 06:18:09	Name: gi_u Value: uteH8hrsUHZ.AikABlF8J7QyeA
.w55c.net/	1970-01-19 22:15:45	Name: matchgoogle Value: 5
.adform.net/	1970-01-19 22:15:45	Name: C Value: 1
.vtracy.de/	1970-01-19 21:52:43	Name: tr_ttdsd_pm_dach Value: 2021-09-27+16%3A41%3A33
.adform.net/	1970-01-19 22:58:57	Name: uid Value: 6282211392932163713
.rfihub.com/	1970-01-20 06:54:09	Name: smd Value: H4sIAAAAAAAAAOPiNTQzNjI3NTazNDYxMwcAD4nqaw8AAAA
.rfihub.com/	1970-01-20 06:54:09	Name: rud Value: H4sIAAAAAAAAAOMStjA2MDM1szS0NDIxMzA3tDA0MBPiM9RNMzOziC_2LCgKrDSU4jU0MzYyNzU2szQ2MTMDAO8dqWQ0AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMStjA2MDM1szS0NDIxMzA3tDA0MBPiM9RNMzOziC_2LCgKrDQEACisTR4lAAAA
.mathtag.com/	1970-01-20 06:58:28	Name: uuid Value: 4cf76151-d81d-4000-a512-e9d34669c5e6
.ads.avads.net/	1970-01-20 07:12:52	Name: av-mid Value: 3e59ee6f-75a7-428c-bf8f-8c6e2de2f41c
.ads.avads.net/	1970-01-19 21:52:43	Name: av-tp-gadx Value: 1
.m6r.eu/	1970-01-19 21:32:37	Name: test Value: true
.360yield.com/	1970-01-19 23:42:09	Name: tuuid Value: 4bb76910-dc3b-462b-92c7-9fed99afe07c
.360yield.com/	1970-01-19 23:42:09	Name: tuuid_lu Value: 1632753693
.rfihub.com/	1970-01-20 06:54:09	Name: eud Value: H4sIAAAAAAAAAONicjUO4jU0MzYyNzU2swQis1eMSHwTM3MAEcMOeyMAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAONicjUGAEAxo38EAAAA
.o2online.de/	1970-01-19 21:42:38	Name: webShopPV Value: ?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=25667676_4307561_314038599_146033397_-0&ref=25667676_4307561_314038599_146033397_-0
.analytics.yahoo.com/	1970-01-20 06:19:36	Name: IDSYNC Value: "18yl~20n2:1762~20n2:18wq~20n2"
.pubmatic.com/	1970-01-20 06:18:09	Name: KRTBCOOKIE_27 Value: 16735-uid:4cf76151-d81d-4000-a512-e9d34669c5e6&KRTB&16736-uid:4cf76151-d81d-4000-a512-e9d34669c5e6&KRTB&23019-uid:4cf76151-d81d-4000-a512-e9d34669c5e6&KRTB&23114-uid:4cf76151-d81d-4000-a512-e9d34669c5e6
.m6r.eu/	1970-01-19 23:42:09	Name: cct Value: 1632753693739
.m6r.eu/	1970-01-19 23:42:09	Name: id Value: b5cd7124e898e469897c0255bc04a84e
.volvelle.tech/	1970-01-20 06:18:09	Name: ouuid Value: 20ed1d6f-a0a1-4ef7-b6f9-d948c764f698
.volvelle.tech/	1970-01-20 06:18:09	Name: c Value: 1632753693
.volvelle.tech/	1970-01-20 06:18:09	Name: ouuid_lu Value: 1632753693
.pubmatic.com/	1970-01-19 22:15:45	Name: KRTBCOOKIE_391 Value: 22924-6282211392932163713&KRTB&23263-6282211392932163713
.yahoo.com/	1970-01-19 21:34:00	Name: APIDTS Value: 1632753694
.m6r.eu/	1970-01-19 21:34:00	Name: adx Value: 2021-09-27T14%3A41%3A34.167Z
.adsrvr.org/	1970-01-20 06:18:09	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwjEjLv33fOAOhAFGAEgASgCMgsIxIS-pPTzgDoQBTgBWghwdWJtYXRpY2AC
.tribalfusion.com/	1970-01-19 23:42:09	Name: ANON_ID Value: aTnsIHNj6WkCyhURALxZcJJDjb3w3Wli6plZc93gUTRW4nUjPoe13pSA6fCdRkChV1mEKkCV3a3WJb3jUVyAWExmSZa
.pubmatic.com/	1970-01-19 23:42:09	Name: KRTBCOOKIE_377 Value: 6810-91e5044f-5df7-4a65-b60c-01f76a9ed948&KRTB&22918-91e5044f-5df7-4a65-b60c-01f76a9ed948&KRTB&23031-91e5044f-5df7-4a65-b60c-01f76a9ed948
.pubmatic.com/	1970-01-19 22:15:45	Name: PugT Value: 1632753693
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:04:27	Name: bcookie Value: "v=2&5e53c968-3641-49e0-80dc-856617122f68"
.linkedin.com/	1970-01-20 14:56:50	Name: li_gc Value: MTswOzE2MzI3NTM2OTQ7MjswMjHo56lON8Yjs6Bft3y8TscXe6doy6mGhBzNygznAZrJ5g==
.linkedin.com/	1970-01-19 21:34:00	Name: lidc Value: "b=OGST00:s=O:r=O:a=O:p=O:g=2543:u=1:x=1:i=1632753694:t=1632840094:v=2:sig=AQEsHnblg_6WZKYu0EcFXVhIFdKlIvZY"
.hawtcelebs.com/	1970-01-20 15:03:45	Name: _ga Value: GA1.2.253180117.1632753691
.hawtcelebs.com/	1970-01-19 21:34:00	Name: _gid Value: GA1.2.11169151.1632753694
.hawtcelebs.com/	1970-01-19 21:32:33	Name: _gat_gtag_UA_10995097_8 Value: 1
.pubmatic.com/	1970-01-19 23:42:09	Name: SyncRTB3 Value: 1633910400%3A21_220_7_56_54
.dtscout.com/	1970-01-19 21:32:38	Name: m Value: 1
.dtscout.com/	1970-01-19 21:32:48	Name: oa Value: 1
.dtscout.com/	1970-01-19 23:56:33	Name: df Value: 1632753694
.pubmatic.com/	1970-01-19 23:42:09	Name: chkChromeAb67Sec Value: 7
.pubmatic.com/	1970-01-19 22:15:45	Name: SPugT Value: 1632753694
obs.cheqzone.com/	1970-01-20 05:36:24	Name: cg_uuid Value: 6fb408d511afd40acef4607dabd7d903
.udmserve.net/	1970-01-20 06:18:09	Name: udmts Value: 1632753695.0

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://www.hawtcelebs.com/ Message: Access to XMLHttpRequest at 'https://udmserve.net/udm/img.fetch?tid=1&dt=10&sid=%2347740&sizes=300x600&version=3.5V' from origin 'https://www.hawtcelebs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://udmserve.net/udm/img.fetch?tid=1&dt=10&sid=%2347740&sizes=300x600&version=3.5V Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.hawtcelebs.com/ Message: Access to XMLHttpRequest at 'https://udmserve.net/udm/img.fetch?tid=1&dt=10&sid=%2347740&sizes=300x600&version=3.5V' from origin 'https://www.hawtcelebs.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://udmserve.net/udm/img.fetch?tid=1&dt=10&sid=%2347740&sizes=300x600&version=3.5V Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://c1.adform.net/serving/cookie/match/?google_error=3 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=&google_hm=MTYzNDMyMzEwMzE5MTg3OTk5NQ%3D%3D Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.rfihub.com
a.tribalfusion.com
a.volvelle.tech
a99d3a05e24fc674724c664fd35e62eb.safeframe.googlesyndication.com
ad.turn.com
ade.googlesyndication.com
ads.avads.net
ads.stickyadstv.com
ads.travelaudience.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.demand.supply
assets.vlitag.com
audit-tcfv2.quantcast.mgr.consensu.org
b199.s79.research.de.com
b24.s79.research.de.com
b26.s79.research.de.com
bid.g.doubleclick.net
bid.underdog.media
c.eu1.dyntrk.com
c1.adform.net
cdn.jsdelivr.net
cdn.tynt.com
cm.g.doubleclick.net
cms.quantserve.com
code.createjs.com
cs.admanmedia.com
cs.chocolateplatform.com
cs.media.net
d5p.de17a.com
dclk-match.dotomi.com
de.tynt.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gcm.ctnsnet.com
google-sync.rutarget.ru
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
ib.adnxs.com
ic.tynt.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.outbrainimg.com
imagesrv.adition.com
imasdk.googleapis.com
inv-nets.admixer.net
live.demand.supply
lockerdome.com
log.outbrainimg.com
match.360yield.com
match.adsrvr.org
match.sharethrough.com
mcdp-nydc1.outbrain.com
mv.outbrain.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.quantserve.com
pm.w55c.net
portal.o2online.de
pr-bh.ybp.yahoo.com
px.adhigh.net
px.ads.linkedin.com
px.vliplatform.com
quantcast.mgr.consensu.org
red.vtracy.de
rtb-csync.smartadserver.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s.tribalfusion.com
s0.2mdn.net
s79.mxcdn.net
s79.research.de.com
secure-gg.imrworldwide.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
services.vlitag.com
simage2.pubmatic.com
ssp.adriver.ru
ssum-sec.casalemedia.com
stat.meetrics.net
static.adsafeprotected.com
stats.g.doubleclick.net
stats.vlitag.com
sync.1rx.io
sync.go.sonobi.com
sync.mathtag.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
t.dtscout.com
tag.vlitag.com
tags.w55c.net
tcheck.outbrainimg.com
test.quantcast.mgr.consensu.org
tpc.googlesyndication.com
tracking.m6r.eu
udmserve.net
ups.analytics.yahoo.com
us-u.openx.net
waust.at
whos.amung.us
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.google.se
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.hawtcelebs.com
x.bidswitch.net
ade.googlesyndication.com
cm.g.doubleclick.net
udmserve.net
104.111.242.245
104.154.142.214
104.16.88.26
13.248.245.213
135.125.160.160
136.243.3.132
136.243.6.97
142.250.185.130
142.250.185.98
142.250.74.194
143.204.98.117
143.204.98.71
146.0.227.109
148.251.247.207
151.101.114.132
158.69.139.225
172.217.16.130
178.162.133.149
18.185.166.223
18.194.125.59
185.29.134.244
185.33.221.90
185.33.223.178
185.64.189.110
185.64.189.114
185.64.189.115
185.64.189.216
185.64.190.80
185.86.137.110
185.94.180.125
193.0.160.128
193.122.128.135
193.232.148.158
2.18.232.28
2.18.233.67
2.18.234.190
2.18.234.21
2.18.234.233
2.18.235.93
2001:678:cb4:bbbb::11
213.155.156.167
213.19.147.44
216.52.2.19
217.79.188.11
2600:1f18:e8a:cd02:882c:d916:bae1:7722
2600:9000:2156:4000:5:c4ab:c3c0:93a1
2600:9000:2156:8400:9:46dc:4700:93a1
2600:9000:2156:aa00:3:a4cd:8380:93a1
2600:9000:2156:c400:6:44e3:f8c0:93a1
2600:9000:2156:de00:1b:5138:8a40:93a1
2606:4700:20::681a:507
2606:4700:20::681a:fee
2606:4700:21::681b:cf5c
2606:4700:3036::ac43:b893
2606:4700::6810:8616
2606:4700::6812:c05
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:119:50e1:101::6cae:b25
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:800::2002
2a00:1450:4001:80f::2006
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:830::2008
2a00:1450:4001:831::2001
2a00:1450:4001:831::200e
2a00:1450:400c:c01::9d
2a02:26f0:6c00::210:ba2b
2a02:fa8:8806:20::2010
2a04:4e42:200::485
3.126.175.244
3.126.56.137
3.127.92.82
3.212.141.148
3.64.197.25
34.253.22.126
34.98.64.218
35.186.193.173
35.186.253.211
35.190.0.66
35.205.207.25
35.210.178.101
35.212.101.174
37.157.2.236
5.9.116.173
5.9.119.17
51.178.20.140
52.59.115.28
54.218.137.60
54.72.219.124
54.93.133.131
67.202.105.31
67.202.105.32
67.202.114.216
68.71.249.118
70.42.32.95
72.251.244.142
74.125.140.154
76.223.111.131
80.64.106.147
81.222.128.215
82.113.101.132
85.114.159.118
88.214.206.142
0372e56e268f267324af013d400887d70337dc95d8297d655f783353aca80980
073e6dbcb7ab727a6f3c36c0610b14d9bf1eec9e46b126f06406d3cd928777f1
0882fe11baf5c777266a9ab3f14aa451432c7099158b2d69b3515ee5c8e66d4d
08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122
093439379cf420afc65fbd25b8dcdc9ae7129f57187cf732819d4347ed86937c
0a3b2e5bc2bb9d674168262d72eafe092af82b0aaf9e6e408c72f33b9f3b0d4b
0a5c20add80dfa892c8ce20c1185a664b9d9ba991c3b7281db96dab5178bfbf6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cea19fbf035b5f57283a32bc4f80e46b29a3d323808d516d8f4f6587978e7d7
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12a15db7a5c34cc8a15e26deac0105a2a811b6483ab4bcb296b13dc065b40eab
13ea7f4a7b8283c5b01e7e6041968caccffe5a7470720486557f9e64b22c56b3
13f97cda275bac9b47edb02fab633b26cf684bc014e42a8e0db563910cf51518
156a9e06b1c860a9e7965e2f0663a3529303ad2b26d580c4d67e81f81085d786
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1f7dfa73c25e5c5a7f25f0a384366d6b50521a8218bed6bf6c478fa25f52ddc3
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
2347066080fea31af55c7112dca5245ea3eea67df5f24f1daae09f0870fbce62
24a104ef6529cb9bbceaeca4e037ecf14d40db5207009ac23e8224703fa11bb8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
268d81a69a9e1910b84cf74017fba73517adac9e466f83ba8f264da82e07e74d
2732637b72f4b2c9b7f5abab9668e896f66f5bd1ac85e032076ec8c1d4cb1234
2776e4e9db86fcff8c0ee5c2e32d4555546b7373c9df7b3a5885a23e08970d36
289d6e0a0907342fcc661d9944f30ab735754993b96f13f5b59ef4f5269b40fd
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
298d56b5ca4823f5e3396f4237da6b3e9652b6319413eae6b45bb5936f47e0fd
29deb230247997384fd3a613a696c3fe84bfea1e4297ad88361e61df9986efab
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2e11eed405541c63b4127663e494782f1fb37938d37cbee78c595920ae666cf1
2e40c8ae725b404793dc7f2b06ef31e14f6e3b5abd22f8c2847c489069faf7a3
2e6efd624d873783da2a3a12b889585735b80a3dfc7da945f56a2829fb034206
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
311e59af2826f6512d4be9e3c4aab22fc5748c2c85ec695a2295408f013339f8
31370f14534e5bb78d3da68b6cf0e72369feea1bd68aaeac1b61d07094aa1deb
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
336f2b56b8e1ae7bba1c09a47c9b9da66df8b4aef33c747f2013999413be875c
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
34bbf0e68b1f0e040921b1bfa458fb3e60bac3ddc924bd27a196f4cfc240bfd2
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37bd89d0776acdb8565abd79559d140909e68570f7d74a6f0141d21aed4122f4
38354e6a0119fe113356e1506a115ca148a6b9ea22cf88136baa9167d6fde794
393ef9d3e7f2d1b35d3917d59ca863213bae26f3458b178102e8b3b5c304cb77
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3a682ad13e1535e4077c573179247c072d7891ad507c73b7466163562f6c2fa8
3a7ad5974f3d165d1a83149795afe792e241b0e6a41078c6e14bcecc5449934e
3accd9227386efc995a7cd597b450b6e05a3a8abb2378e2c0fd675b397e43477
3f424f04869cbd7dfb51997a5ed7faee6ca11305a62f7a0bdeef95537923e807
3fb97d885def86fd41321d28af35d249840980f04008add1b50c00fb33273045
4137e84913c8aca733ec3919a203554ab6e0029b7df14396ac67f1c5545c402e
41a55c175f841c63cd3170ff8f6977ed28cec9b48f174e45c4e216516f81b2e8
426c6e1a12fca5d2f5612310edf101043880d380c59593bd9a66d3d2c9252d05
4430ae2cc36cd010e6d34e53d48aba86b7cdf3a5f73010851d69395e583896ee
448daa705cc16f302bd65576425925a14e5d57480e07b0e955aff52c342bca1d
45e75e4f45e1e15bc43f5caeefbba3e174dd2fd06e4863ba6e0c45fede74fd81
45f430d67ba90a304fd278fae7f78d77afe21adec2deda9cc2bb835049a3add7
45fe766308841d0d4a2068ef014d83df899ef6623f6bb4bde509431657b1c707
468c50db12596d6432fa396a0c544b27965c30b4a2bad3604affc31b605813b9
4693c66e64ca5e3b4ffbd032ca365748a1b5c3cc479a09a66dffcfbe09075846
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
497cb4889512202d42b3a200f4a395616c00c8db7e6600f33ffd9c0d259d078d
4db407c6fe9734e39c440b08ace7fe8d289b8f6fb55813ee7bdadf839dc1de04
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e98915145910070b67d618a37269dfb766e0b648809a9cbd4127b6fc913de7b
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50064f4d6cf4f7b27b8074fe2c207fdf9b4c5304bf655b901df4b73c29a7ab81
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5061e86a233a27f7c767268b3ebf6de658f0ee8ef927741e92de944a1cda0e5d
51bc4eb2bea64e38233e655847ba31f46ae143de44733f01962496a022dbdd20
5266ea4b95b69b9796211ab032637d59602f9327174a375a83950955f784feec
52acc0a283dae0496a4f6c7b177183a61acaea196ab508be721035445353486e
52c41152c7916b4cf3b3a90f790faa0ba7f746603671e286531bc50407d844ca
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55733cc8cd5158bdbee67dd1568b171c11a33898afd3905a5af9de989ab56235
5744126a7056f41d4638499af797ed38a9ca21621e913946e650a13da344d3cc
57b7f2b2bcdd983268775ebc6ee71d208510b285d79dd058f2717248079c59d1
580cfe9f2689bbdb95454abc36cc61b171ad5d5896c2fee5578b0fdea3f64aa0
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
593749616eb756ecdc0a3dc3d15a082830c121ddc2c4be784798fe1842403131
59dc243faa696cc2d9f9c40fba6952bfa5f2070f8b7a6102dd4521a476f2c750
5a7b90faf0a9280034abf971c9572543a1da7485dc2e7baf81573ddeb0c2b50e
5ad53818aa2b75dca2983ebb3e95a06d65d9e167a352a70b0e5e497b2e09b1c8
5bc36f1c001b69c9ae67c35a9c30d1482abc7053a889d0acc2d6a37a0260bd1e
5db53bf6a77148dae0aece6b6512e4a6bf94603af72e449a0f23ed03e8b96ff3
5de6fc9ba07435e00530686b3381d7fece4e283c43eca5d1d8ae5d0b5e2501ad
5fb3bdb7f966c852579fb6b0574517445d5b2d171c804d66227ee67b1bffca9c
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60e19c098c974311188db471cb03472950033c6bd1f3a92e8992f2b0be5e2381
60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13
63cba83244b405645a3f5cd0371cec21c71e6017e00b5d5d272b934b5e217bd6
64ebc942a8912bf4ef18e6ccce68cb0305f42f10b1cfc249d4afdb712bc2f738
686d0a5edd33157db3570e0449b881221b4ce768a8dca7f48335b37ea273f704
696a55b65b8a40bcfb32fed05dc7aee46aa3b8b70e8109edf26bb5bf3575450b
6a3bfcd4d926995d351653d6351619955ab345b3de04a848bc99e1648a4ca8eb
6a9f4a4cc23bbe232be7f4ca796c9cf6f5edeabb85c1332a077df626c084cf4e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d22a727dcf93cbaf4b41b20e8aad37d984e7c6ee1bfb467d20a30777809e4c8
6e0f26739c23b45264b05b0fb95fbcfca7c10564a7a22430299a6023e1092de4
6e96232396e871629bd7e1448580fb59675f654184b8d7d1c0a1e1e5b53335bf
6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9
7071be3d22d9b3eb0b2ae2c200ab63c42b999ad93553bba9eca53c352adc613e
709a05838a7d849daa97913135fa8982cc5d98ec1ef585f37724abaa3539c8fa
70b2d75b457ce831a3fd0517187e7bf885c9c9f654419e6e01c2dd393de57412
71bd2c00a8e0d92f57751d493e0fb95b85dea5f27724d768b02da77b02051cbd
7209ee1f07bc381f248596d89634228e89acdf8c9ec91d2bedf18212baff24e2
7289837e876c7bbbf1afc71abc4c5383e7f56692abeaa0a72b82e4e721ceba26
747e8f5454d77ac3ee2339c3490cb7b805d59d7fedd4cc0682ae6ed9c33b7d25
751dcf9dcab28e7704b6c2b25d6288581f8a45af878fd628135cec03d8112eed
75f23ec04ffa43fdcfe4536d56ee5eddd7bbd0859f963076acaeda9cc44ae51b
76463ed3dda1b42bf09918e5a314970cd18d9d315033459b9eb3178d01438158
79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e
7b80ea1942718b266e2972df6f71bac32c46737bc8663effd79921072b32fe85
7bbbc72c2dc2c07006eccfda42c0577105306cf65bf88ca7ac66c92f1646e840
7c2668897ee1ff467d51ff41483a4aa80789c359aa49dd42fa7cde0e3609b95c
7fbc6a2f2345ad73cd7fb1dda09a6cd7d9d4a5bded9425f4d9d9a052b0d4a17d
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
811e2475ac8be5f8d9d8745143e433b0a5a50495c481edc310b2ff5dd9ce1676
821e2efd660f6b759d561cd5cd194670e51ecebcbc06055cdcbebcd91ec94a56
830527b04ff3e5ae7d8f62ecb5f1aa2ece85a7a741b332051561787b52ddffcf
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83aea769e65cb35558f48554b4cf703fdb85b58dfc499fe6aad2bac29dc429f5
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
8535c4a8bfea8717b1817f396f8aa2bf19aafb01dd744e6918279c5db05c55e3
853aa1271cc55ec218acc3290e6565e6921917cb1cf2317a6c7cff71cb77b386
867e8c0f65910529d214a22ff58f5ad38158e1c104cc1706c94d5f4d3780944c
87fbd84036e0e67d8aa06d1f5e4a68f0539e4c6072a8ad77ce7e661bd6a43d1f
8943b798efddc7a5ee242732dd0cb2f7f4d5c59417a97b3da42eae595bddf270
897f1edcb65fbf5273c28473b788e2825f13e5daf8582231b71b0e340a37f638
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bd8b4ab751d7e1cf0a74d1813c61e932f283210339e7fe479ba95a4bb5d9a16
8c7ee0238fa5cd80a02ef9870a7fff498ef52097181cb73edb9219dc022fd919
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e19a73579bf01626c864d7bee4293bd9470c5b6dbfd4e1bfbf30dd687d744ac
8e2a11dd5fcbfb61624801ca856d9f2e48e9bf03516832b7395533ce2e1eeef3
8fe838a387aa778e1645a242d4c439488b478814e74af738a57dbd59fd9df315
9301278aba09e63cfe43632e3b8d61ca48ca0d1e609927850749b2d5f983349b
9377f626aea1542cfd2e097180c64017208cba6d3dc9bfdf6ecdb879fdde168e
94a1096d4ddd1232128b8a52859680031fd1aa9df3bec2a6e25e7cf4ffd95282
956db4acb11c9ae376e6c74f836773456c5f9791a2586f37cfc7eb68ab669409
97016650e66d70978297cd8248c774a986d27cc5632eae9e52a2c50de31ab219
9811ce504e57c4b76716bfdea4fbe630bbdcc9837362f100dc06bb2797c4a3fe
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aad258d7ae786e4d2a193d178f200cd47b82bf7bcbd76ee1b94a226a1d8725a
9b55818d41d9ba020320cafa3a1a19a3877d8545bcd45cb10ed5fadeba3c6b35
9bc5c2bd49e05776425cc97a2b1b72605e66696af6a30d9ab06e07dcff7fdc90
9bfdfd59ccdf43121deb42a194f4166f89db2f816466744a37ce89bc558a4628
9c5401b5a7e3446228d9795e81215d74c7def3f774580cc9bd85ab07716028aa
9d58dd4dd0fd612f915b5a9e63f55c3a300032204d38b0eab2e330c84a38423c
9da9ad3761cffd8f2aa78c1a32e970a88723c028e707f1632d53159b66a1c037
9f5ef1a821e915318035418c14c515243c9321543fab8cb45fb6f547edb0bd96
9fdf19f5563f7ef15451864d365576d75e82c06566369f4a2fd149448e604711
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a28b8fde60e59180a82647be7475759d416cbbab33e8da8742bd7e11f36e2d82
a3a04fe9f8fa57a2f381e245aa4f102e3f2d8f10f7447355d81e2c16511e01a1
a40dcd59c23d9ed6f0fbaeefeb57c78543b487ad93c49f5f74b89dd85b0ea278
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a69271c7437bd4e6d32add08254b9b0170238186e84bf42c6b22daf6c7830717
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a87a83413c28984b0877643c9cb1b55d67002186d685c76cf2168ec8089de735
a8b3143de04f77d3743ca3d94a0b4c462e9178b2a65ffb119d2d6f88aea95a6a
aa5bf6f5ab011dd415825f4de61175938a46803fd3daa6e473dffbdf9478abcb
ac04af14591f59be711b015d623154f3cd61eab114e9ee33563a2b30d55202eb
aca80773b7eab4eccd26614ab3313abf331213f82be70cc38c4fa86cc831f749
ade00623053479123bc87a18900ed75320e4b0ac9239ef15ca4e4b8a2f295cf3
af0d6570462dee3c3937e8694b2ee98ea78313219976105080e94680c29769ad
afc87e4d91efff4a8f548bfbfa77d13a8632bd3684f17f08f5bdf7bdeeaaf411
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b234cfda107f411491f5d69483091b41edc43fd241cb46a908e21024c3a57938
b41e03561fcd66267e40478b43dfc163e850387b636883e84aa4c8947bf273a5
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b60d50a83cec93bcbec072b1485c0436f93de086b4f481ee374ccfea478dbf29
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b6ad0f29ac94970678ee9f0c07a97a03206aef022753dd840ae7c040db2edca8
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
b840bc2d7c32af2aee17606765eaef19e15d054479d251e481e51eafb1a37f81
b988618d788eef8dc0a561e9d45aacb95b3659aa23e3caca79f24d8221982d1d
b9afcfbb516d061286018b9b082f0772b06d4d724355cbee19bce9e5f4af1ce3
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb67ac3e8bd32b276192fb09c1d7726103a5f85cb5680d47e2694040081dab4b
bbcfd992c012bb3ec3f8291677fa0f6d700a1b27504f6467f3931c646238f70f
bcb80c86da267703311d2eeb3bdb5af0dedf63589d7d6eee4ed81f4bad7537f6
bdd1579c84daab8cdd1e5a4f71b546c9eaa6a76418f83e0215c573523614c309
bee4c3ddceefb6558b86e3d6bbe40326f6d67e1b0b535eb6949d570e7630d82d
bf7d8d24d874742f4f15fb06654601a7ae41aa46b289c3d1977817ea258c7d91
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c2918d0edea50f453e2143087cb6f5b232a6fef8b687e228496629f0739fc809
c3c89d5295be3c6415416b83a9e4c0fc67a790e55713ddc3f2d0c07185779acf
c63c68c8c4a9f6efa028bdec6e1e2f2675e70ca00bc0b3891bba2385b58c2191
c6b6518709df601ec8bcf6f5bca431a0ae4256909395934eaba9fffb5c5aedc4
c823a8c62ce53897a22dbea1f0919194df317aec4943d199020a7b3ee316285d
c87c8abe303c3939c1db99459f44dc23bd79b71be0c9f7af139924e7fd261643
c8ae7bdfd850dd450851915e0d58b0a8b0956ae5fb9055ba0165a26010e12d00
c8b2ed98ef1667652996845a1fb2fca65bd11fdca0bc53a7e7d6ad0e9e51be49
c9d50edae9ab89f8373214510b01eb50f60e16bd5e71328173962c0e13b31c07
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ccda4fe8fb72043c2135a75c682b4ff5069734b101b800cb7fbba4a3f5a1824d
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf45bc6e2a70366857af3a8c7e18d2fda5d2d4198073030ba0fc8401e1a3208d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d21c40f02ef72b74fefeffd2b3664bbfadd4722974a4f092f613433a7e39e284
d23c2cd600a4c9df2226698e97cdae7e216295458c0d61e2b64e04b2f2e56adc
d2dfcdea820795a3033a2182ec2a6518612c04c6addc51e2fa616b280d9e9aca
d4e89432e01fa3882f7afd886f4d3f60b1c4c63013700126f44b1fdeace470b6
d64c84e681853cafa6cc6013dc532f12ae1054a6d561417e7c89d769fd42dfc8
d8144ce2cd5918de3beabc8fd113ab560103033fae3956e093b688cda5732a50
da6ad3edbe3f16089eb6ed4cb0355031c2ca1d19ab3bef349c0d5ddbeadc3f5b
dab7c20eec6b08ebf45d87bb9b5a7d74589bec3130a09c7365372325f9f2af12
dafea843f461ff0e7c9f328cb4c2aaef2ac9fb2437deb0b151e44c59b19ef1aa
db246a19437446ef17f4f45766deac36198aed592c8a3c6a8a6b780d852d57c4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dee525e0e65ecf117f8dcc0a45e64ef4eb1d0ebbcc926fa7c817f591f5ec8f1c
df08c4ff59620e89c3b36f1968bd2dfe63fe3a99ddcf3a3071397eec62a734d4
e0dcc44d0d45a79942a50f0a78ee69e380cbcd8d6c02316c2af886dc634c8997
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e4cbdd1a94705900363b58e97da4c17262ab388e028de80a507cbd1dab045b39
e5322366c3830a97456895d4393281e7abd3e243379d234b289ea3379e5ceea5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6218b18c06deda58406f88ef17ec37989aadb616587ea31bdefb774d6fa032a
e69c37fdfb938853b195b56b6e47e215c275fc85f28be01017e9074fb38be736
e73d3b1d5d0310f9cf2a2e6edca7b52de355505e19a74794004e7654319fbc68
e95015e979a80102c2ca35fd0d302a3d72fe378e46babe201e2219d41fab8658
e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91
e9fc1444b589f6bce31440a89d61ad2d08bedebf9692bc1623ac7e570a035d7c
ec1293462e3633ffb0090e22474b0a0dab27511cd56737ec5ffa525253e1b9f0
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ee875ee2f0efbdb309d79115b758e972811b878dc057dba70a7021407702c8c1
ee9bcf40869defb2ba36f0398aafcdbe1c82715317c76a2fad2e8ae0a74f2225
eea89623b927ab32676a6ebe2196a1a88a8fe22633a808c428a3a439967a2255
ef173d3f79f54261a07ace9a0a6b66d95528a8f80b2fcc54cfe875b90a8ca090
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f28138f767c381797d7db85b6275e12928a427f1c6e71fe84179db520efc0f6d
f3104d96908d7c2e43aaea23643467a97d3485579425fa19b4a19cd2a0dde0bb
f3709741bd1396fbbf1e65206dd74ae69151af7fd1597f7b6f14c5239fbf5cc4
f5304869a38f42eac3b02e3d2fec84206b34a3972a3d96defec167ae2cd28799
f5378474e9a30594d2fa154c4a0cebdd3cbf903eba394f7b710f4ac26d40076f
f679035b4527b8f560e0bc22c14208b16d4018c565c043edc2dba193b645a55c
f78c652ecbe9a2342b0e0191bfc72a04c789231ef732c1bbc53418b6407334b8
fa3d7e10ba5df323a1736d7a2bdac9a927269aa99e3bb2897055fdad23d7368e
fb4250c2daa318772d0ba93aa50f7ebff75e6d72acb31be1d2f67454085de7b4
fc7add01ea1ad0ee504541fec6002fbfc220931c9bd13cdbc1c25699aaf51821
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe699c2035f62c7c0253d7d4e063aa2c85f544b61c59e5e8adb0dffc52bcc6e1
fe90cfc533c7ded21980055d47d598dd3bf7b6c22bfa8b7917f514c628a49a95
ff53edb2cfc88f849504a12cf0ec31bbbe0694eee9399847378391c8743db80a

www.hawtcelebs.com Open in urlscan Pro 2606:4700:3036::ac43:b893 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

573 Requests

99 %HTTPS

31 %IPv6

81 Domains

127 Subdomains

95 IPs

14 Countries

7869 kBTransfer

15120 kBSize

104 Cookies

8 Outgoing links

Page URL History

Redirected requests

573 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.hawtcelebs.com Open in urlscan Pro
2606:4700:3036::ac43:b893 Public Scan

Screenshot
Live screenshot

Full Image

573
Requests

99 %
HTTPS

31 %
IPv6

81
Domains

127
Subdomains

95
IPs

14
Countries

7869 kB
Transfer

15120 kB
Size

104
Cookies

573 HTTP transactions
9 data transactions